Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/664F4AE627B311F1B51B5EBEDAE4EC9C.roa
File: 664F4AE627B311F1B51B5EBEDAE4EC9C.roa (raw, json)
Hash identifier: 6G2cTGTvo2eB7RPDHsQJ6zih2qxdmNRkW1scvi2+fK0=
Subject key identifier: 3D:12:32:66:2A:5C:A7:FE:02:32:D1:0E:ED:E0:9D:A1:57:D1:79:37
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C0C5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/664F4AE627B311F1B51B5EBEDAE4EC9C.roa
Signing time: Tue 24 Mar 2026 18:58:10 +0000
ROA not before: Tue 24 Mar 2026 18:58:04 +0000
ROA not after: Thu 30 Apr 2026 18:58:04 +0000
asID: 8796
IP address blocks: 154.201.72.0/21 maxlen: 24
154.201.88.0/22 maxlen: 24
154.201.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114885 (0x1c0c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 24 18:58:04 2026 GMT
Not After : Apr 30 18:58:04 2026 GMT
Subject: CN=69c2dec2-d00d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a5:98:59:95:3f:5a:6e:56:55:a7:f2:51:d9:
5d:ba:c4:42:fe:ea:f0:6e:cd:d6:bf:48:62:60:7e:
9c:31:a0:9d:d5:c5:b0:9d:d2:87:90:f8:a2:4a:45:
e3:64:ab:3d:2f:52:2c:2a:fa:ff:1f:c9:63:48:e1:
90:b3:aa:02:ee:bf:25:ba:8b:49:46:f0:03:c8:65:
05:b0:b3:98:20:97:0d:3d:93:d3:5b:c7:66:73:33:
5e:29:a2:10:f5:5d:2e:0b:8c:bb:6d:66:e1:51:8c:
3a:93:bb:2b:1f:37:ab:47:e7:9b:de:30:d0:d2:4b:
32:f8:a3:13:ec:ec:a1:dd:7e:68:a7:00:70:3a:b1:
24:1c:53:7c:f9:c7:f4:e9:51:a0:a4:c4:fb:5c:77:
60:3c:e2:14:2b:04:4b:76:9b:c7:bc:c8:54:6b:49:
49:af:8b:74:d5:ea:d9:9c:87:1c:5d:d2:32:83:31:
89:57:94:a2:f0:f8:01:2c:59:cd:17:69:0b:9d:1b:
bb:ca:b8:7b:68:74:eb:0c:ab:17:9e:da:79:e6:71:
99:d6:0b:39:98:fc:4c:cf:07:60:01:e9:ee:a0:f9:
94:c9:58:55:7f:df:8b:18:e5:c2:03:d5:cf:32:63:
ae:2f:03:58:75:d1:cc:3e:2a:74:e8:1c:71:5d:d2:
45:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:12:32:66:2A:5C:A7:FE:02:32:D1:0E:ED:E0:9D:A1:57:D1:79:37
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/664F4AE627B311F1B51B5EBEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.72.0/21
154.201.88.0-154.201.93.255
Signature Algorithm: sha256WithRSAEncryption
3d:ba:6b:58:4b:56:a4:15:b5:38:33:db:d1:1c:45:a1:64:c1:
9b:a6:e4:78:88:79:03:7a:c2:d5:8a:61:51:92:1b:37:4a:31:
78:28:16:f1:78:15:1a:b1:43:bb:46:4e:0f:9e:68:8e:fc:c4:
06:fa:3b:22:58:42:cc:c3:9d:b6:c0:9d:b4:02:89:41:31:2b:
db:ff:55:23:ed:85:d0:18:9b:31:9f:c0:07:70:d6:1d:fe:36:
c3:98:36:fa:cd:d6:07:d5:71:ec:39:44:e5:24:15:58:9b:b4:
8b:42:ad:5e:a7:52:8c:a2:2a:23:f7:f0:fe:eb:2d:11:36:00:
87:03:a9:14:e4:a4:70:cb:a8:55:43:24:67:65:7a:c0:6d:d5:
99:92:0e:1f:d6:a5:e2:83:2c:89:9f:41:93:4f:97:20:91:b2:
f9:0e:3d:9c:8c:97:1b:50:4b:c9:ff:3c:bc:00:f0:b2:9d:38:
5e:3a:87:79:93:82:84:09:bb:72:12:7a:23:ef:99:f1:f8:b7:
c4:b5:ac:7b:d4:04:bc:12:06:0e:60:31:8a:45:bb:21:ab:57:
6e:85:dc:d1:f8:4f:5e:36:ca:4d:cb:43:49:a5:bf:f4:71:b0:
9b:3b:68:3f:5a:7b:90:45:85:46:91:f0:8a:3d:64:5d:d4:92:
6d:64:73:a7
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAcDFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI0MTg1ODA0WhcNMjYwNDMwMTg1ODA0WjAYMRYw
FAYDVQQDEw02OWMyZGVjMi1kMDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApqWYWZU/Wm5WVafyUdldusRC/urwbs3Wv0hiYH6cMaCd1cWwndKHkPii
SkXjZKs9L1IsKvr/H8ljSOGQs6oC7r8luotJRvADyGUFsLOYIJcNPZPTW8dmczNe
KaIQ9V0uC4y7bWbhUYw6k7srHzerR+eb3jDQ0ksy+KMT7Oyh3X5opwBwOrEkHFN8
+cf06VGgpMT7XHdgPOIUKwRLdpvHvMhUa0lJr4t01erZnIccXdIygzGJV5Si8PgB
LFnNF2kLnRu7yrh7aHTrDKsXntp55nGZ1gs5mPxMzwdgAenuoPmUyVhVf9+LGOXC
A9XPMmOuLwNYddHMPip06BxxXdJFSwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFD0S
MmYqXKf+AjLRDu3gnaFX0Xk3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NjRGNEFFNjI3QjMxMUYxQjUxQjVFQkVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDmslIMAwDBAOayVgDBAGa
yVwwDQYJKoZIhvcNAQELBQADggEBAD26a1hLVqQVtTgz29EcRaFkwZum5HiIeQN6
wtWKYVGSGzdKMXgoFvF4FRqxQ7tGTg+eaI78xAb6OyJYQszDnbbAnbQCiUExK9v/
VSPthdAYmzGfwAdw1h3+NsOYNvrN1gfVcew5ROUkFVibtItCrV6nUoyiKiP38P7r
LRE2AIcDqRTkpHDLqFVDJGdlesBt1ZmSDh/WpeKDLImfQZNPlyCRsvkOPZyMlxtQ
S8n/PLwA8LKdOF46h3mTgoQJu3ISeiPvmfH4t8S1rHvUBLwSBg5gMYpFuyGrV26F
3NH4T142yk3LQ0mlv/RxsJs7aD9ae5BFhUaR8Io9ZF3Ukm1kc6c=
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:53:17 2026 by rpki-client