Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00430068067E11F1B17685F4DAE4EC9C.roa
File: 00430068067E11F1B17685F4DAE4EC9C.roa (raw, json)
Hash identifier: PrrjUrqY5irieyaSl/RUqu75zOFd8TcjHZSH+V8DxS8=
Subject key identifier: 4E:A6:2E:CB:73:FC:EC:EA:5B:68:C8:17:40:98:F9:78:1F:65:AB:D2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B911
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00430068067E11F1B17685F4DAE4EC9C.roa
Signing time: Tue 10 Feb 2026 12:42:47 +0000
ROA not before: Tue 10 Feb 2026 12:42:42 +0000
ROA not after: Mon 16 Mar 2026 12:42:42 +0000
asID: 20326
IP address blocks: 154.222.68.0/22 maxlen: 24
154.222.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112913 (0x1b911)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 10 12:42:42 2026 GMT
Not After : Mar 16 12:42:42 2026 GMT
Subject: CN=698b27c7-21c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1c:91:04:eb:4d:8e:12:4f:38:a6:b7:8a:1f:
fd:1d:c9:f9:b3:87:b4:10:de:3a:2c:dc:69:fa:7f:
39:29:5e:fd:c1:c8:ec:29:44:f9:b6:94:0e:e6:42:
ce:38:a6:75:25:9a:d7:35:7e:b6:fe:1e:02:e7:9f:
80:ae:61:02:80:89:3b:aa:6c:95:e2:8e:2d:13:1c:
e6:93:7a:3f:a1:e5:2e:c6:66:6f:b1:47:0a:fc:c8:
ba:13:df:41:e0:52:1c:4c:68:2c:be:e5:fb:af:e4:
ec:80:ea:e8:dd:32:47:72:a3:28:da:c1:33:9e:1d:
22:4e:23:59:66:3d:95:9f:97:a7:0f:14:e2:fc:59:
ba:b9:ac:4b:aa:6d:51:e9:4f:d3:9f:52:55:5b:69:
f8:a1:04:a9:93:a6:4f:1f:eb:a8:7e:1c:31:48:7f:
85:71:3e:b6:9d:3b:5d:ec:62:16:13:42:94:6e:97:
23:54:54:5a:43:50:78:6b:fa:d2:34:e9:38:9c:cc:
4f:7c:5b:fb:28:36:97:df:43:ea:58:41:34:a5:6c:
cf:33:7f:75:23:56:f1:5e:2a:b3:c2:81:df:4f:98:
30:58:ef:0f:11:42:86:bb:d5:80:a3:03:b5:56:ce:
a4:7b:be:35:a8:57:8b:e8:04:f9:e3:1e:26:11:a3:
1f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A6:2E:CB:73:FC:EC:EA:5B:68:C8:17:40:98:F9:78:1F:65:AB:D2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00430068067E11F1B17685F4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.68.0/22
154.222.112.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:a6:51:bb:70:35:d5:87:5f:ad:39:e9:43:3f:be:bc:a8:ba:
0d:3b:93:94:c9:63:68:03:6a:3e:1a:4e:6c:b8:66:4c:97:0f:
ad:78:53:11:3b:6c:dd:fd:dc:2c:de:9c:e3:b3:a9:6f:63:d9:
0f:1e:93:84:e1:ae:43:da:c8:3d:ba:2c:cf:38:c0:b7:15:3b:
97:87:fd:76:ff:83:1a:fa:a0:55:28:98:a5:87:c0:80:83:1d:
cf:da:a2:41:d1:c8:e0:2e:c0:66:53:57:2f:45:55:45:85:71:
be:75:b9:c2:5a:3b:33:fd:d5:36:75:23:46:18:f3:df:ff:b4:
5c:88:67:dd:2e:3a:55:3a:ca:7f:a9:cb:5b:11:75:9b:c3:e5:
af:0f:1f:46:7f:52:70:42:ed:b1:87:7d:dc:83:b0:78:d8:b6:
26:7b:47:8a:32:19:d1:94:25:e9:96:0d:a4:54:26:7e:82:7f:
fa:5d:0d:c9:25:e9:8c:62:aa:f6:4f:8e:c8:b0:1a:ea:b8:ca:
7e:14:ba:9e:9f:2b:6b:df:da:21:2a:d6:e4:d8:e6:82:7b:e5:
7c:5a:ce:f7:c9:55:95:94:a4:d5:13:ea:6a:a9:f9:6a:1a:b6:
5b:77:02:6a:a0:11:25:00:74:c5:3a:c0:1b:b7:a2:19:a3:7e:
ce:77:4b:42
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAbkRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjEwMTI0MjQyWhcNMjYwMzE2MTI0MjQyWjAYMRYw
FAYDVQQDEw02OThiMjdjNy0yMWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwhyRBOtNjhJPOKa3ih/9Hcn5s4e0EN46LNxp+n85KV79wcjsKUT5tpQO
5kLOOKZ1JZrXNX62/h4C55+ArmECgIk7qmyV4o4tExzmk3o/oeUuxmZvsUcK/Mi6
E99B4FIcTGgsvuX7r+TsgOro3TJHcqMo2sEznh0iTiNZZj2Vn5enDxTi/Fm6uaxL
qm1R6U/Tn1JVW2n4oQSpk6ZPH+uofhwxSH+FcT62nTtd7GIWE0KUbpcjVFRaQ1B4
a/rSNOk4nMxPfFv7KDaX30PqWEE0pWzPM391I1bxXiqzwoHfT5gwWO8PEUKGu9WA
owO1Vs6ke741qFeL6AT54x4mEaMfLQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFE6m
Lstz/OzqW2jIF0CY+XgfZavSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMDQzMDA2ODA2N0UxMUYxQjE3Njg1RjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmt5EAwQCmt5wMA0GCSqG
SIb3DQEBCwUAA4IBAQDHplG7cDXVh1+tOelDP768qLoNO5OUyWNoA2o+Gk5suGZM
lw+teFMRO2zd/dws3pzjs6lvY9kPHpOE4a5D2sg9uizPOMC3FTuXh/12/4Ma+qBV
KJilh8CAgx3P2qJB0cjgLsBmU1cvRVVFhXG+dbnCWjsz/dU2dSNGGPPf/7RciGfd
LjpVOsp/qctbEXWbw+WvDx9Gf1JwQu2xh33cg7B42LYme0eKMhnRlCXplg2kVCZ+
gn/6XQ3JJemMYqr2T47IsBrquMp+FLqenytr39ohKtbk2OaCe+V8Ws73yVWVlKTV
E+pqqflqGrZbdwJqoBElAHTFOsAbt6IZo37Od0tC
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:08:31 2026 by rpki-client