Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10340B9A00D711F1A56F7CC4DAE4EC9C.roa
File: 10340B9A00D711F1A56F7CC4DAE4EC9C.roa (raw, json)
Hash identifier: 8pWWvNPGAeb1eXilhOGlJ291IG5TKMKPmLOm7xTAu2I=
Subject key identifier: 39:37:01:C2:FF:C8:8A:80:8A:83:C6:B0:EF:B0:A3:36:61:00:F2:E6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B868
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10340B9A00D711F1A56F7CC4DAE4EC9C.roa
Signing time: Tue 03 Feb 2026 08:05:12 +0000
ROA not before: Tue 03 Feb 2026 08:05:06 +0000
ROA not after: Mon 09 Mar 2026 08:05:06 +0000
asID: 48678
IP address blocks: 154.196.1.0/24 maxlen: 24
154.196.12.0/24 maxlen: 24
154.196.14.0/24 maxlen: 24
154.196.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112744 (0x1b868)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 3 08:05:06 2026 GMT
Not After : Mar 9 08:05:06 2026 GMT
Subject: CN=6981ac38-709f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:78:ff:d9:c4:33:5f:1c:07:17:c8:f6:71:9d:
bf:b9:06:e4:e4:f4:87:db:e6:cd:05:cd:69:cf:7e:
6d:0c:bc:fe:51:f4:68:f9:e1:4f:e1:a3:67:de:66:
74:fe:bb:3c:d8:c4:f6:f4:4a:a2:0e:42:fc:18:fa:
4b:2f:d0:6a:0d:aa:f0:bb:9c:a4:78:5c:eb:83:57:
65:7b:e2:da:fd:c5:95:4a:52:1b:0f:93:6a:5a:e9:
67:df:8a:6b:59:d2:04:a2:e9:e5:82:30:9d:7e:ec:
99:94:14:c5:ef:1f:ab:12:32:f2:8a:ee:60:99:5b:
35:61:92:7a:14:0a:f6:1b:9c:74:0e:07:df:67:0a:
05:44:16:1f:ff:b3:89:ff:17:2b:7c:ab:b8:ae:65:
42:3b:b4:54:5f:64:2b:6f:21:b8:f4:db:f9:e4:25:
58:30:ba:69:f5:6c:3c:93:29:1a:25:cd:5f:4b:6c:
87:f7:e1:03:36:54:54:52:03:79:69:6f:60:9a:65:
d3:2e:86:af:9d:7f:93:93:3e:f3:74:9e:5a:1d:b0:
f1:fb:1c:7a:89:d8:33:6c:f2:f2:97:23:fe:e4:b3:
2a:34:3b:b4:76:44:2a:ab:e1:91:83:07:90:fc:fb:
7d:7c:2c:8a:41:4a:65:b3:48:eb:97:32:97:b4:aa:
04:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:37:01:C2:FF:C8:8A:80:8A:83:C6:B0:EF:B0:A3:36:61:00:F2:E6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10340B9A00D711F1A56F7CC4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.1.0/24
154.196.12.0/24
154.196.14.0/24
154.196.92.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:76:35:6b:7f:46:74:06:1f:9d:03:19:17:81:a1:49:73:14:
16:19:f2:48:fa:7d:6b:bb:10:2e:3d:fb:93:9f:68:70:51:ee:
cf:fd:fb:25:46:c3:e1:cd:be:2d:42:27:34:97:c6:49:27:ac:
eb:74:d0:3b:8b:23:41:47:fc:61:52:25:08:b4:d0:a0:78:0a:
d9:21:9a:8d:04:0e:c1:45:7a:0e:f3:f2:34:f4:53:7e:a1:34:
e7:22:21:c3:f8:40:56:0e:e1:75:1b:50:de:70:ea:af:fe:5e:
4c:cc:27:67:bf:0b:19:19:02:01:d0:bd:9f:1d:8e:c3:f5:01:
d0:4f:46:be:6f:ea:ed:62:e6:42:5a:76:b8:db:32:12:8b:8d:
a0:aa:32:7b:4d:22:b3:28:3f:bb:11:e6:34:ba:0d:1b:f4:96:
b0:b3:a3:bc:24:ff:05:74:51:32:6b:e9:4c:7a:ba:a0:9f:8b:
09:2f:17:1e:5d:cb:96:33:0c:89:cb:29:55:2a:88:23:5b:8d:
f6:f6:59:e5:8a:b0:7b:f1:9f:41:21:de:b4:58:32:a7:b0:a5:
80:b2:a9:9f:98:9f:f8:c0:4f:1e:94:31:b2:1f:a5:fe:a1:6e:
0c:40:3c:c5:84:b6:6b:9e:77:f0:26:c5:29:48:2d:58:31:56:
e2:68:af:6e
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAbhoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjAzMDgwNTA2WhcNMjYwMzA5MDgwNTA2WjAYMRYw
FAYDVQQDEw02OTgxYWMzOC03MDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvnj/2cQzXxwHF8j2cZ2/uQbk5PSH2+bNBc1pz35tDLz+UfRo+eFP4aNn
3mZ0/rs82MT29EqiDkL8GPpLL9BqDarwu5ykeFzrg1dle+La/cWVSlIbD5NqWuln
34prWdIEounlgjCdfuyZlBTF7x+rEjLyiu5gmVs1YZJ6FAr2G5x0DgffZwoFRBYf
/7OJ/xcrfKu4rmVCO7RUX2QrbyG49Nv55CVYMLpp9Ww8kykaJc1fS2yH9+EDNlRU
UgN5aW9gmmXTLoavnX+Tkz7zdJ5aHbDx+xx6idgzbPLylyP+5LMqNDu0dkQqq+GR
gweQ/Pt9fCyKQUpls0jrlzKXtKoENwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFDk3
AcL/yIqAioPGsO+wozZhAPLmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMDM0MEI5QTAwRDcxMUYxQTU2RjdDQzREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAmsQBAwQAmsQMAwQAmsQO
AwQAmsRcMA0GCSqGSIb3DQEBCwUAA4IBAQCxdjVrf0Z0Bh+dAxkXgaFJcxQWGfJI
+n1ruxAuPfuTn2hwUe7P/fslRsPhzb4tQic0l8ZJJ6zrdNA7iyNBR/xhUiUItNCg
eArZIZqNBA7BRXoO8/I09FN+oTTnIiHD+EBWDuF1G1DecOqv/l5MzCdnvwsZGQIB
0L2fHY7D9QHQT0a+b+rtYuZCWna42zISi42gqjJ7TSKzKD+7EeY0ug0b9Jaws6O8
JP8FdFEya+lMerqgn4sJLxceXcuWMwyJyylVKogjW4329lnlirB78Z9BId60WDKn
sKWAsqmfmJ/4wE8elDGyH6X+oW4MQDzFhLZrnnfwJsUpSC1YMVbiaK9u
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:17:36 2026 by rpki-client