Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA478C70211111F1A0AC7FA3DAE4EC9C.roa
File: FA478C70211111F1A0AC7FA3DAE4EC9C.roa (raw, json)
Hash identifier: 1VzLxTCd3xdWEqTb5aGs9VYi/uk96oJdDRIog9R6sf4=
Subject key identifier: 83:B7:B2:B4:95:15:B8:59:34:B4:8D:B2:02:73:8F:47:7C:6B:3C:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF87
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA478C70211111F1A0AC7FA3DAE4EC9C.roa
Signing time: Mon 16 Mar 2026 08:27:32 +0000
ROA not before: Mon 16 Mar 2026 08:27:28 +0000
ROA not after: Mon 20 Apr 2026 08:27:28 +0000
asID: 200213
IP address blocks: 154.222.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114567 (0x1bf87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 16 08:27:28 2026 GMT
Not After : Apr 20 08:27:28 2026 GMT
Subject: CN=69b7bef4-ba72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7b:16:c4:22:40:b5:71:40:f7:06:f9:06:13:
1d:03:6b:c6:88:4a:e8:b7:d1:74:e2:0b:08:65:c4:
d8:94:68:3f:cf:20:0e:9e:ca:13:b8:cc:77:b2:f0:
57:64:36:8f:bd:07:e8:9f:cb:b8:32:85:d1:c3:a0:
90:b0:97:0b:98:d1:2f:44:32:62:99:22:7a:fc:d2:
f0:10:c6:34:bc:d5:43:7c:69:2a:23:0c:68:69:85:
da:1e:34:eb:d5:44:dd:d9:48:a5:c0:ba:89:dc:76:
2c:77:f4:cb:5e:d5:18:5b:12:ab:58:7d:10:72:2b:
27:f1:cf:f2:f5:ce:6b:18:b0:c2:75:4a:37:56:63:
1b:f3:94:e0:6a:1b:eb:de:9f:5b:64:20:a5:c9:d3:
dd:a8:6c:8f:da:06:f6:27:b6:96:76:40:06:1a:91:
da:58:d9:dc:c9:b9:7b:21:74:5b:b3:40:8c:f1:41:
20:2b:0c:8b:5e:c9:f5:f6:b7:ab:7a:34:c7:a2:d3:
7b:a8:74:5b:f0:a8:b0:cd:13:e0:57:78:cd:6f:e1:
5b:b2:3e:26:49:79:40:25:0f:75:6c:60:3f:80:eb:
a9:b4:55:72:8b:37:36:21:6a:b1:4f:f7:ed:b6:25:
0b:a3:7c:e4:58:bb:05:af:9d:bb:0a:1e:1a:f0:c1:
e5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B7:B2:B4:95:15:B8:59:34:B4:8D:B2:02:73:8F:47:7C:6B:3C:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA478C70211111F1A0AC7FA3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.79.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:a1:f6:b3:5d:83:28:f0:70:21:24:8e:77:3a:78:c7:d0:c1:
72:86:2a:59:ca:3a:13:6a:d6:88:b5:31:9f:e9:03:5f:b6:b1:
25:d3:17:92:a2:81:49:36:f8:a1:22:d1:ef:02:f1:03:0c:6c:
24:0d:6f:a8:4f:ef:4b:51:09:48:3c:4b:b2:e7:48:63:85:39:
9c:bb:83:7d:19:db:06:ba:6a:1a:ba:27:f6:9c:9a:f9:da:eb:
71:c4:58:4d:0d:c5:5b:67:87:73:39:00:ec:38:65:fb:de:98:
b8:7a:47:e0:f5:89:e2:ac:24:dd:da:bb:c4:c0:ba:c5:cd:27:
5b:87:e9:46:9b:20:f1:c0:7c:80:9c:9b:e1:b2:04:16:0e:93:
97:99:5a:18:5d:cf:6e:37:87:ba:53:56:d9:cd:9f:8c:a4:fa:
c5:18:0c:16:0b:b6:38:19:20:a9:00:bd:59:2b:a5:b1:3e:88:
59:70:e2:7b:58:15:ad:32:a4:58:96:4f:2c:84:12:a4:b1:30:
01:32:a4:f9:fa:c5:d5:ad:43:d4:52:55:d8:83:a0:95:ec:54:
bc:86:5b:4b:be:93:7b:3f:9b:1e:b0:cc:29:3a:6a:62:f7:e4:
59:c9:9c:6c:92:f7:1d:9b:80:72:d4:2d:4a:59:46:b3:4f:fc:
11:b2:2c:fd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb+HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzE2MDgyNzI4WhcNMjYwNDIwMDgyNzI4WjAYMRYw
FAYDVQQDEw02OWI3YmVmNC1iYTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtnsWxCJAtXFA9wb5BhMdA2vGiErot9F04gsIZcTYlGg/zyAOnsoTuMx3
svBXZDaPvQfon8u4MoXRw6CQsJcLmNEvRDJimSJ6/NLwEMY0vNVDfGkqIwxoaYXa
HjTr1UTd2UilwLqJ3HYsd/TLXtUYWxKrWH0Qcisn8c/y9c5rGLDCdUo3VmMb85Tg
ahvr3p9bZCClydPdqGyP2gb2J7aWdkAGGpHaWNncybl7IXRbs0CM8UEgKwyLXsn1
9rerejTHotN7qHRb8KiwzRPgV3jNb+Fbsj4mSXlAJQ91bGA/gOuptFVyizc2IWqx
T/fttiULo3zkWLsFr527Ch4a8MHluQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIO3
srSVFbhZNLSNsgJzj0d8azy4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQTQ3OEM3MDIxMTExMUYxQTBBQzdGQTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5PMA0GCSqGSIb3DQEB
CwUAA4IBAQCqofazXYMo8HAhJI53OnjH0MFyhipZyjoTataItTGf6QNftrEl0xeS
ooFJNvihItHvAvEDDGwkDW+oT+9LUQlIPEuy50hjhTmcu4N9GdsGumoauif2nJr5
2utxxFhNDcVbZ4dzOQDsOGX73pi4ekfg9YnirCTd2rvEwLrFzSdbh+lGmyDxwHyA
nJvhsgQWDpOXmVoYXc9uN4e6U1bZzZ+MpPrFGAwWC7Y4GSCpAL1ZK6WxPohZcOJ7
WBWtMqRYlk8shBKksTABMqT5+sXVrUPUUlXYg6CV7FS8hltLvpN7P5sesMwpOmpi
9+RZyZxskvcdm4By1C1KWUazT/wRsiz9
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:50 2026 by rpki-client