Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA35E0B0237811F1839A49A4DAE4EC9C.roa
File: FA35E0B0237811F1839A49A4DAE4EC9C.roa (raw, json)
Hash identifier: KK6S0r1FNdgqBoUiyQJ6d5EI04qi7ONe72iJPnKnYPc=
Subject key identifier: DE:AB:29:60:C0:A8:31:E3:89:9B:B8:5B:85:D5:4C:70:74:8E:64:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BFD3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA35E0B0237811F1839A49A4DAE4EC9C.roa
Signing time: Thu 19 Mar 2026 09:49:53 +0000
ROA not before: Thu 19 Mar 2026 09:49:47 +0000
ROA not after: Fri 24 Apr 2026 09:49:47 +0000
asID: 153706
IP address blocks: 154.89.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114643 (0x1bfd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 19 09:49:47 2026 GMT
Not After : Apr 24 09:49:47 2026 GMT
Subject: CN=69bbc6c1-7a08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c0:9b:9b:68:21:69:a2:7c:70:b0:e3:e9:cf:
df:45:78:a4:a7:76:0c:5b:69:60:2a:8b:3b:8d:b1:
18:8f:94:ae:25:81:f6:3a:ca:59:27:27:62:c1:9a:
3a:f1:f1:bb:50:a8:75:34:6b:f4:fc:2d:db:43:2a:
1f:e9:44:6d:f9:cb:27:21:f3:55:98:55:47:4a:93:
f4:40:46:2f:ab:47:c6:03:09:c6:e7:da:00:09:3a:
5f:86:f8:f7:57:f4:b1:b7:88:0b:51:92:33:11:6c:
dd:73:9c:d2:94:89:a0:5d:aa:83:e1:e2:c9:70:b9:
98:a9:35:9c:96:b4:e6:f9:4d:0d:46:74:24:32:f5:
2e:1f:a7:59:0d:29:6d:23:aa:f5:65:53:4e:9f:92:
f0:6e:27:27:dc:ae:92:65:68:73:0c:8e:b2:f7:8d:
fc:bd:ca:02:78:90:1b:d0:73:f7:c2:66:cc:1f:cb:
3a:45:09:8b:99:3c:fa:b9:ab:a5:58:44:de:d0:9c:
ee:cd:e8:34:7e:8d:ef:0f:24:47:88:1d:40:6c:e2:
66:11:a0:28:ea:d6:e8:7e:c3:2d:ff:ec:e4:b5:88:
2c:15:cd:6b:54:dc:fa:b0:c4:b9:cc:35:ee:19:37:
6c:44:9e:fa:20:d1:23:72:f6:f1:5d:0c:95:86:7a:
79:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AB:29:60:C0:A8:31:E3:89:9B:B8:5B:85:D5:4C:70:74:8E:64:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA35E0B0237811F1839A49A4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.194.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ba:c3:25:8b:b2:8c:2c:4e:1c:51:7c:91:17:7e:55:2f:7b:
2a:a2:1f:48:3f:f1:1e:aa:61:40:62:b3:d2:da:dc:aa:4a:b3:
59:85:f7:da:f0:7e:18:71:3d:ef:db:a1:6e:49:5c:da:bb:5b:
0f:80:4b:6d:29:70:88:59:52:0d:f0:99:f3:5b:51:96:12:6e:
7c:e1:e8:01:77:cc:0b:bb:86:b9:2e:1f:f0:a0:e7:0c:fa:1d:
55:27:f8:a1:a0:ec:d3:26:39:90:49:2f:be:71:6c:e5:f0:72:
f9:9f:46:c6:93:43:c4:03:5b:cd:db:0b:2a:bb:0c:f2:98:d1:
a0:5e:c8:1c:ae:e0:f2:46:27:40:f7:45:e4:a7:6b:21:da:db:
f7:5b:b0:7b:8a:8c:9f:79:4c:49:3b:f4:d3:e2:fb:59:fc:76:
af:c8:11:00:d2:0a:94:96:fa:94:15:d9:3c:d6:bb:6c:38:57:
4a:5c:ec:1a:91:e5:e2:0e:45:19:2a:97:e3:90:d6:00:42:90:
04:7a:e0:00:2b:1f:b6:c8:6b:c8:f9:49:ae:05:d7:f9:6e:68:
02:1b:31:fb:71:37:93:0a:79:a3:a6:e8:67:16:c3:23:fb:0c:
b1:78:ab:57:6a:c9:87:dd:55:0d:35:e0:ab:0d:ce:7a:dd:b3:
f2:37:8e:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb/TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE5MDk0OTQ3WhcNMjYwNDI0MDk0OTQ3WjAYMRYw
FAYDVQQDEw02OWJiYzZjMS03YTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzcCbm2ghaaJ8cLDj6c/fRXikp3YMW2lgKos7jbEYj5SuJYH2OspZJydi
wZo68fG7UKh1NGv0/C3bQyof6URt+csnIfNVmFVHSpP0QEYvq0fGAwnG59oACTpf
hvj3V/Sxt4gLUZIzEWzdc5zSlImgXaqD4eLJcLmYqTWclrTm+U0NRnQkMvUuH6dZ
DSltI6r1ZVNOn5Lwbicn3K6SZWhzDI6y9438vcoCeJAb0HP3wmbMH8s6RQmLmTz6
uaulWETe0Jzuzeg0fo3vDyRHiB1AbOJmEaAo6tbofsMt/+zktYgsFc1rVNz6sMS5
zDXuGTdsRJ76INEjcvbxXQyVhnp5pQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN6r
KWDAqDHjiZu4W4XVTHB0jmSrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQTM1RTBCMDIzNzgxMUYxODM5QTQ5QTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnCMA0GCSqGSIb3DQEB
CwUAA4IBAQBWusMli7KMLE4cUXyRF35VL3sqoh9IP/EeqmFAYrPS2tyqSrNZhffa
8H4YcT3v26FuSVzau1sPgEttKXCIWVIN8JnzW1GWEm584egBd8wLu4a5Lh/woOcM
+h1VJ/ihoOzTJjmQSS++cWzl8HL5n0bGk0PEA1vN2wsquwzymNGgXsgcruDyRidA
90Xkp2sh2tv3W7B7ioyfeUxJO/TT4vtZ/HavyBEA0gqUlvqUFdk81rtsOFdKXOwa
keXiDkUZKpfjkNYAQpAEeuAAKx+2yGvI+UmuBdf5bmgCGzH7cTeTCnmjpuhnFsMj
+wyxeKtXasmH3VUNNeCrDc563bPyN47C
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:17:31 2026 by rpki-client