Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06A88DCE124011F1B87E47BDDAE4EC9C.roa
File: 06A88DCE124011F1B87E47BDDAE4EC9C.roa (raw, json)
Hash identifier: spVrkLBhi594WyYhPsv5xnivivyaInuUzjzR7pq7m+A=
Subject key identifier: 01:42:C4:2C:C3:18:6C:21:D4:F2:ED:E4:03:98:74:A5:10:A4:90:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BBBB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06A88DCE124011F1B87E47BDDAE4EC9C.roa
Signing time: Wed 25 Feb 2026 11:49:22 +0000
ROA not before: Wed 25 Feb 2026 11:49:16 +0000
ROA not after: Wed 01 Apr 2026 11:49:16 +0000
asID: 49981
IP address blocks: 154.193.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113595 (0x1bbbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 25 11:49:16 2026 GMT
Not After : Apr 1 11:49:16 2026 GMT
Subject: CN=699ee1c2-4c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e7:d5:f0:d7:f9:84:58:a0:a2:75:12:14:01:
fd:3a:09:f4:9f:cc:e5:fb:ac:08:18:40:21:c6:bd:
35:77:83:d1:74:79:46:99:89:5f:12:14:b8:30:39:
9c:a7:bb:75:41:bc:84:75:39:d9:c8:24:e3:36:43:
c8:ff:b6:23:ae:f6:e2:24:bd:48:31:c0:bf:c1:09:
fd:f9:33:1e:2e:c3:48:b1:51:3a:83:81:07:3c:63:
71:05:12:9c:86:70:27:e4:78:f6:1c:b6:77:fd:88:
47:ec:77:e1:b1:35:ef:96:b2:e0:2d:53:15:ab:72:
ff:27:45:b7:2d:76:51:2b:25:99:eb:77:f8:34:27:
f8:0d:c8:0d:97:19:34:3e:d5:23:9f:57:f7:97:de:
bd:af:1e:1b:28:c3:2a:ce:fe:49:73:fb:39:96:3e:
67:48:19:2e:c8:b6:7e:92:0b:7b:04:21:67:7d:49:
40:0e:63:f5:80:7f:64:b6:97:3b:bf:1c:c3:cd:1a:
8e:41:ad:dd:a1:34:f8:61:fd:c8:47:52:68:e2:c1:
c9:72:ce:76:33:dd:5c:81:25:77:f8:00:02:87:23:
69:80:c1:ef:a1:fc:e6:1f:37:5a:65:4e:5e:dd:8c:
a9:d3:6d:80:a4:fc:8b:37:42:aa:d2:0b:2a:28:ab:
4c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:42:C4:2C:C3:18:6C:21:D4:F2:ED:E4:03:98:74:A5:10:A4:90:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06A88DCE124011F1B87E47BDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.129.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:09:bd:5e:fc:28:0c:25:24:0e:0a:9f:32:aa:96:61:0c:87:
af:f6:17:cd:77:b8:cd:fc:ab:1d:64:f5:9b:78:16:c2:f0:cd:
5d:55:3f:be:22:03:68:02:ac:55:77:dc:e0:e0:85:57:98:07:
61:31:29:74:38:a5:dd:c5:cf:2a:d7:ac:48:b1:d7:6b:e3:44:
8b:09:87:25:3d:61:c8:75:89:ea:63:c8:5f:ad:f4:18:28:a5:
13:d6:be:42:1a:f3:cb:d8:3c:19:d5:9c:50:48:47:b8:ba:44:
ab:1b:f7:89:6d:0d:a0:2a:ad:52:20:69:1e:27:ca:71:f7:d2:
d0:10:22:87:d2:8a:28:b5:6b:c7:a1:cd:2d:ab:b1:72:f1:48:
1a:c8:0d:6f:c5:84:be:58:c9:dd:1f:a0:79:79:77:c8:08:bb:
65:fe:6b:97:d2:6b:11:4a:b9:82:7e:7c:12:99:e6:19:d4:96:
75:cf:d3:fe:0d:ad:67:d7:a3:99:9f:79:0a:98:a3:79:1b:10:
9f:77:2e:5b:d5:1a:12:0c:a3:29:91:31:fc:02:02:cc:ef:26:
ce:c0:44:08:47:48:80:d6:a0:f2:c7:db:f8:8d:f3:97:7c:2e:
6f:7c:ef:de:48:b3:c1:7b:6d:f2:9c:60:c8:d4:f9:ab:7d:c4:
0c:af:93:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbu7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI1MTE0OTE2WhcNMjYwNDAxMTE0OTE2WjAYMRYw
FAYDVQQDEw02OTllZTFjMi00Yzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0efV8Nf5hFigonUSFAH9Ogn0n8zl+6wIGEAhxr01d4PRdHlGmYlfEhS4
MDmcp7t1QbyEdTnZyCTjNkPI/7YjrvbiJL1IMcC/wQn9+TMeLsNIsVE6g4EHPGNx
BRKchnAn5Hj2HLZ3/YhH7HfhsTXvlrLgLVMVq3L/J0W3LXZRKyWZ63f4NCf4DcgN
lxk0PtUjn1f3l969rx4bKMMqzv5Jc/s5lj5nSBkuyLZ+kgt7BCFnfUlADmP1gH9k
tpc7vxzDzRqOQa3doTT4Yf3IR1Jo4sHJcs52M91cgSV3+AAChyNpgMHvofzmHzda
ZU5e3Yyp022ApPyLN0Kq0gsqKKtMCQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAFC
xCzDGGwh1PLt5AOYdKUQpJDgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNkE4OERDRTEyNDAxMUYxQjg3RTQ3QkREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGBMA0GCSqGSIb3DQEB
CwUAA4IBAQDPCb1e/CgMJSQOCp8yqpZhDIev9hfNd7jN/KsdZPWbeBbC8M1dVT++
IgNoAqxVd9zg4IVXmAdhMSl0OKXdxc8q16xIsddr40SLCYclPWHIdYnqY8hfrfQY
KKUT1r5CGvPL2DwZ1ZxQSEe4ukSrG/eJbQ2gKq1SIGkeJ8px99LQECKH0oootWvH
oc0tq7Fy8UgayA1vxYS+WMndH6B5eXfICLtl/muX0msRSrmCfnwSmeYZ1JZ1z9P+
Da1n16OZn3kKmKN5GxCfdy5b1RoSDKMpkTH8AgLM7ybOwEQIR0iA1qDyx9v4jfOX
fC5vfO/eSLPBe23ynGDI1PmrfcQMr5M/
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:04:34 2026 by rpki-client