Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/109C5D5627B711F19245E7D1DAE4EC9C.roa
File: 109C5D5627B711F19245E7D1DAE4EC9C.roa (raw, json)
Hash identifier: kBFp73eJXfo3tJi1HvcQ/jZClOk4uN+t/UJrrGcL0hE=
Subject key identifier: 32:F8:4F:B9:73:8B:B4:53:2C:ED:D8:B4:93:CF:CE:97:B1:63:08:87
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C0CD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/109C5D5627B711F19245E7D1DAE4EC9C.roa
Signing time: Tue 24 Mar 2026 19:24:24 +0000
ROA not before: Tue 24 Mar 2026 19:24:18 +0000
ROA not after: Thu 30 Apr 2026 19:24:18 +0000
asID: 40779
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 29 Mar 2026 00:06:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114893 (0x1c0cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 24 19:24:18 2026 GMT
Not After : Apr 30 19:24:18 2026 GMT
Subject: CN=69c2e4e8-3628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:44:7a:58:88:53:17:9c:14:df:f7:52:f7:01:
7e:25:65:50:7a:11:42:2a:b6:dc:82:cd:b4:ca:3c:
82:5d:0b:3e:97:04:d4:1d:01:2c:c1:14:d3:64:38:
64:4f:e7:fb:89:24:f3:59:1f:3b:dc:9d:58:66:3b:
13:eb:76:d1:fc:a0:88:24:2e:b0:9d:30:a3:5f:94:
eb:27:6e:54:0e:ed:30:cd:5c:4a:56:fa:68:c7:f4:
ce:99:ff:da:d0:7a:42:01:e7:b2:d0:d6:18:90:88:
c0:38:f8:fd:83:c7:0f:52:25:00:5b:2e:49:f7:9d:
07:35:d2:cd:94:47:71:be:89:22:5d:97:29:67:b0:
99:5b:b5:02:b7:74:8f:5b:ee:8f:88:1f:80:a9:23:
d1:65:6d:42:61:64:5a:24:c3:c6:73:ac:f0:6e:61:
a8:2e:59:df:7c:61:f1:13:99:31:29:b3:54:0f:8d:
9b:11:51:fa:f7:67:e4:94:18:83:fd:d5:dc:a1:8c:
35:0e:0e:51:4d:1a:6e:3c:79:58:d2:59:a2:ac:d1:
1b:cf:a0:48:0e:a0:5b:78:0c:e7:ae:a5:c8:30:5b:
5a:cd:b1:7c:88:fd:65:33:8a:73:ec:09:1c:05:19:
86:59:72:eb:76:2c:ea:4d:82:d7:42:ea:fd:49:8d:
d0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F8:4F:B9:73:8B:B4:53:2C:ED:D8:B4:93:CF:CE:97:B1:63:08:87
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/109C5D5627B711F19245E7D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
12:52:2a:4e:36:1a:3f:67:8b:7a:70:79:c9:06:4f:44:1e:24:
22:36:ae:31:da:82:78:ec:eb:63:a2:cb:40:be:46:9a:5f:46:
e8:ac:b8:c6:e6:69:05:94:3d:ef:aa:9e:93:8c:7b:99:2d:77:
47:91:73:8c:0e:2b:09:15:73:a7:19:57:cc:ac:34:88:89:28:
64:4f:06:36:a0:c6:93:5d:95:68:bd:41:ea:93:5a:8c:e2:58:
f4:78:f2:9e:a9:b8:57:0d:f1:32:42:f1:ca:fb:16:7b:21:67:
c4:d4:be:bd:aa:a5:1d:09:4a:85:24:5b:29:95:b1:6e:98:58:
64:66:bd:e7:6d:d6:b9:0d:75:bd:63:09:47:58:8b:22:16:ca:
bf:bf:e0:28:ba:07:5a:cd:5c:59:c5:11:38:e1:1e:e7:ed:96:
76:5c:49:12:2b:c1:41:d0:86:8c:f3:4e:01:f6:01:4b:a2:7c:
1a:04:f3:26:f2:e9:0f:3f:8f:73:fa:dc:2a:cb:f9:c1:52:cf:
93:a9:c7:7b:ca:92:30:06:57:eb:c9:4b:6e:23:89:2e:c7:d6:
03:47:ca:42:54:27:bb:d1:f6:f8:09:bf:ae:24:25:39:26:b2:
12:e4:f9:53:c1:9a:46:7e:bc:03:5f:28:05:7c:fc:cc:cf:8e:
1b:4a:cc:c6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcDNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI0MTkyNDE4WhcNMjYwNDMwMTkyNDE4WjAYMRYw
FAYDVQQDEw02OWMyZTRlOC0zNjI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxUR6WIhTF5wU3/dS9wF+JWVQehFCKrbcgs20yjyCXQs+lwTUHQEswRTT
ZDhkT+f7iSTzWR873J1YZjsT63bR/KCIJC6wnTCjX5TrJ25UDu0wzVxKVvpox/TO
mf/a0HpCAeey0NYYkIjAOPj9g8cPUiUAWy5J950HNdLNlEdxvokiXZcpZ7CZW7UC
t3SPW+6PiB+AqSPRZW1CYWRaJMPGc6zwbmGoLlnffGHxE5kxKbNUD42bEVH692fk
lBiD/dXcoYw1Dg5RTRpuPHlY0lmirNEbz6BIDqBbeAznrqXIMFtazbF8iP1lM4pz
7AkcBRmGWXLrdizqTYLXQur9SY3QyQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDL4
T7lzi7RTLO3YtJPPzpexYwiHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMDlDNUQ1NjI3QjcxMUYxOTI0NUU3RDFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQASUipONho/Z4t6cHnJBk9EHiQiNq4x2oJ47OtjostAvkaaX0borLjG
5mkFlD3vqp6TjHuZLXdHkXOMDisJFXOnGVfMrDSIiShkTwY2oMaTXZVovUHqk1qM
4lj0ePKeqbhXDfEyQvHK+xZ7IWfE1L69qqUdCUqFJFsplbFumFhkZr3nbda5DXW9
YwlHWIsiFsq/v+AougdazVxZxRE44R7n7ZZ2XEkSK8FB0IaM804B9gFLonwaBPMm
8ukPP49z+twqy/nBUs+Tqcd7ypIwBlfryUtuI4kux9YDR8pCVCe70fb4Cb+uJCU5
JrIS5PlTwZpGfrwDXygFfPzMz44bSszG
-----END CERTIFICATE-----
Generated at Fri Mar 27 05:40:18 2026 by rpki-client