Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B70737A27BA11F1B9FD67E5DAE4EC9C.roa
File: 8B70737A27BA11F1B9FD67E5DAE4EC9C.roa (raw, json)
Hash identifier: Wh3ZEoxYEGE5KB/fDY1IqFOedFUmA4Sg3MOL/ntrXQY=
Subject key identifier: FA:B8:0D:FF:35:A7:24:C6:CC:55:A3:7B:95:4E:F8:A7:84:9C:BC:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C0D5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B70737A27BA11F1B9FD67E5DAE4EC9C.roa
Signing time: Tue 24 Mar 2026 19:49:19 +0000
ROA not before: Tue 24 Mar 2026 19:49:14 +0000
ROA not after: Fri 01 May 2026 19:49:14 +0000
asID: 62240
IP address blocks: 154.195.108.0/24 maxlen: 24
154.195.111.0/24 maxlen: 24
154.195.112.0/24 maxlen: 24
154.195.116.0/24 maxlen: 24
154.195.117.0/24 maxlen: 24
154.195.120.0/24 maxlen: 24
154.195.124.0/24 maxlen: 24
154.195.136.0/24 maxlen: 24
154.195.137.0/24 maxlen: 24
154.195.138.0/24 maxlen: 24
154.195.140.0/24 maxlen: 24
154.196.32.0/24 maxlen: 24
154.196.34.0/24 maxlen: 24
154.196.35.0/24 maxlen: 24
154.196.37.0/24 maxlen: 24
154.196.38.0/24 maxlen: 24
154.196.39.0/24 maxlen: 24
154.196.89.0/24 maxlen: 24
154.196.90.0/24 maxlen: 24
154.196.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114901 (0x1c0d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 24 19:49:14 2026 GMT
Not After : May 1 19:49:14 2026 GMT
Subject: CN=69c2eabf-f16a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d8:b9:b3:46:93:a6:21:81:69:07:7e:9f:54:
5c:fa:07:7f:99:48:6b:4b:f8:08:43:87:ee:a6:f0:
0a:dc:57:7e:64:a1:40:da:84:06:f1:d8:7b:62:14:
1f:cf:ee:73:f6:d4:c0:40:ad:06:8c:61:a9:c5:f2:
11:c0:9b:a3:33:7e:12:91:52:fe:ee:a7:e7:0b:43:
c1:d6:e9:de:a0:1e:a4:40:c6:57:f0:3f:d5:0a:d5:
5c:43:1c:af:73:80:28:b3:80:59:d0:32:23:e1:18:
ce:c2:91:83:d9:eb:7f:74:b3:5a:d7:82:a1:f2:a7:
41:f1:48:7f:64:3a:c8:a8:09:3d:a6:bb:9f:58:83:
0c:76:f8:ac:0c:f1:c2:a4:a3:50:24:c3:a6:57:40:
b0:cd:4a:4f:86:55:6e:20:93:ff:e1:11:40:e3:de:
9f:82:f7:25:ae:09:f9:c7:44:1b:c1:b8:41:c2:08:
62:51:96:37:c4:fb:1b:6d:6c:76:a4:78:31:2c:7b:
24:79:55:73:3b:08:c6:b1:94:b4:d3:b0:b5:08:0c:
57:81:12:2b:79:33:bd:d5:aa:6f:1f:a1:b1:9b:6a:
1a:5e:86:7c:7e:6c:bc:8c:89:b9:8e:81:3b:8d:0f:
43:96:18:3d:01:15:fb:d8:17:cf:2b:2b:57:7a:93:
11:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B8:0D:FF:35:A7:24:C6:CC:55:A3:7B:95:4E:F8:A7:84:9C:BC:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B70737A27BA11F1B9FD67E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.108.0/24
