Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED8F0FB421E111F1A4A049DDDAE4EC9C.roa
File: ED8F0FB421E111F1A4A049DDDAE4EC9C.roa (raw, json)
Hash identifier: vXp43/SzUmk6JF+fhmfeLWlSX6gf1zhwCehxz3fV5Tg=
Subject key identifier: 23:55:D2:1F:17:31:9A:BC:BF:D3:32:75:E7:AE:B5:5D:BD:4A:3C:1F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF93
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED8F0FB421E111F1A4A049DDDAE4EC9C.roa
Signing time: Tue 17 Mar 2026 09:16:07 +0000
ROA not before: Tue 17 Mar 2026 09:16:01 +0000
ROA not after: Sun 21 Jun 2026 09:16:01 +0000
asID: 209242
IP address blocks: 154.198.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114579 (0x1bf93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 17 09:16:01 2026 GMT
Not After : Jun 21 09:16:01 2026 GMT
Subject: CN=69b91bd7-c02c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:26:52:30:d2:e5:04:90:cc:60:61:c3:9c:5b:
07:09:81:15:2c:7a:c7:82:33:57:4c:34:38:ad:3e:
2a:95:21:b2:08:ae:2c:80:66:ce:1c:75:af:a8:11:
8f:d7:30:db:ee:b7:47:a3:fb:aa:5a:24:ef:f9:ed:
22:0d:90:5d:40:ec:88:12:a5:eb:f7:df:3d:e3:4a:
b8:fd:29:ab:eb:bf:f9:94:40:c2:e9:46:38:7c:1e:
39:f1:63:a8:c1:df:d3:62:3a:2a:a8:c1:dc:ae:14:
46:fe:59:f5:3f:c3:27:09:fc:ed:32:17:2d:41:95:
36:ee:94:a3:b1:8c:04:40:c6:af:9f:57:88:ad:01:
2b:a0:ff:c2:2c:ed:70:84:0e:34:eb:45:6b:f5:5d:
04:b5:9d:ff:d5:56:6c:cb:51:7c:30:91:e4:24:47:
ef:76:48:36:33:07:41:af:6a:7e:ff:87:bf:e7:76:
3d:23:05:89:40:27:24:ed:b3:52:d5:98:45:93:9e:
82:75:c6:79:2b:a7:49:7f:d0:03:aa:b9:2f:4d:ea:
2b:33:2e:8e:51:0e:5b:71:49:3c:62:20:e9:05:49:
9d:31:7d:64:5f:fe:77:60:e1:9d:77:c3:49:ce:53:
4c:be:08:f3:f9:8c:03:83:ce:3d:61:48:49:32:1c:
bc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:55:D2:1F:17:31:9A:BC:BF:D3:32:75:E7:AE:B5:5D:BD:4A:3C:1F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED8F0FB421E111F1A4A049DDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.173.0/24
Signature Algorithm: sha256WithRSAEncryption
26:11:51:e2:02:e6:21:4b:be:aa:b5:39:6b:32:2f:4d:06:4b:
61:34:21:e4:74:f0:bb:ee:82:12:e1:56:9f:08:b6:f4:37:b4:
79:39:21:5e:b6:f6:aa:57:a4:2c:68:21:b7:a7:df:bd:60:e9:
d6:e3:e5:c1:d1:bb:2c:9b:5a:a3:07:85:72:6d:15:4d:49:a1:
b9:22:e6:a3:27:f1:bb:64:84:41:9f:2b:a9:70:cf:3c:ce:8d:
1b:fa:0e:d7:15:62:3d:d8:98:79:06:e5:c2:77:ba:d9:5f:3a:
23:7c:de:6d:d6:7e:36:89:4a:29:41:dc:c1:b4:e3:25:2f:ea:
ef:29:3d:5e:a7:bb:01:d1:71:cc:66:bb:b3:ce:ed:1f:18:42:
48:c8:60:3d:a0:77:01:da:1f:fe:39:28:be:7a:e9:72:f4:1d:
9f:9a:50:5a:1f:8c:16:3c:8f:80:dc:db:58:cb:67:5d:55:52:
fa:fe:8b:ac:ca:df:57:3d:8a:c1:e8:71:cf:45:2e:f7:6c:07:
5c:19:88:bd:8d:7c:f0:c8:81:f5:17:9f:85:9f:f9:ca:df:a5:
dd:f6:f5:0f:c4:32:c6:b6:cf:1e:35:b7:64:0a:21:c3:c3:27:
d9:3b:e4:b1:9d:91:da:33:40:ef:6b:2f:87:ae:c6:72:bd:19:
a4:6c:68:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb+TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE3MDkxNjAxWhcNMjYwNjIxMDkxNjAxWjAYMRYw
FAYDVQQDEw02OWI5MWJkNy1jMDJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvCZSMNLlBJDMYGHDnFsHCYEVLHrHgjNXTDQ4rT4qlSGyCK4sgGbOHHWv
qBGP1zDb7rdHo/uqWiTv+e0iDZBdQOyIEqXr998940q4/Smr67/5lEDC6UY4fB45
8WOowd/TYjoqqMHcrhRG/ln1P8MnCfztMhctQZU27pSjsYwEQMavn1eIrQEroP/C
LO1whA4060Vr9V0EtZ3/1VZsy1F8MJHkJEfvdkg2MwdBr2p+/4e/53Y9IwWJQCck
7bNS1ZhFk56CdcZ5K6dJf9ADqrkvTeorMy6OUQ5bcUk8YiDpBUmdMX1kX/53YOGd
d8NJzlNMvgjz+YwDg849YUhJMhy8fQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCNV
0h8XMZq8v9MydeeutV29SjwfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRDhGMEZCNDIxRTExMUYxQTRBMDQ5REREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsatMA0GCSqGSIb3DQEB
CwUAA4IBAQAmEVHiAuYhS76qtTlrMi9NBkthNCHkdPC77oIS4VafCLb0N7R5OSFe
tvaqV6QsaCG3p9+9YOnW4+XB0bssm1qjB4VybRVNSaG5IuajJ/G7ZIRBnyupcM88
zo0b+g7XFWI92Jh5BuXCd7rZXzojfN5t1n42iUopQdzBtOMlL+rvKT1ep7sB0XHM
Zruzzu0fGEJIyGA9oHcB2h/+OSi+euly9B2fmlBaH4wWPI+A3NtYy2ddVVL6/ous
yt9XPYrB6HHPRS73bAdcGYi9jXzwyIH1F5+Fn/nK36Xd9vUPxDLGts8eNbdkCiHD
wyfZO+SxnZHaM0Dvay+HrsZyvRmkbGiG
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:20:36 2026 by rpki-client