Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F10A686A1C5911F19EC7B995DAE4EC9C.roa
File: F10A686A1C5911F19EC7B995DAE4EC9C.roa (raw, json)
Hash identifier: Oih3DvKVSkVyeF3YMHbq7ujdRp2M901+LZ/VX+0lTlM=
Subject key identifier: 82:70:2F:A8:B2:FE:AF:32:FC:02:25:7A:37:01:48:A9:74:90:6C:31
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BEA9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F10A686A1C5911F19EC7B995DAE4EC9C.roa
Signing time: Tue 10 Mar 2026 08:20:05 +0000
ROA not before: Tue 10 Mar 2026 08:20:00 +0000
ROA not after: Sun 05 Apr 2026 08:20:00 +0000
asID: 17497
IP address blocks: 154.196.142.0/24 maxlen: 24
154.196.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 14 Mar 2026 00:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114345 (0x1bea9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 10 08:20:00 2026 GMT
Not After : Apr 5 08:20:00 2026 GMT
Subject: CN=69afd435-da46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f8:4a:52:1a:a2:dc:a2:14:09:7f:0e:7f:12:
f5:c1:09:5e:f2:c0:45:6f:f3:08:8a:d9:65:11:ca:
21:da:31:26:83:d0:df:b3:a2:39:7b:57:bc:98:1d:
cb:c5:8a:f2:91:23:ff:c1:97:23:40:4b:cd:7f:bf:
38:99:5b:32:62:40:07:7f:25:af:8c:7d:79:2b:9e:
62:9f:2a:ed:55:ea:fb:f8:8f:f6:e3:4d:3f:cf:6b:
13:77:2f:2d:d6:71:ec:34:37:8f:e5:0c:17:4f:4d:
42:c1:f1:4e:62:72:3b:55:2e:29:63:2a:db:38:bc:
46:82:7c:4d:62:45:96:d7:c1:1b:e9:6a:10:b9:21:
66:2b:72:97:da:6d:55:bf:4d:63:72:0c:c9:12:dd:
f5:2b:0a:51:6d:b1:af:a0:4d:bd:e0:93:0b:43:26:
2b:c2:e5:e2:5f:16:57:cc:6c:9c:70:89:c4:94:ec:
f4:53:c4:80:f5:45:99:3a:54:0a:e0:19:7b:4b:e1:
9e:52:84:3f:46:a8:4f:12:13:31:21:7e:11:c1:a1:
06:a7:84:cf:ee:54:36:86:68:9a:23:06:f6:95:02:
ec:88:39:74:40:a9:d3:a4:88:f8:85:94:25:20:6a:
2b:a4:4e:1a:7f:2a:4d:c9:5f:b6:27:ec:af:bd:f2:
2c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:70:2F:A8:B2:FE:AF:32:FC:02:25:7A:37:01:48:A9:74:90:6C:31
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F10A686A1C5911F19EC7B995DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.142.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:98:98:9c:91:c3:4b:32:78:70:24:0b:84:95:32:e7:39:a4:
3c:69:c6:77:b0:e9:33:48:67:57:1e:f5:d7:3a:69:d0:85:ea:
a6:3a:db:4e:4d:a9:b6:c1:86:03:f9:90:29:b8:1c:b5:72:2c:
f9:de:9f:33:c3:f3:6e:60:3d:cc:2d:4a:b0:b5:6c:61:02:ec:
a8:e5:ec:5f:59:cc:a9:c5:ed:c8:70:81:3a:da:ee:f0:89:d4:
80:8f:54:c5:92:78:c6:6d:82:86:66:16:0d:37:8d:10:07:b1:
7a:90:4e:69:a0:df:11:94:9e:74:75:06:94:8f:67:28:d0:b9:
48:b2:7f:7c:de:99:7d:2c:dd:1d:9d:59:30:d1:6c:01:78:46:
34:7b:52:ab:ce:16:0f:d5:fd:98:ba:6e:1d:bf:55:72:19:02:
d4:3b:04:e9:9b:77:aa:ab:9b:5c:c8:e5:93:9c:3d:60:b8:be:
39:bb:c4:81:33:a4:7c:c4:91:db:1d:3d:ba:31:f6:a1:c9:7c:
c2:40:88:e7:cf:b4:41:e0:48:4b:b8:2c:cc:69:48:52:39:0a:
16:42:67:7f:f2:d8:a6:f1:65:ed:22:f1:a2:5b:1e:c4:81:5e:
f6:d0:49:20:ce:1a:0b:33:4f:30:e3:74:66:cf:d9:6d:f1:e4:
4d:69:e6:45
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb6pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEwMDgyMDAwWhcNMjYwNDA1MDgyMDAwWjAYMRYw
FAYDVQQDEw02OWFmZDQzNS1kYTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwvhKUhqi3KIUCX8OfxL1wQle8sBFb/MIitllEcoh2jEmg9Dfs6I5e1e8
mB3LxYrykSP/wZcjQEvNf784mVsyYkAHfyWvjH15K55inyrtVer7+I/2400/z2sT
dy8t1nHsNDeP5QwXT01CwfFOYnI7VS4pYyrbOLxGgnxNYkWW18Eb6WoQuSFmK3KX
2m1Vv01jcgzJEt31KwpRbbGvoE294JMLQyYrwuXiXxZXzGyccInElOz0U8SA9UWZ
OlQK4Bl7S+GeUoQ/RqhPEhMxIX4RwaEGp4TP7lQ2hmiaIwb2lQLsiDl0QKnTpIj4
hZQlIGorpE4afypNyV+2J+yvvfIsNwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIJw
L6iy/q8y/AIlejcBSKl0kGwxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMTBBNjg2QTFDNTkxMUYxOUVDN0I5OTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsSOMA0GCSqGSIb3DQEB
CwUAA4IBAQC7mJickcNLMnhwJAuElTLnOaQ8acZ3sOkzSGdXHvXXOmnQheqmOttO
Tam2wYYD+ZApuBy1ciz53p8zw/NuYD3MLUqwtWxhAuyo5exfWcypxe3IcIE62u7w
idSAj1TFknjGbYKGZhYNN40QB7F6kE5poN8RlJ50dQaUj2co0LlIsn983pl9LN0d
nVkw0WwBeEY0e1KrzhYP1f2Yum4dv1VyGQLUOwTpm3eqq5tcyOWTnD1guL45u8SB
M6R8xJHbHT26MfahyXzCQIjnz7RB4EhLuCzMaUhSOQoWQmd/8tim8WXtIvGiWx7E
gV720EkgzhoLM08w43Rmz9lt8eRNaeZF
-----END CERTIFICATE-----
Generated at Thu Mar 12 09:28:17 2026 by rpki-client