Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1232A09227B411F1AF6848C2DAE4EC9C.roa
File: 1232A09227B411F1AF6848C2DAE4EC9C.roa (raw, json)
Hash identifier: 2sdT1duGqKhQOyNlMiDZeyiCqIbv6vGPeFcL1dBO084=
Subject key identifier: AB:E9:C8:FA:9B:CB:74:11:C9:8F:39:DA:7D:C3:A4:9B:B3:03:56:03
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C0C7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1232A09227B411F1AF6848C2DAE4EC9C.roa
Signing time: Tue 24 Mar 2026 19:02:58 +0000
ROA not before: Tue 24 Mar 2026 19:02:53 +0000
ROA not after: Thu 30 Apr 2026 19:02:53 +0000
asID: 142032
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114887 (0x1c0c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 24 19:02:53 2026 GMT
Not After : Apr 30 19:02:53 2026 GMT
Subject: CN=69c2dfe2-36bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:5f:27:8d:d2:d1:98:5a:38:f6:0c:b1:22:16:
3b:48:9d:95:8f:d3:28:2d:c5:c5:b6:a5:cb:9c:5e:
9f:c3:d0:b8:e3:a3:fd:d0:f6:5f:f3:08:ae:d3:f4:
a9:7b:b1:76:ec:91:95:f9:e8:03:5d:52:f0:b4:b1:
8b:b4:4b:df:06:08:e0:cf:66:9b:42:24:40:17:c9:
97:0c:2b:0b:d2:bb:3d:b3:ea:42:3a:97:1f:63:38:
56:a5:98:d0:08:04:38:51:fb:3c:d9:cd:33:c8:13:
a0:b1:aa:c7:a8:bd:2f:28:7a:fb:4a:2f:61:e9:84:
93:f2:f7:9a:f0:e4:69:b2:43:57:d2:ce:ad:55:2b:
d9:be:6b:fb:8e:02:46:ec:2b:6e:0f:34:90:6e:ff:
74:fa:08:b6:51:a7:72:f3:ba:08:67:ac:0f:c8:57:
e4:eb:17:48:53:49:c9:d5:c3:1e:a4:82:1e:96:15:
95:cb:46:37:38:c2:3a:db:1c:00:fc:fb:31:c4:04:
72:c4:33:a8:1a:29:8c:93:d1:42:c1:7b:fb:3d:ae:
8e:1c:e7:21:7e:8e:94:a2:19:b0:87:3f:d0:fc:53:
a8:76:99:8a:fb:71:01:ac:14:da:ac:b6:f7:9a:e0:
94:df:7b:c6:e8:0b:d3:b3:ab:f8:62:d3:4d:a3:7e:
c2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E9:C8:FA:9B:CB:74:11:C9:8F:39:DA:7D:C3:A4:9B:B3:03:56:03
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1232A09227B411F1AF6848C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
bc:b5:2b:ff:a5:38:a8:a6:96:2b:8c:0a:fa:81:fd:55:4d:47:
7d:f3:b6:8a:4a:36:86:16:08:31:3e:ff:ce:3c:b6:92:86:32:
48:72:a8:73:05:f8:f8:a5:66:c3:c7:4b:e8:07:d4:9d:02:bb:
40:73:77:1a:87:fa:07:0f:a2:50:cc:07:9e:77:fd:f4:38:a2:
f5:b6:25:49:b3:0d:4c:d0:c9:62:82:16:9b:8a:d6:5d:53:7e:
fd:c3:d0:10:6d:85:7c:12:d9:4b:ad:84:c4:29:17:e2:45:b8:
68:40:d9:50:a5:7b:0c:b8:88:12:ab:86:54:0f:6e:1b:0e:8c:
d2:43:a4:1d:34:c7:c5:77:19:76:5c:b3:cb:e6:12:c1:79:48:
05:2d:51:68:dd:85:43:ab:4b:d3:f4:36:30:59:77:9b:4c:13:
d2:98:de:01:bb:8a:3d:36:1f:73:2f:c4:1e:41:4d:24:ef:71:
6e:77:62:33:a4:a9:37:ed:e7:e4:77:7c:c6:5b:8d:69:e7:d9:
dc:12:ba:cc:42:da:00:6c:04:2b:9e:2a:47:7a:e5:ee:b7:27:
51:dc:d6:cf:0a:93:ef:c3:a5:03:71:9d:bb:02:a3:0a:dc:a1:
b4:fb:05:da:74:4f:74:5d:01:34:27:22:56:bc:a1:38:26:d4:
80:3d:92:5e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcDHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI0MTkwMjUzWhcNMjYwNDMwMTkwMjUzWjAYMRYw
FAYDVQQDEw02OWMyZGZlMi0zNmJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8V8njdLRmFo49gyxIhY7SJ2Vj9MoLcXFtqXLnF6fw9C446P90PZf8wiu
0/Spe7F27JGV+egDXVLwtLGLtEvfBgjgz2abQiRAF8mXDCsL0rs9s+pCOpcfYzhW
pZjQCAQ4Ufs82c0zyBOgsarHqL0vKHr7Si9h6YST8vea8ORpskNX0s6tVSvZvmv7
jgJG7CtuDzSQbv90+gi2Uady87oIZ6wPyFfk6xdIU0nJ1cMepIIelhWVy0Y3OMI6
2xwA/PsxxARyxDOoGimMk9FCwXv7Pa6OHOchfo6Uohmwhz/Q/FOodpmK+3EBrBTa
rLb3muCU33vG6AvTs6v4YtNNo37CqQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKvp
yPqby3QRyY852n3DpJuzA1YDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMjMyQTA5MjI3QjQxMUYxQUY2ODQ4QzJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQC8tSv/pTioppYrjAr6gf1VTUd987aKSjaGFggxPv/OPLaShjJIcqhz
Bfj4pWbDx0voB9SdArtAc3cah/oHD6JQzAeed/30OKL1tiVJsw1M0MlighabitZd
U379w9AQbYV8EtlLrYTEKRfiRbhoQNlQpXsMuIgSq4ZUD24bDozSQ6QdNMfFdxl2
XLPL5hLBeUgFLVFo3YVDq0vT9DYwWXebTBPSmN4Bu4o9Nh9zL8QeQU0k73Fud2Iz
pKk37efkd3zGW41p59ncErrMQtoAbAQrnipHeuXutydR3NbPCpPvw6UDcZ27AqMK
3KG0+wXadE90XQE0JyJWvKE4JtSAPZJe
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:32:11 2026 by rpki-client