Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC753C4827B211F1896E76BADAE4EC9C.roa
File: AC753C4827B211F1896E76BADAE4EC9C.roa (raw, json)
Hash identifier: YN8bjVUuaFcFHH3a7AgJscyOitcRwMdJBT7Giwi9zM8=
Subject key identifier: ED:9C:BA:50:20:BC:A9:29:25:15:45:78:95:3A:D4:52:91:F6:F8:F4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C0C3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC753C4827B211F1896E76BADAE4EC9C.roa
Signing time: Tue 24 Mar 2026 18:52:58 +0000
ROA not before: Tue 24 Mar 2026 18:52:53 +0000
ROA not after: Thu 30 Apr 2026 18:52:53 +0000
asID: 401701
IP address blocks: 154.201.64.0/19 maxlen: 24
154.201.94.0/23 maxlen: 24
154.201.94.0/24 maxlen: 24
154.201.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114883 (0x1c0c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 24 18:52:53 2026 GMT
Not After : Apr 30 18:52:53 2026 GMT
Subject: CN=69c2dd8a-76cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d1:bd:68:47:c8:8c:4e:a8:75:73:2e:2e:1e:
b0:be:f2:d3:15:e9:4e:77:79:68:45:18:82:c2:fc:
bb:56:a0:64:e1:e5:61:0b:7b:e7:cd:68:db:aa:28:
4f:cf:9c:75:86:41:58:99:cb:6d:84:0f:05:4b:38:
c0:bb:ab:02:56:79:50:0d:50:17:52:c4:8f:84:03:
c4:5b:3c:96:89:b9:d7:2f:7d:e0:0b:ec:b7:3b:33:
2e:ee:db:1e:3c:38:59:be:99:97:b3:93:5d:36:6d:
9d:71:71:28:50:61:e9:74:5f:96:ca:58:be:c9:c8:
b3:c0:36:00:88:67:c0:e7:65:18:d6:1f:f5:d6:7a:
20:45:4f:fc:bd:5d:5b:59:5a:46:d4:7f:f7:50:31:
28:06:4a:3e:6d:98:a5:c1:6c:05:37:4c:ef:f3:d6:
1a:9f:93:ee:dc:6c:d3:6a:da:ae:42:be:06:7e:de:
7f:7c:d9:04:ed:ee:29:41:28:ea:73:d1:c5:0a:d4:
10:fc:86:2f:e3:26:20:90:fa:6e:6d:1b:5d:e9:3b:
46:1f:7e:a5:ce:0a:92:82:c0:65:ad:6f:52:0c:65:
66:0d:fc:59:66:5d:75:93:9d:d2:a1:f7:fa:a4:bb:
30:a3:cb:58:0c:51:a9:17:ca:3d:f2:df:f0:8b:5b:
9d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9C:BA:50:20:BC:A9:29:25:15:45:78:95:3A:D4:52:91:F6:F8:F4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC753C4827B211F1896E76BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
11:56:bb:6c:5f:58:45:2a:6f:0c:08:a4:fb:f5:e1:2f:3a:74:
d6:64:bb:b8:04:c8:48:14:ea:e2:66:de:6b:96:7b:58:82:bd:
87:46:5c:bf:5f:95:12:5d:8c:08:c7:cb:58:f7:33:ea:a2:73:
e1:ee:1b:e1:05:33:39:9c:f4:2a:b3:b7:7b:19:d5:b0:76:ce:
1e:a4:4c:78:cb:71:5e:99:8e:aa:86:85:8e:e8:07:42:d1:a7:
9e:72:64:86:70:0d:00:94:92:5a:20:38:34:42:86:23:92:d4:
03:86:5a:38:53:10:c1:39:85:39:7e:03:8d:57:eb:25:02:33:
0b:5c:29:78:0f:f3:0e:3f:78:ca:3c:0d:df:63:62:d5:7f:1c:
e3:5e:82:49:8b:c5:f3:6f:71:93:5e:09:1d:2c:84:57:c3:af:
d9:91:68:e7:e4:76:10:5f:bc:af:00:97:e8:8e:1e:8a:43:5d:
c0:ab:25:26:bf:96:78:98:a8:f1:88:b7:00:24:19:32:03:5d:
9d:53:bb:5a:d6:b8:5b:97:2a:53:c6:73:ea:cc:81:53:dc:8f:
f5:6c:16:79:bd:d1:12:7f:c9:9a:bb:41:99:06:31:83:5f:21:
20:25:08:dc:e9:0e:07:66:f3:2a:dd:63:90:cf:b2:73:0f:c7:
57:61:af:1d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcDDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI0MTg1MjUzWhcNMjYwNDMwMTg1MjUzWjAYMRYw
FAYDVQQDEw02OWMyZGQ4YS03NmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq9G9aEfIjE6odXMuLh6wvvLTFelOd3loRRiCwvy7VqBk4eVhC3vnzWjb
qihPz5x1hkFYmctthA8FSzjAu6sCVnlQDVAXUsSPhAPEWzyWibnXL33gC+y3OzMu
7tsePDhZvpmXs5NdNm2dcXEoUGHpdF+Wyli+ycizwDYAiGfA52UY1h/11nogRU/8
vV1bWVpG1H/3UDEoBko+bZilwWwFN0zv89Yan5Pu3GzTatquQr4Gft5/fNkE7e4p
QSjqc9HFCtQQ/IYv4yYgkPpubRtd6TtGH36lzgqSgsBlrW9SDGVmDfxZZl11k53S
off6pLswo8tYDFGpF8o98t/wi1udYQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO2c
ulAgvKkpJRVFeJU61FKR9vj0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQzc1M0M0ODI3QjIxMUYxODk2RTc2QkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQARVrtsX1hFKm8MCKT79eEvOnTWZLu4BMhIFOriZt5rlntYgr2HRly/
X5USXYwIx8tY9zPqonPh7hvhBTM5nPQqs7d7GdWwds4epEx4y3FemY6qhoWO6AdC
0aeecmSGcA0AlJJaIDg0QoYjktQDhlo4UxDBOYU5fgONV+slAjMLXCl4D/MOP3jK
PA3fY2LVfxzjXoJJi8Xzb3GTXgkdLIRXw6/ZkWjn5HYQX7yvAJfojh6KQ13AqyUm
v5Z4mKjxiLcAJBkyA12dU7ta1rhblypTxnPqzIFT3I/1bBZ5vdESf8mau0GZBjGD
XyEgJQjc6Q4HZvMq3WOQz7JzD8dXYa8d
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:02:23 2026 by rpki-client