Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A909A9227B111F187009FB2DAE4EC9C.roa
File: 3A909A9227B111F187009FB2DAE4EC9C.roa (raw, json)
Hash identifier: qVKmErzApILiV0toNsaQqaAYB6RGHaIXDYhwbcs4Pqg=
Subject key identifier: 5E:CA:AB:D4:62:3B:B4:6A:D1:E4:26:CB:56:A3:31:90:4A:0A:8F:A1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C0BF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A909A9227B111F187009FB2DAE4EC9C.roa
Signing time: Tue 24 Mar 2026 18:42:38 +0000
ROA not before: Tue 24 Mar 2026 18:42:32 +0000
ROA not after: Thu 30 Apr 2026 18:42:32 +0000
asID: 395886
IP address blocks: 154.201.72.0/21 maxlen: 24
154.201.88.0/22 maxlen: 24
154.201.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114879 (0x1c0bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 24 18:42:32 2026 GMT
Not After : Apr 30 18:42:32 2026 GMT
Subject: CN=69c2db1d-7211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:19:68:93:db:c1:22:7b:10:20:3a:9f:ba:4e:
ec:e9:40:40:53:9f:d5:21:5d:6c:78:22:b0:e2:e5:
77:83:d8:a6:ea:12:1f:49:d6:66:b5:65:81:40:26:
59:e7:60:20:6f:d8:60:f2:9c:ad:d8:d4:14:b0:13:
d9:b0:1e:d9:51:47:51:ba:99:9e:38:3a:3a:9d:ab:
8f:b7:49:b5:73:c3:60:16:83:fd:de:91:9d:2d:bf:
a0:2a:4d:90:93:f8:8c:97:4c:37:15:13:72:f1:e2:
bd:4e:30:b9:b2:c3:a5:1b:7f:97:85:e1:17:2d:0c:
f1:57:c0:55:2f:a3:57:9a:31:35:7e:08:9e:a2:19:
dd:5d:52:2e:b4:22:e6:b4:ce:5c:43:38:fa:5b:43:
df:5d:b9:58:cb:4d:b2:ad:01:73:98:66:ec:5a:e1:
a2:06:e4:16:fd:d2:b0:34:15:d8:72:83:77:18:99:
af:86:01:5c:71:90:f1:d6:e7:97:83:c7:ae:54:f9:
62:1f:9f:91:b3:f7:19:0f:0b:0e:ef:9c:be:03:ed:
24:a7:34:7c:62:d4:01:b2:7f:74:94:9c:eb:a4:16:
25:45:4a:cd:01:28:e6:9e:65:54:c5:35:2f:43:c1:
8f:15:cd:70:1a:f9:ae:1f:90:6a:cd:55:3f:df:11:
c5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:CA:AB:D4:62:3B:B4:6A:D1:E4:26:CB:56:A3:31:90:4A:0A:8F:A1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A909A9227B111F187009FB2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.72.0/21
154.201.88.0-154.201.93.255
Signature Algorithm: sha256WithRSAEncryption
17:bb:67:a2:02:d9:19:9d:5a:94:e5:30:b9:70:8e:6e:74:69:
86:23:95:91:80:ba:c9:5b:70:36:78:0c:27:1c:03:8c:dd:9b:
78:bd:4f:2a:02:05:35:e9:e9:4d:71:f4:c1:99:c9:ba:21:23:
ab:d5:c9:fe:ab:4a:19:6b:60:4a:c0:7b:b8:26:18:d6:19:4e:
34:65:41:78:5b:1f:bf:a5:eb:db:b8:fa:ea:a4:a1:c4:a2:f0:
a7:61:17:11:48:cb:10:e0:64:62:97:a0:4c:78:09:f2:c2:cb:
8e:3e:39:e5:de:9f:d1:21:ec:43:17:c6:6f:ad:46:4d:98:8c:
a1:39:11:ff:05:d1:26:62:f1:d3:6f:5e:de:2c:76:2e:d7:dc:
ef:25:12:62:22:92:25:ba:c2:43:f7:16:ea:3a:57:42:13:f4:
38:59:25:5f:1a:fa:a5:a5:77:17:d9:21:db:f1:be:2a:b1:65:
39:f8:c9:1d:8d:57:06:ba:36:46:8c:05:2e:79:8e:7b:4e:23:
c2:6a:cf:c0:f2:55:d3:1d:57:37:d4:8f:d4:e5:9a:bc:e4:b4:
ce:44:82:1b:fb:ac:5a:f1:22:e5:d8:7e:4c:e2:7a:a0:f8:95:
29:33:49:cf:4b:dd:ca:20:8b:f8:d8:40:f8:58:2d:14:87:29:
53:48:76:2b
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAcC/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI0MTg0MjMyWhcNMjYwNDMwMTg0MjMyWjAYMRYw
FAYDVQQDEw02OWMyZGIxZC03MjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Blok9vBInsQIDqfuk7s6UBAU5/VIV1seCKw4uV3g9im6hIfSdZmtWWB
QCZZ52Agb9hg8pyt2NQUsBPZsB7ZUUdRupmeODo6nauPt0m1c8NgFoP93pGdLb+g
Kk2Qk/iMl0w3FRNy8eK9TjC5ssOlG3+XheEXLQzxV8BVL6NXmjE1fgieohndXVIu
tCLmtM5cQzj6W0PfXblYy02yrQFzmGbsWuGiBuQW/dKwNBXYcoN3GJmvhgFccZDx
1ueXg8euVPliH5+Rs/cZDwsO75y+A+0kpzR8YtQBsn90lJzrpBYlRUrNASjmnmVU
xTUvQ8GPFc1wGvmuH5BqzVU/3xHF9wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFF7K
q9RiO7Rq0eQmy1ajMZBKCo+hMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQTkwOUE5MjI3QjExMUYxODcwMDlGQjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDmslIMAwDBAOayVgDBAGa
yVwwDQYJKoZIhvcNAQELBQADggEBABe7Z6IC2RmdWpTlMLlwjm50aYYjlZGAuslb
cDZ4DCccA4zdm3i9TyoCBTXp6U1x9MGZybohI6vVyf6rShlrYErAe7gmGNYZTjRl
QXhbH7+l69u4+uqkocSi8KdhFxFIyxDgZGKXoEx4CfLCy44+OeXen9Eh7EMXxm+t
Rk2YjKE5Ef8F0SZi8dNvXt4sdi7X3O8lEmIikiW6wkP3Fuo6V0IT9DhZJV8a+qWl
dxfZIdvxviqxZTn4yR2NVwa6NkaMBS55jntOI8Jqz8DyVdMdVzfUj9TlmrzktM5E
ghv7rFrxIuXYfkzieqD4lSkzSc9L3cogi/jYQPhYLRSHKVNIdis=
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:07:25 2026 by rpki-client