Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F868B24159E11F1B8F163DCDAE4EC9C.roa
File: 0F868B24159E11F1B8F163DCDAE4EC9C.roa (raw, json)
Hash identifier: cpVZygkRVpsgiT+XgCrLAm6HuYSHBii7AS4Kccb4kCc=
Subject key identifier: 67:30:19:77:89:78:F5:BF:9E:FE:D7:C8:45:4F:3F:A7:3A:7D:39:2C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BCA4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F868B24159E11F1B8F163DCDAE4EC9C.roa
Signing time: Sun 01 Mar 2026 18:40:03 +0000
ROA not before: Sun 01 Mar 2026 18:39:59 +0000
ROA not after: Sun 05 Apr 2026 18:39:59 +0000
asID: 202656
IP address blocks: 154.219.237.0/24 maxlen: 24
154.219.238.0/24 maxlen: 24
154.219.239.0/24 maxlen: 24
154.219.240.0/24 maxlen: 24
154.219.241.0/24 maxlen: 24
154.219.242.0/24 maxlen: 24
154.219.243.0/24 maxlen: 24
154.219.244.0/24 maxlen: 24
154.219.248.0/24 maxlen: 24
154.221.50.0/24 maxlen: 24
154.221.51.0/24 maxlen: 24
154.222.200.0/24 maxlen: 24
154.222.201.0/24 maxlen: 24
154.222.202.0/24 maxlen: 24
154.222.203.0/24 maxlen: 24
154.222.204.0/24 maxlen: 24
154.222.205.0/24 maxlen: 24
154.222.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113828 (0x1bca4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 18:39:59 2026 GMT
Not After : Apr 5 18:39:59 2026 GMT
Subject: CN=69a48803-b178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:06:78:5b:18:28:3e:b4:6f:4d:44:0a:2e:26:
07:ea:a5:44:0a:34:34:3a:c9:0d:1d:4c:63:8a:dd:
f4:3a:3b:b3:f3:45:62:b0:25:8d:a1:0b:b9:bd:37:
d1:66:cd:45:dd:6e:6e:fc:d1:a7:56:fa:50:10:8e:
5b:28:2e:54:80:54:d3:c0:9b:6d:2d:0b:2b:51:84:
7c:f7:3f:4a:a7:5e:08:b6:3e:a2:55:19:a7:36:02:
1b:60:6c:a3:93:03:6c:eb:da:dd:b2:55:c6:c1:a0:
1c:1a:44:9d:a1:6a:2c:4e:ad:41:b3:0b:7e:69:74:
be:a4:37:b6:2d:d0:82:de:06:86:de:e5:3b:43:03:
b7:dc:4c:f9:85:3e:12:b7:8a:8d:b6:fc:67:4a:41:
b2:f8:b5:2c:11:6f:e5:a9:96:0a:5e:90:95:9b:38:
0d:67:b5:83:f3:5d:fc:b2:a5:ea:b8:a7:95:20:83:
17:24:bd:5e:b1:49:97:b1:bc:01:82:ab:9a:15:d5:
3a:c2:5a:0f:24:30:08:42:63:83:80:b3:d0:8f:64:
12:1a:99:08:3e:91:3d:d3:c9:33:3a:ab:b2:1b:27:
51:a8:a4:c4:d2:71:05:34:71:e6:ef:92:98:67:88:
96:ce:38:06:eb:33:b2:19:70:6f:76:30:d2:8b:87:
97:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:30:19:77:89:78:F5:BF:9E:FE:D7:C8:45:4F:3F:A7:3A:7D:39:2C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F868B24159E11F1B8F163DCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.237.0-154.219.244.255
154.219.248.0/24
154.221.50.0/23
154.222.200.0-154.222.206.255
Signature Algorithm: sha256WithRSAEncryption
7d:04:1c:ef:47:35:3c:a5:9f:e1:26:d2:54:33:c2:17:3e:23:
e6:24:34:a4:08:5c:14:5f:2d:0f:ba:20:99:de:1e:8c:62:c5:
49:db:6f:a8:5e:83:f2:d1:60:96:26:94:4c:13:57:95:86:ed:
8b:60:7b:f4:5c:b8:75:e9:ff:a9:31:21:64:a3:3b:f6:78:32:
6b:6e:1f:01:ab:8b:aa:94:ba:3b:86:0b:fd:0e:b3:59:63:4e:
49:0d:d6:70:fd:b1:50:eb:46:a7:24:20:78:09:04:e2:ab:67:
6e:f3:b1:d5:f4:4e:78:84:32:d7:1d:db:ff:74:f2:44:96:7a:
49:74:4c:cf:a7:a5:59:3f:5f:dc:f2:67:05:64:0c:c2:1d:15:
e2:09:ef:52:43:21:f8:b6:ba:b3:21:d6:1a:a4:20:9b:85:fa:
02:e7:2b:fd:e0:4c:92:f6:9c:61:fe:19:40:8f:1d:51:4a:e1:
9c:49:28:24:ba:d9:21:b0:1f:4a:e6:5c:07:7d:55:fb:51:b8:
92:85:2a:4e:f7:e6:45:a0:cb:a4:e4:a6:fc:bd:52:08:17:d6:
5d:3b:6f:b1:46:e4:97:19:ed:c6:9e:e4:77:f6:cc:74:42:00:
f5:a7:11:0a:2c:51:0a:a2:67:81:ed:05:87:d1:c4:33:6a:4b:
5b:f8:1b:01
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAbykMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzAxMTgzOTU5WhcNMjYwNDA1MTgzOTU5WjAYMRYw
FAYDVQQDEw02OWE0ODgwMy1iMTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0gZ4WxgoPrRvTUQKLiYH6qVECjQ0OskNHUxjit30Ojuz80VisCWNoQu5
vTfRZs1F3W5u/NGnVvpQEI5bKC5UgFTTwJttLQsrUYR89z9Kp14Itj6iVRmnNgIb
YGyjkwNs69rdslXGwaAcGkSdoWosTq1Bswt+aXS+pDe2LdCC3gaG3uU7QwO33Ez5
hT4St4qNtvxnSkGy+LUsEW/lqZYKXpCVmzgNZ7WD8138sqXquKeVIIMXJL1esUmX
sbwBgquaFdU6wloPJDAIQmODgLPQj2QSGpkIPpE908kzOquyGydRqKTE0nEFNHHm
75KYZ4iWzjgG6zOyGXBvdjDSi4eXgwIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFGcw
GXeJePW/nv7XyEVPP6c6fTksMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRjg2OEIyNDE1OUUxMUYxQjhGMTYzRENEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBACa2+0DBACa2/QDBACa
2/gDBAGa3TIwDAMEA5reyAMEAJrezjANBgkqhkiG9w0BAQsFAAOCAQEAfQQc70c1
PKWf4SbSVDPCFz4j5iQ0pAhcFF8tD7ogmd4ejGLFSdtvqF6D8tFgliaUTBNXlYbt
i2B79Fy4den/qTEhZKM79ngya24fAauLqpS6O4YL/Q6zWWNOSQ3WcP2xUOtGpyQg
eAkE4qtnbvOx1fROeIQy1x3b/3TyRJZ6SXRMz6elWT9f3PJnBWQMwh0V4gnvUkMh
+La6syHWGqQgm4X6Aucr/eBMkvacYf4ZQI8dUUrhnEkoJLrZIbAfSuZcB31V+1G4
koUqTvfmRaDLpOSm/L1SCBfWXTtvsUbklxntxp7kd/bMdEIA9acRCixRCqJnge0F
h9HEM2pLW/gbAQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:00:04 2026 by rpki-client