Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0866DA1C28E811F181584AD3DAE4EC9C.roa
File: 0866DA1C28E811F181584AD3DAE4EC9C.roa (raw, json)
Hash identifier: prkhXo6yOBim3JiOug37VnfdNG1l8LKrFrI82f7kDzM=
Subject key identifier: 16:41:2E:3F:61:51:71:AE:00:CA:D7:3F:14:55:60:14:31:C8:53:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C0F9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0866DA1C28E811F181584AD3DAE4EC9C.roa
Signing time: Thu 26 Mar 2026 07:47:27 +0000
ROA not before: Thu 26 Mar 2026 07:47:22 +0000
ROA not after: Sun 03 May 2026 07:47:22 +0000
asID: 209242
IP address blocks: 154.206.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114937 (0x1c0f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 26 07:47:22 2026 GMT
Not After : May 3 07:47:22 2026 GMT
Subject: CN=69c4e48f-dce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e2:f0:ca:62:a3:13:d9:50:2b:c7:a1:8e:09:
77:ef:6d:17:97:5c:5c:50:ac:60:f8:b0:68:e8:5c:
06:37:4b:ec:71:19:2a:27:b8:69:bf:2a:33:06:8e:
19:6f:ef:a2:a0:9d:f4:1d:db:6b:48:48:bd:f0:d4:
03:2e:0a:1b:b8:1f:5b:c4:84:a2:cd:c0:9a:06:01:
3e:93:63:db:69:5e:37:92:45:c0:83:91:7b:b3:eb:
70:6f:50:fc:67:9c:99:02:44:fd:79:56:b4:9d:b9:
dd:21:5b:9a:83:5e:44:b0:46:29:e9:73:36:d7:14:
fe:32:c7:bd:fe:8b:00:71:ea:7f:40:11:e6:ab:69:
7b:36:24:27:d4:60:fa:60:87:da:aa:29:89:1f:50:
6c:75:14:33:b5:c5:46:3f:4a:b1:74:54:47:93:1f:
18:ad:b0:14:41:f4:72:d6:fc:32:4e:28:15:e6:7e:
8f:49:46:f8:da:ce:48:90:16:e4:42:bc:26:7c:cb:
77:e4:48:cf:b8:17:ee:09:7f:02:e1:be:30:55:46:
04:2f:ff:e8:64:49:6c:e1:86:56:e4:90:87:9f:54:
4f:31:5d:27:e7:0b:83:f2:6f:8c:f2:cd:51:38:26:
42:85:7b:f6:ba:af:d8:65:ab:c0:4a:0b:3e:1b:b0:
0a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:41:2E:3F:61:51:71:AE:00:CA:D7:3F:14:55:60:14:31:C8:53:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0866DA1C28E811F181584AD3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.12.0/24
Signature Algorithm: sha256WithRSAEncryption
00:2f:7f:25:fa:4a:49:bd:ef:c4:78:cb:c7:0c:6b:61:25:be:
fc:6f:d9:3a:dc:f3:90:dd:c0:7e:d5:69:ed:ad:37:81:1d:48:
87:26:dc:f6:1e:2d:8b:42:ed:bd:23:d4:74:6e:6a:b1:92:d8:
6d:5a:bb:c0:a2:00:9e:bd:fc:b5:78:90:0b:8b:96:ae:d2:b7:
70:3b:db:e6:c5:2a:d2:95:10:46:16:39:d5:50:b0:d2:4d:94:
42:89:5f:22:2c:a5:0f:86:42:27:df:8c:a4:cc:f7:2b:4d:d6:
94:76:8e:93:1e:60:94:c2:d1:44:ec:57:b1:7c:8e:47:1a:dd:
84:7d:60:fb:d8:21:3b:1c:9b:b9:e8:d2:0d:06:b0:31:31:31:
b7:65:88:bf:16:2b:23:33:6d:8f:75:18:fc:a1:70:25:b8:c9:
15:d2:2a:d5:e4:12:d0:ae:ad:7b:7c:b5:66:81:36:05:fa:15:
14:e7:7a:43:5a:fa:f2:04:20:4e:e6:b0:9d:5e:9d:de:2d:bf:
87:9c:82:c1:2b:b9:d0:4a:60:a0:0c:39:98:e3:dd:4c:3a:a8:
22:3b:60:af:df:13:c4:bd:24:5a:5b:62:01:1a:cc:9c:3b:0e:
7e:27:80:4f:12:c0:e7:b6:45:26:37:d7:3b:b3:f8:db:58:cf:
5a:98:5e:9e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcD5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI2MDc0NzIyWhcNMjYwNTAzMDc0NzIyWjAYMRYw
FAYDVQQDEw02OWM0ZTQ4Zi1kY2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1eLwymKjE9lQK8ehjgl3720Xl1xcUKxg+LBo6FwGN0vscRkqJ7hpvyoz
Bo4Zb++ioJ30HdtrSEi98NQDLgobuB9bxISizcCaBgE+k2PbaV43kkXAg5F7s+tw
b1D8Z5yZAkT9eVa0nbndIVuag15EsEYp6XM21xT+Mse9/osAcep/QBHmq2l7NiQn
1GD6YIfaqimJH1BsdRQztcVGP0qxdFRHkx8YrbAUQfRy1vwyTigV5n6PSUb42s5I
kBbkQrwmfMt35EjPuBfuCX8C4b4wVUYEL//oZEls4YZW5JCHn1RPMV0n5wuD8m+M
8s1ROCZChXv2uq/YZavASgs+G7AKHQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBZB
Lj9hUXGuAMrXPxRVYBQxyFN9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wODY2REExQzI4RTgxMUYxODE1ODRBRDNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4MMA0GCSqGSIb3DQEB
CwUAA4IBAQAAL38l+kpJve/EeMvHDGthJb78b9k63POQ3cB+1WntrTeBHUiHJtz2
Hi2LQu29I9R0bmqxkthtWrvAogCevfy1eJALi5au0rdwO9vmxSrSlRBGFjnVULDS
TZRCiV8iLKUPhkIn34ykzPcrTdaUdo6THmCUwtFE7FexfI5HGt2EfWD72CE7HJu5
6NINBrAxMTG3ZYi/FisjM22PdRj8oXAluMkV0irV5BLQrq17fLVmgTYF+hUU53pD
WvryBCBO5rCdXp3eLb+HnILBK7nQSmCgDDmY491MOqgiO2Cv3xPEvSRaW2IBGsyc
Ow5+J4BPEsDntkUmN9c7s/jbWM9amF6e
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:51:48 2026 by rpki-client