Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C222E10A28EB11F1A69FE2E6DAE4EC9C.roa
File: C222E10A28EB11F1A69FE2E6DAE4EC9C.roa (raw, json)
Hash identifier: SBj75xuZJGL5IfQqt9jTzdKqqWbV69vlhy4GCxGeVdU=
Subject key identifier: 65:12:CE:66:D3:88:BA:5A:36:43:F7:34:06:2A:4C:6E:FD:12:74:54
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C0FD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C222E10A28EB11F1A69FE2E6DAE4EC9C.roa
Signing time: Thu 26 Mar 2026 08:14:07 +0000
ROA not before: Thu 26 Mar 2026 08:14:02 +0000
ROA not after: Mon 25 May 2026 08:14:02 +0000
asID: 20326
IP address blocks: 154.193.130.0/24 maxlen: 24
154.193.132.0/24 maxlen: 24
154.193.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 09:22:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114941 (0x1c0fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 26 08:14:02 2026 GMT
Not After : May 25 08:14:02 2026 GMT
Subject: CN=69c4eacf-1092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d6:a0:3f:41:e3:41:53:d0:9c:1b:25:2c:f3:
d4:11:1c:23:56:3f:1f:83:78:74:6b:25:da:d6:3c:
08:2b:9c:a1:de:56:48:4b:67:89:55:be:1a:6f:a6:
ab:6f:ac:a4:34:99:f3:70:f6:46:f2:5c:c3:70:b0:
5e:98:5b:16:d0:3b:61:df:93:2c:2a:e2:f2:9f:66:
d5:a9:c0:7b:07:bb:d6:94:f7:c4:f3:28:3c:cf:b9:
82:2d:7e:38:03:0c:ee:de:d6:9b:c3:d6:56:4d:e6:
c7:91:bf:04:08:38:05:5a:29:17:e2:20:31:43:ae:
28:0c:1a:e5:84:ad:7e:ca:58:9c:d6:5b:f2:15:1b:
b0:9a:ef:fb:e3:d7:af:0c:3e:14:e6:8a:03:4d:17:
e5:fd:a0:0e:50:2b:7d:84:de:e6:71:06:c7:3a:60:
38:8b:5d:dc:d5:20:97:61:16:68:79:dd:0e:87:43:
de:af:07:07:a9:e4:32:23:b0:a1:af:bc:19:12:ea:
19:c1:82:d2:94:ae:01:f1:bc:ac:bc:86:9d:1b:fa:
e3:0f:9f:32:76:3c:fa:fd:c7:d3:c8:71:ba:a3:eb:
30:0b:e8:dd:78:44:75:17:e3:63:90:2a:35:7c:40:
47:8b:e7:6e:bf:e7:98:4b:4e:7d:43:ac:98:0c:4c:
58:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:12:CE:66:D3:88:BA:5A:36:43:F7:34:06:2A:4C:6E:FD:12:74:54
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C222E10A28EB11F1A69FE2E6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.130.0/24
154.193.132.0/24
154.193.163.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:2f:a3:59:47:05:c7:38:68:0d:c2:fc:83:4e:f4:f7:38:ae:
b3:b4:0f:c3:80:23:a1:a6:7f:c7:78:b6:ca:cc:9d:43:93:56:
d1:cf:4c:89:89:f4:f0:62:99:41:0c:16:06:1e:c2:8e:ee:47:
c4:a5:9f:c4:16:d5:d6:ba:67:5d:68:18:c8:40:24:7a:98:e5:
7c:ac:42:98:fa:31:31:11:37:fa:07:84:5b:b2:f3:dd:40:e8:
74:09:45:e5:b9:9a:4d:eb:6e:a8:e8:85:e0:16:48:13:40:4f:
97:42:ba:96:47:b0:d9:bf:9e:9f:69:9b:34:ae:06:5d:bd:27:
9f:1b:b1:4e:30:ab:91:89:c3:e5:78:0a:62:f2:4c:bb:7d:32:
76:15:c7:61:d5:27:e8:31:71:fa:f6:1a:73:29:10:65:79:97:
19:3d:0d:4c:2f:fa:6b:05:fd:6b:8b:c8:3e:6c:1a:1f:a2:ad:
57:08:45:22:f0:49:11:8f:75:ab:dd:2f:1d:cd:0b:5d:67:b3:
fe:74:1f:4d:a0:81:19:f9:d0:7a:2f:74:eb:e5:0b:fa:77:e0:
15:0a:4d:b5:74:48:e0:3b:7c:e9:5b:ac:11:8f:e3:f5:57:74:
13:73:70:d8:d9:3f:b7:ae:66:f1:7f:78:f4:f2:d3:26:57:42:
09:ee:28:d0
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAcD9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI2MDgxNDAyWhcNMjYwNTI1MDgxNDAyWjAYMRYw
FAYDVQQDEw02OWM0ZWFjZi0xMDkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq9agP0HjQVPQnBslLPPUERwjVj8fg3h0ayXa1jwIK5yh3lZIS2eJVb4a
b6arb6ykNJnzcPZG8lzDcLBemFsW0Dth35MsKuLyn2bVqcB7B7vWlPfE8yg8z7mC
LX44Awzu3tabw9ZWTebHkb8ECDgFWikX4iAxQ64oDBrlhK1+ylic1lvyFRuwmu/7
49evDD4U5ooDTRfl/aAOUCt9hN7mcQbHOmA4i13c1SCXYRZoed0Oh0PerwcHqeQy
I7Chr7wZEuoZwYLSlK4B8bysvIadG/rjD58ydjz6/cfTyHG6o+swC+jdeER1F+Nj
kCo1fEBHi+duv+eYS059Q6yYDExYXwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFGUS
zmbTiLpaNkP3NAYqTG79EnRUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMjIyRTEwQTI4RUIxMUYxQTY5RkUyRTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmsGCAwQAmsGEAwQAmsGj
MA0GCSqGSIb3DQEBCwUAA4IBAQA7L6NZRwXHOGgNwvyDTvT3OK6ztA/DgCOhpn/H
eLbKzJ1Dk1bRz0yJifTwYplBDBYGHsKO7kfEpZ/EFtXWumddaBjIQCR6mOV8rEKY
+jExETf6B4RbsvPdQOh0CUXluZpN626o6IXgFkgTQE+XQrqWR7DZv56faZs0rgZd
vSefG7FOMKuRicPleApi8ky7fTJ2Fcdh1SfoMXH69hpzKRBleZcZPQ1ML/prBf1r
i8g+bBofoq1XCEUi8EkRj3Wr3S8dzQtdZ7P+dB9NoIEZ+dB6L3Tr5Qv6d+AVCk21
dEjgO3zpW6wRj+P1V3QTc3DY2T+3rmbxf3j08tMmV0IJ7ijQ
-----END CERTIFICATE-----
Generated at Fri Mar 27 03:20:23 2026 by rpki-client