Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21190FFEFC3C11F0BEC532EFDAE4EC9C.roa
File: 21190FFEFC3C11F0BEC532EFDAE4EC9C.roa (raw, json)
Hash identifier: vuFJI9ZoTj4Qzmn6X3sEp6t98szmLW95A5KekubcM3U=
Subject key identifier: 93:1B:0C:56:8A:1F:66:FD:2D:50:2C:0C:A8:38:24:7B:C8:7B:13:F0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B71B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21190FFEFC3C11F0BEC532EFDAE4EC9C.roa
Signing time: Wed 28 Jan 2026 11:26:04 +0000
ROA not before: Wed 28 Jan 2026 11:25:58 +0000
ROA not after: Sat 07 Mar 2026 11:25:58 +0000
asID: 151407
IP address blocks: 154.88.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112411 (0x1b71b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 28 11:25:58 2026 GMT
Not After : Mar 7 11:25:58 2026 GMT
Subject: CN=6979f24b-f381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e6:f9:dd:61:49:3a:fc:0f:ec:2e:69:80:ed:
1e:9f:43:60:d5:da:3c:9d:08:42:20:9f:65:ad:87:
64:ec:fd:5c:c3:f7:51:95:df:9e:e8:4c:c6:e9:4d:
dd:9b:68:d9:5a:24:a2:4a:3a:01:42:c2:41:ea:f2:
f6:f6:14:ee:64:34:2b:2c:87:56:15:2f:5c:43:cf:
14:43:61:5a:4e:e0:21:7e:ad:bf:fa:37:a9:ac:69:
01:fa:f9:85:df:3b:70:1c:b0:b7:34:c5:8f:f1:39:
c6:61:32:0c:03:a1:19:e4:8d:5d:ce:17:9f:ce:77:
9b:42:86:f0:e4:b8:80:ac:b5:e7:56:c0:45:64:6f:
76:a2:c3:6e:ec:a1:03:5a:72:a0:b9:6f:2b:74:48:
77:b8:7f:ee:5e:ce:a3:66:49:6a:68:ff:33:d4:3c:
7b:5f:bb:fb:79:f1:f5:56:27:f0:0e:54:6e:3d:6b:
f7:7c:5a:40:74:4d:49:6a:64:89:b4:16:02:b8:6b:
6d:d1:93:c4:7b:ef:52:ae:2e:ec:9b:59:26:69:3d:
64:55:ab:38:30:e1:65:9c:a8:c2:8c:96:ad:ff:e0:
16:e0:47:71:5b:98:eb:20:c8:99:ab:12:d8:45:3b:
93:7b:f8:d2:a8:13:c9:43:84:d5:ff:97:17:4c:d3:
25:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:1B:0C:56:8A:1F:66:FD:2D:50:2C:0C:A8:38:24:7B:C8:7B:13:F0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21190FFEFC3C11F0BEC532EFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.64.0/23
Signature Algorithm: sha256WithRSAEncryption
49:8d:97:d3:70:7a:bd:91:bb:31:87:77:a4:1b:b1:f2:09:c8:
bf:19:f2:d0:57:1b:92:b3:fc:4d:32:15:b4:1a:04:b0:24:5b:
38:d7:b9:5d:db:fb:c4:df:b9:63:ce:e2:4d:b3:a8:cd:9d:34:
4e:47:f7:d3:f4:32:f8:04:8d:04:dd:57:7a:5c:c4:de:67:32:
9d:4f:17:8c:4c:64:03:00:56:89:05:fa:51:cc:eb:3b:7d:b4:
fc:ce:58:ca:ef:32:e2:8d:75:6b:19:d2:ba:6c:4c:57:86:92:
63:d9:d8:0e:e1:fd:40:c7:5a:00:3d:ae:24:51:8b:f6:fd:19:
e8:50:5d:be:a1:98:d1:87:2b:94:cf:f6:c0:eb:7a:f4:d4:3d:
8c:8f:40:19:fd:45:35:75:14:40:c8:83:e1:0c:c6:91:f4:70:
41:b3:f6:b1:26:19:2b:88:39:87:2b:c2:1a:88:0f:5e:6f:c5:
fc:7e:71:85:cb:c3:99:a3:4e:0e:55:2b:83:1a:f2:61:d5:8c:
8a:c2:6b:03:e8:38:94:1d:f3:6d:8c:df:2a:ca:a1:9a:df:1d:
02:c4:0c:06:e8:c0:7c:ce:00:9e:b3:0f:fb:8a:b1:a3:68:c8:
33:2c:82:2c:ac:c0:83:d9:26:e3:fb:69:47:a5:55:21:65:61:
ff:48:97:da
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbcbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMTI4MTEyNTU4WhcNMjYwMzA3MTEyNTU4WjAYMRYw
FAYDVQQDEw02OTc5ZjI0Yi1mMzgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsub53WFJOvwP7C5pgO0en0Ng1do8nQhCIJ9lrYdk7P1cw/dRld+e6EzG
6U3dm2jZWiSiSjoBQsJB6vL29hTuZDQrLIdWFS9cQ88UQ2FaTuAhfq2/+jeprGkB
+vmF3ztwHLC3NMWP8TnGYTIMA6EZ5I1dzhefznebQobw5LiArLXnVsBFZG92osNu
7KEDWnKguW8rdEh3uH/uXs6jZklqaP8z1Dx7X7v7efH1VifwDlRuPWv3fFpAdE1J
amSJtBYCuGtt0ZPEe+9Sri7sm1kmaT1kVas4MOFlnKjCjJat/+AW4EdxW5jrIMiZ
qxLYRTuTe/jSqBPJQ4TV/5cXTNMlvQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJMb
DFaKH2b9LVAsDKg4JHvIexPwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMTE5MEZGRUZDM0MxMUYwQkVDNTMyRUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhAMA0GCSqGSIb3DQEB
CwUAA4IBAQBJjZfTcHq9kbsxh3ekG7HyCci/GfLQVxuSs/xNMhW0GgSwJFs417ld
2/vE37ljzuJNs6jNnTROR/fT9DL4BI0E3Vd6XMTeZzKdTxeMTGQDAFaJBfpRzOs7
fbT8zljK7zLijXVrGdK6bExXhpJj2dgO4f1Ax1oAPa4kUYv2/RnoUF2+oZjRhyuU
z/bA63r01D2Mj0AZ/UU1dRRAyIPhDMaR9HBBs/axJhkriDmHK8IaiA9eb8X8fnGF
y8OZo04OVSuDGvJh1YyKwmsD6DiUHfNtjN8qyqGa3x0CxAwG6MB8zgCesw/7irGj
aMgzLIIsrMCD2Sbj+2lHpVUhZWH/SJfa
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:34:36 2026 by rpki-client