154.195.111.0-154.195.112.255
154.195.116.0/23
154.195.120.0/24
154.195.124.0/24
154.195.136.0-154.195.138.255
154.195.140.0/24
154.196.32.0/24
154.196.34.0/23
154.196.37.0-154.196.39.255
154.196.89.0-154.196.91.255
Signature Algorithm: sha256WithRSAEncryption
bf:bc:c0:10:60:4e:92:96:d9:39:48:ff:62:78:08:8f:c1:13:
2d:92:23:db:84:b5:3e:4c:1a:d9:6a:93:b0:72:77:3b:c0:5f:
eb:89:cc:e6:ff:8d:2e:61:3a:24:a1:fd:e6:41:8a:cf:d0:de:
a3:39:c3:51:59:b2:62:e5:00:2a:81:f6:51:c9:c8:e5:4c:57:
20:a5:c7:f8:78:fe:d1:09:cb:73:70:ab:b4:90:1a:ff:25:a2:
f5:7e:47:01:fe:c5:0a:78:4c:b0:63:ff:4c:a3:5b:0f:57:91:
f3:73:bc:26:26:29:c1:12:05:43:e6:72:d5:fd:1f:bd:bb:70:
63:cb:51:95:f3:64:b7:23:01:1d:60:5a:83:b5:50:09:cd:47:
28:7a:e0:45:5e:7c:cc:34:5d:c8:28:8d:62:b0:0c:78:1c:19:
47:e2:b4:00:27:9f:38:16:66:e1:df:72:9d:6f:4a:aa:a3:aa:
d9:81:e7:21:65:f5:eb:1d:bd:08:59:11:ea:3f:9b:ca:8a:f1:
34:aa:5a:ec:12:e8:fa:6f:b5:c9:a4:ed:ff:75:d8:8a:d5:b2:
48:e8:c8:95:c0:ed:92:09:83:43:2a:87:39:3e:1f:e8:5c:2b:
5d:59:9a:9e:4a:cb:58:0b:dc:01:85:67:7a:48:a8:90:2a:bf:
cc:f8:0c:db
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgIDAcDVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI0MTk0OTE0WhcNMjYwNTAxMTk0OTE0WjAYMRYw
FAYDVQQDEw02OWMyZWFiZi1mMTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0di5s0aTpiGBaQd+n1Rc+gd/mUhrS/gIQ4fupvAK3Fd+ZKFA2oQG8dh7
YhQfz+5z9tTAQK0GjGGpxfIRwJujM34SkVL+7qfnC0PB1uneoB6kQMZX8D/VCtVc
Qxyvc4Aos4BZ0DIj4RjOwpGD2et/dLNa14Kh8qdB8Uh/ZDrIqAk9prufWIMMdvis
DPHCpKNQJMOmV0CwzUpPhlVuIJP/4RFA496fgvclrgn5x0QbwbhBwghiUZY3xPsb
bWx2pHgxLHskeVVzOwjGsZS007C1CAxXgRIreTO91apvH6Gxm2oaXoZ8fmy8jIm5
joE7jQ9Dlhg9ARX72BfPKytXepMR0wIDAQABo4IDATCCAv0wHQYDVR0OBBYEFPq4
Df81pyTGzFWje5VO+KeEnLx9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QjcwNzM3QTI3QkExMUYxQjlGRDY3RTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAmsNsMAwDBACaw28DBACa
w3ADBAGaw3QDBACaw3gDBACaw3wwDAMEA5rDiAMEAJrDigMEAJrDjAMEAJrEIAME
AZrEIjAMAwQAmsQlAwQDmsQgMAwDBACaxFkDBAKaxFgwDQYJKoZIhvcNAQELBQAD
ggEBAL+8wBBgTpKW2TlI/2J4CI/BEy2SI9uEtT5MGtlqk7BydzvAX+uJzOb/jS5h
OiSh/eZBis/Q3qM5w1FZsmLlACqB9lHJyOVMVyClx/h4/tEJy3Nwq7SQGv8lovV+
RwH+xQp4TLBj/0yjWw9XkfNzvCYmKcESBUPmctX9H727cGPLUZXzZLcjAR1gWoO1
UAnNRyh64EVefMw0XcgojWKwDHgcGUfitAAnnzgWZuHfcp1vSqqjqtmB5yFl9esd
vQhZEeo/m8qK8TSqWuwS6Ppvtcmk7f912IrVskjoyJXA7ZIJg0Mqhzk+H+hcK11Z
mp5Ky1gL3AGFZ3pIqJAqv8z4DNs=
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:47:01 2026 by rpki-client