Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25C33DBE0E9711F1B59E9CB8DAE4EC9C.roa
File: 25C33DBE0E9711F1B59E9CB8DAE4EC9C.roa (raw, json)
Hash identifier: 4hCs1kt8xPNy6FYP0ISpwj0yLKaDsrCxT0HWDsVW/k4=
Subject key identifier: C6:8F:1C:E8:80:22:8E:0B:97:E8:EE:28:D8:CB:86:F5:38:AE:9D:99
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BAB4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25C33DBE0E9711F1B59E9CB8DAE4EC9C.roa
Signing time: Fri 20 Feb 2026 20:02:56 +0000
ROA not before: Fri 20 Feb 2026 20:02:52 +0000
ROA not after: Thu 04 Jun 2026 20:02:52 +0000
asID: 139490
IP address blocks: 154.209.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113332 (0x1bab4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 20 20:02:52 2026 GMT
Not After : Jun 4 20:02:52 2026 GMT
Subject: CN=6998bdf0-7ba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e9:4a:1e:1f:b1:79:f1:de:b1:6b:4d:a8:c0:
7f:b1:56:b9:b5:2e:cf:49:3c:d5:40:de:3a:b3:83:
29:72:3e:81:6b:23:fd:3c:f2:51:b9:33:9b:27:bb:
4f:7a:41:55:fc:c7:58:c3:2b:ec:e5:28:43:78:47:
c9:b2:7a:02:65:9c:d8:2f:0c:9a:15:5f:a0:44:cd:
51:0d:53:64:84:ac:cf:fc:f5:41:d0:63:a2:76:3b:
02:44:31:fe:9f:5c:08:3f:85:00:ce:91:14:cf:12:
6b:d0:af:0b:22:4c:dd:64:e3:e3:44:43:9f:54:4f:
b9:4c:83:cc:26:3b:58:57:a7:dd:2f:e3:6c:f9:9d:
56:53:94:35:f5:9e:75:65:1f:67:51:6a:42:4b:04:
e5:33:63:09:ec:49:a0:02:68:5e:15:bb:2f:f6:ee:
27:76:c6:e9:8f:7f:66:25:21:c2:23:e4:45:e3:49:
3d:33:fe:29:3f:fc:a1:b4:62:c4:8e:fe:34:88:e3:
b2:4c:e8:82:9c:14:ab:7d:5f:22:35:2b:e6:2c:1e:
ac:a5:44:8d:54:4d:ae:48:10:05:8b:68:36:9e:3f:
ea:a8:a7:7a:45:99:41:cd:79:74:c1:b5:2e:76:92:
61:45:86:11:bb:d5:cf:99:e1:93:32:9d:86:4d:00:
62:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8F:1C:E8:80:22:8E:0B:97:E8:EE:28:D8:CB:86:F5:38:AE:9D:99
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25C33DBE0E9711F1B59E9CB8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.255.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:8b:8c:5c:9b:d4:1e:ba:04:01:3e:25:7d:81:51:bb:34:97:
3a:de:94:d7:bd:45:a2:64:0c:bd:ab:7f:8e:66:30:03:b3:27:
5d:0b:24:d5:1d:71:ec:0e:32:6f:1b:6d:4a:8c:c3:eb:2b:1b:
1d:ea:09:d4:b6:b7:60:51:64:8f:63:f4:fe:80:6a:8d:3b:66:
fd:3c:22:36:b0:1b:bd:ff:bd:3a:17:b5:31:03:68:c0:88:67:
16:16:3d:eb:d7:4a:3a:37:6f:ff:ba:72:53:16:b2:52:3f:b8:
b0:da:e1:53:89:0d:d7:e8:93:64:79:29:8d:dd:8f:53:58:ea:
d8:56:93:61:2d:a1:b3:95:ad:74:40:ff:bf:26:06:5c:70:cb:
d3:4a:b6:44:ea:bb:fd:8a:71:b5:63:be:bf:de:f4:ee:71:5e:
d7:f8:59:ef:c9:9a:91:ee:7e:95:dd:5d:18:47:2e:26:d6:ad:
a9:9c:96:a7:d5:82:57:ed:58:b4:12:8d:77:5e:a2:43:ea:da:
6c:16:90:7e:3d:07:18:fa:cb:05:42:7c:95:13:a0:10:20:14:
c5:62:d9:3d:bc:2e:ac:6e:8e:c9:4d:59:d3:ef:c4:d5:dd:9e:
15:89:23:ad:2a:fa:a6:ad:2f:b7:79:1f:3e:cc:c4:d8:d1:ba:
af:68:25:7c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbq0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjIwMjAwMjUyWhcNMjYwNjA0MjAwMjUyWjAYMRYw
FAYDVQQDEw02OTk4YmRmMC03YmEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5OlKHh+xefHesWtNqMB/sVa5tS7PSTzVQN46s4Mpcj6BayP9PPJRuTOb
J7tPekFV/MdYwyvs5ShDeEfJsnoCZZzYLwyaFV+gRM1RDVNkhKzP/PVB0GOidjsC
RDH+n1wIP4UAzpEUzxJr0K8LIkzdZOPjREOfVE+5TIPMJjtYV6fdL+Ns+Z1WU5Q1
9Z51ZR9nUWpCSwTlM2MJ7EmgAmheFbsv9u4ndsbpj39mJSHCI+RF40k9M/4pP/yh
tGLEjv40iOOyTOiCnBSrfV8iNSvmLB6spUSNVE2uSBAFi2g2nj/qqKd6RZlBzXl0
wbUudpJhRYYRu9XPmeGTMp2GTQBinwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMaP
HOiAIo4Ll+juKNjLhvU4rp2ZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNUMzM0RCRTBFOTcxMUYxQjU5RTlDQjhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtH/MA0GCSqGSIb3DQEB
CwUAA4IBAQCwi4xcm9QeugQBPiV9gVG7NJc63pTXvUWiZAy9q3+OZjADsyddCyTV
HXHsDjJvG21KjMPrKxsd6gnUtrdgUWSPY/T+gGqNO2b9PCI2sBu9/706F7UxA2jA
iGcWFj3r10o6N2//unJTFrJSP7iw2uFTiQ3X6JNkeSmN3Y9TWOrYVpNhLaGzla10
QP+/JgZccMvTSrZE6rv9inG1Y76/3vTucV7X+FnvyZqR7n6V3V0YRy4m1q2pnJan
1YJX7Vi0Eo13XqJD6tpsFpB+PQcY+ssFQnyVE6AQIBTFYtk9vC6sbo7JTVnT78TV
3Z4ViSOtKvqmrS+3eR8+zMTY0bqvaCV8
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:27:55 2026 by rpki-client