Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CE830D428ED11F19086A5EEDAE4EC9C.roa
File: 2CE830D428ED11F19086A5EEDAE4EC9C.roa (raw, json)
Hash identifier: ZRZZg7yGWXi/PjVSSK6GUyzaK+ScqasLHBs5A08jBoI=
Subject key identifier: 94:78:C6:CE:9A:92:31:E2:4B:48:53:35:20:5E:5F:02:8E:08:5E:80
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C0FF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CE830D428ED11F19086A5EEDAE4EC9C.roa
Signing time: Thu 26 Mar 2026 08:24:16 +0000
ROA not before: Thu 26 Mar 2026 08:24:10 +0000
ROA not after: Sun 05 Apr 2026 08:24:10 +0000
asID: 133748
IP address blocks: 154.89.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114943 (0x1c0ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 26 08:24:10 2026 GMT
Not After : Apr 5 08:24:10 2026 GMT
Subject: CN=69c4ed2f-ec5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:04:fe:c3:38:b2:7b:d6:5a:90:40:e4:21:fa:
b7:cb:3a:3e:77:0b:88:8b:ca:43:62:88:b1:e2:d5:
ee:b2:0c:c4:22:22:87:e8:9c:62:ba:5b:52:dc:25:
93:ef:61:c5:ca:dc:59:be:89:31:db:f5:88:4c:31:
2b:bf:a2:b1:f7:41:85:ec:99:31:51:4f:93:f7:e2:
c2:81:bf:3a:c5:ce:70:22:c6:be:7d:37:21:2f:80:
ba:51:6f:90:a8:0d:ee:47:9d:dc:2b:43:0e:e1:1b:
50:c8:4d:1d:34:96:d0:99:00:f5:e4:53:42:07:0c:
f7:87:99:e7:38:57:c1:3f:e4:94:70:41:23:ad:06:
e8:20:5b:ae:c4:36:83:3c:47:18:8e:2d:27:da:b1:
c5:db:5f:30:3b:4d:fc:85:52:43:3c:f3:17:d6:49:
10:c2:9f:8b:35:25:e0:d8:be:0a:60:46:52:1e:e1:
79:ad:22:5a:64:90:ea:6f:e8:d2:13:23:13:b1:fb:
9d:f0:d1:8d:cf:71:11:ee:f8:d6:5b:39:b1:aa:c8:
a8:30:04:0b:6a:e6:f7:6f:c5:13:97:63:da:26:5c:
a5:cd:b3:b4:e5:df:ec:77:39:d3:42:8c:66:d9:1e:
9a:8a:a7:de:75:15:a8:d6:0f:f2:e2:3d:bd:55:64:
e4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:78:C6:CE:9A:92:31:E2:4B:48:53:35:20:5E:5F:02:8E:08:5E:80
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CE830D428ED11F19086A5EEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.133.0/24
Signature Algorithm: sha256WithRSAEncryption
32:4a:dd:71:52:a3:70:a3:e7:41:5e:5e:66:a7:9c:b0:7d:44:
f5:b8:cb:00:6a:66:7b:09:73:43:7a:af:8d:7e:33:9e:98:de:
36:d6:3f:48:52:08:ca:0a:26:9c:c2:83:bc:61:98:99:50:6e:
39:1a:03:6c:f4:ae:9b:e5:c6:6c:cb:bd:8c:70:80:8c:92:48:
5b:3a:ed:41:4a:6c:12:fb:53:e3:73:d0:89:b3:38:ab:d7:b1:
85:c8:08:b4:05:5d:22:fb:ad:1f:5b:86:52:be:8f:cc:9c:da:
d7:52:60:2c:3e:94:5f:0d:6b:31:b9:85:a5:5c:1a:25:e5:16:
35:cd:b4:30:f9:8f:28:83:3d:f8:02:25:c4:fe:e5:50:30:00:
46:13:da:1f:1c:1a:ff:4a:e5:58:b8:be:43:3e:d7:29:41:90:
0e:e9:c8:74:48:6f:4a:4f:12:d0:52:5c:a9:2a:4b:8d:05:f6:
5b:1e:79:8a:81:4a:6c:6b:2e:c4:1c:ae:3a:46:69:0a:f4:f3:
1a:d0:63:74:bf:ee:a5:0a:23:88:36:cd:40:58:10:09:a5:c1:
1e:a7:b1:de:e2:68:36:9e:0f:45:4a:fa:cc:19:df:5e:33:9a:
df:9a:33:54:e8:86:fa:1d:66:2b:9e:03:d8:95:58:0a:96:08:
23:00:eb:3c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcD/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI2MDgyNDEwWhcNMjYwNDA1MDgyNDEwWjAYMRYw
FAYDVQQDEw02OWM0ZWQyZi1lYzVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoAT+wziye9ZakEDkIfq3yzo+dwuIi8pDYoix4tXusgzEIiKH6JxiultS
3CWT72HFytxZvokx2/WITDErv6Kx90GF7JkxUU+T9+LCgb86xc5wIsa+fTchL4C6
UW+QqA3uR53cK0MO4RtQyE0dNJbQmQD15FNCBwz3h5nnOFfBP+SUcEEjrQboIFuu
xDaDPEcYji0n2rHF218wO038hVJDPPMX1kkQwp+LNSXg2L4KYEZSHuF5rSJaZJDq
b+jSEyMTsfud8NGNz3ER7vjWWzmxqsioMAQLaub3b8UTl2PaJlylzbO05d/sdznT
Qoxm2R6aiqfedRWo1g/y4j29VWTkxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJR4
xs6akjHiS0hTNSBeXwKOCF6AMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQ0U4MzBENDI4RUQxMUYxOTA4NkE1RUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmFMA0GCSqGSIb3DQEB
CwUAA4IBAQAySt1xUqNwo+dBXl5mp5ywfUT1uMsAamZ7CXNDeq+NfjOemN421j9I
UgjKCiacwoO8YZiZUG45GgNs9K6b5cZsy72McICMkkhbOu1BSmwS+1Pjc9CJszir
17GFyAi0BV0i+60fW4ZSvo/MnNrXUmAsPpRfDWsxuYWlXBol5RY1zbQw+Y8ogz34
AiXE/uVQMABGE9ofHBr/SuVYuL5DPtcpQZAO6ch0SG9KTxLQUlypKkuNBfZbHnmK
gUpsay7EHK46RmkK9PMa0GN0v+6lCiOINs1AWBAJpcEep7He4mg2ng9FSvrMGd9e
M5rfmjNU6Ib6HWYrngPYlVgKlggjAOs8
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:52:57 2026 by rpki-client