Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17A69C3CFE8211F08B7CE8E9DAE4EC9C.roa
File: 17A69C3CFE8211F08B7CE8E9DAE4EC9C.roa (raw, json)
Hash identifier: mwTQr0y1DJJ2Lh4QKRqmkp6xUlt0YDa2+9EZI5Pcns4=
Subject key identifier: 25:3E:1C:9C:EC:56:3D:B2:4C:76:3E:09:74:D9:24:02:C6:63:EF:52
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B7CC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17A69C3CFE8211F08B7CE8E9DAE4EC9C.roa
Signing time: Sat 31 Jan 2026 08:51:54 +0000
ROA not before: Sat 31 Jan 2026 08:51:50 +0000
ROA not after: Sun 08 Mar 2026 08:51:50 +0000
asID: 202656
IP address blocks: 154.219.228.0/24 maxlen: 24
154.219.229.0/24 maxlen: 24
154.219.231.0/24 maxlen: 24
154.219.233.0/24 maxlen: 24
154.219.234.0/24 maxlen: 24
154.219.235.0/24 maxlen: 24
154.219.236.0/24 maxlen: 24
154.219.249.0/24 maxlen: 24
154.221.52.0/24 maxlen: 24
154.222.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112588 (0x1b7cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 31 08:51:50 2026 GMT
Not After : Mar 8 08:51:50 2026 GMT
Subject: CN=697dc2aa-e7a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cb:ca:22:46:1a:1f:c4:f2:3c:eb:e0:05:37:
ea:2f:f5:61:0f:ab:fc:61:cf:32:cd:80:29:d8:f2:
92:8d:8c:c8:dc:11:23:29:9a:e9:db:dc:26:55:c6:
d8:7a:52:c0:80:7a:a9:db:2a:5d:f9:bb:b2:98:99:
28:13:59:86:8a:89:5d:74:95:cf:fb:23:96:20:f1:
0b:58:55:78:64:7b:e6:0e:45:00:93:dd:73:3e:6d:
02:9e:e7:18:96:88:80:a4:e7:8a:33:99:77:15:f7:
cd:df:14:ab:af:6f:7d:3e:b0:14:68:c4:1c:ff:41:
57:ec:08:80:03:e7:b9:98:d1:d5:31:8c:0f:00:a2:
d7:b3:fe:8e:19:6d:4b:ad:f4:8f:ef:bc:11:81:d4:
5e:87:d4:3e:87:af:6a:39:93:ac:93:c4:32:f1:a8:
dc:eb:e9:06:11:c7:30:29:b9:4f:19:b1:a2:0e:af:
7d:ae:8c:89:73:cb:3e:5b:37:83:83:23:c0:ac:98:
06:53:33:5b:f1:34:82:0e:02:4d:f3:b9:73:d3:a2:
39:12:2b:cc:c4:d2:78:91:21:01:de:f8:a5:26:fd:
72:b6:5d:e7:ca:d1:38:13:4e:85:f1:73:32:dc:e9:
97:7a:fe:86:31:74:5a:9d:55:66:fe:d8:3b:1f:7a:
fe:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:3E:1C:9C:EC:56:3D:B2:4C:76:3E:09:74:D9:24:02:C6:63:EF:52
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17A69C3CFE8211F08B7CE8E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.228.0/23
154.219.231.0/24
154.219.233.0-154.219.236.255
154.219.249.0/24
154.221.52.0/24
154.222.197.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:dc:89:ce:55:31:a3:63:28:8c:5b:87:85:0c:a7:08:6b:0f:
3b:c4:00:85:e7:47:67:bd:3f:06:fd:59:5d:73:ff:01:af:a7:
9a:ef:df:ff:bf:07:f7:fe:b8:7c:92:74:ba:d4:80:86:6d:c9:
f4:14:0a:d5:00:9a:f2:a6:81:40:35:c2:fa:f5:67:55:bc:59:
dd:1a:32:7e:47:85:9e:3e:1c:09:08:52:c8:8c:c2:02:5e:20:
8e:5a:01:27:3d:fd:65:72:51:a5:40:f7:c6:ab:3d:22:f2:4b:
60:40:69:eb:df:91:89:7a:12:ac:e8:a2:ac:3e:76:7d:17:23:
ab:af:a3:b4:18:ab:fd:51:7a:0e:0e:95:f5:39:d4:4e:66:ca:
98:bb:50:d7:08:c8:53:26:c7:f0:2f:d5:f8:ad:1a:24:4e:e5:
2c:88:b2:fe:55:e0:16:07:9b:1b:9c:3c:26:17:27:95:06:94:
ed:84:4d:f9:cc:43:b1:11:db:e5:20:f3:d3:0f:87:80:c1:d4:
fe:0d:0b:f9:1a:7c:60:5a:08:6a:71:de:5e:09:e9:71:83:72:
cd:37:3c:5f:62:65:91:e6:4e:3f:62:7b:98:d3:20:46:93:6f:
69:d1:05:9d:b3:bc:20:57:b1:e4:ca:4d:a1:be:ed:3f:3e:f3:
f6:96:4d:80
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAbfMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMTMxMDg1MTUwWhcNMjYwMzA4MDg1MTUwWjAYMRYw
FAYDVQQDEw02OTdkYzJhYS1lN2E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvcvKIkYaH8TyPOvgBTfqL/VhD6v8Yc8yzYAp2PKSjYzI3BEjKZrp29wm
VcbYelLAgHqp2ypd+buymJkoE1mGiolddJXP+yOWIPELWFV4ZHvmDkUAk91zPm0C
nucYloiApOeKM5l3FffN3xSrr299PrAUaMQc/0FX7AiAA+e5mNHVMYwPAKLXs/6O
GW1LrfSP77wRgdReh9Q+h69qOZOsk8Qy8ajc6+kGEccwKblPGbGiDq99royJc8s+
WzeDgyPArJgGUzNb8TSCDgJN87lz06I5EivMxNJ4kSEB3vilJv1ytl3nytE4E06F
8XMy3OmXev6GMXRanVVm/tg7H3r+mwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFCU+
HJzsVj2yTHY+CXTZJALGY+9SMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xN0E2OUMzQ0ZFODIxMUYwOEI3Q0U4RTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBmtvkAwQAmtvnMAwDBACa
2+kDBACa2+wDBACa2/kDBACa3TQDBACa3sUwDQYJKoZIhvcNAQELBQADggEBAH/c
ic5VMaNjKIxbh4UMpwhrDzvEAIXnR2e9Pwb9WV1z/wGvp5rv3/+/B/f+uHySdLrU
gIZtyfQUCtUAmvKmgUA1wvr1Z1W8Wd0aMn5HhZ4+HAkIUsiMwgJeII5aASc9/WVy
UaVA98arPSLyS2BAaevfkYl6Eqzooqw+dn0XI6uvo7QYq/1Reg4OlfU51E5mypi7
UNcIyFMmx/Av1fitGiRO5SyIsv5V4BYHmxucPCYXJ5UGlO2ETfnMQ7ER2+Ug89MP
h4DB1P4NC/kafGBaCGpx3l4J6XGDcs03PF9iZZHmTj9ie5jTIEaTb2nRBZ2zvCBX
seTKTaG+7T8+8/aWTYA=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:07:04 2026 by rpki-client