Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DB69D5A29D511F1BC82CDB4DAE4EC9C.roa
File: 2DB69D5A29D511F1BC82CDB4DAE4EC9C.roa (raw, json)
Hash identifier: M7l3EZrV3g/qVhhxKFe5TseXLqtMcA5chlEl1SBXY3k=
Subject key identifier: 44:C2:28:4C:6B:6E:DC:5C:4E:94:94:E2:6F:58:8D:04:7F:04:25:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C12E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DB69D5A29D511F1BC82CDB4DAE4EC9C.roa
Signing time: Fri 27 Mar 2026 12:05:00 +0000
ROA not before: Fri 27 Mar 2026 12:04:54 +0000
ROA not after: Sun 10 May 2026 12:04:54 +0000
asID: 214143
IP address blocks: 154.194.208.0/22 maxlen: 24
154.194.212.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114990 (0x1c12e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 27 12:04:54 2026 GMT
Not After : May 10 12:04:54 2026 GMT
Subject: CN=69c6726c-3bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:46:eb:77:f2:8a:27:2a:dc:37:3a:5a:7c:2e:
ab:71:3e:8f:b0:20:04:b7:4d:b0:2d:ef:86:24:1b:
8e:09:d9:05:83:15:37:08:61:d8:6c:77:95:eb:36:
1f:86:3b:cc:6f:ad:8e:77:f1:98:ed:cd:e8:72:d8:
43:2c:17:a7:b5:56:76:e7:6f:87:41:99:55:a1:0e:
7c:48:86:0e:e9:c3:4a:38:a3:23:9e:1f:b5:6e:fd:
99:68:c8:c5:c2:61:ba:85:a7:39:d5:3f:e9:c6:85:
7b:8f:9f:6a:ed:90:3c:6c:da:47:21:cb:84:5b:92:
dd:06:d5:76:7d:ab:93:8d:c5:15:c8:25:f9:b3:d6:
1e:42:b0:b2:f6:5e:7a:20:52:85:ac:32:2d:b9:77:
32:18:72:c6:46:15:30:2a:44:6e:72:28:8e:d5:7d:
70:41:70:cc:db:0c:50:e6:f0:06:a0:cf:09:ff:18:
1f:67:30:fc:a1:4f:91:25:98:6b:76:f2:f7:0e:4b:
1f:2d:1a:50:b5:30:56:9b:55:f7:01:3b:92:2b:75:
12:17:19:72:0a:cf:48:c1:75:f8:2d:41:a5:0f:ab:
7b:02:68:36:d4:7d:56:33:e3:b3:db:65:44:76:9e:
71:c0:2a:ec:de:23:54:78:df:58:ef:f8:6b:79:e9:
7c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C2:28:4C:6B:6E:DC:5C:4E:94:94:E2:6F:58:8D:04:7F:04:25:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DB69D5A29D511F1BC82CDB4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.208.0-154.194.213.255
Signature Algorithm: sha256WithRSAEncryption
bd:37:70:68:e3:62:dc:46:54:fc:24:8b:f8:1e:a1:d6:bc:96:
a8:25:29:51:ed:be:b7:db:7d:20:3f:c4:16:ec:2d:7e:37:90:
15:b2:99:76:60:9b:6e:11:d5:da:0c:23:11:4f:63:17:fb:cb:
60:4a:af:f9:24:66:9a:59:af:76:93:90:77:48:ad:e6:e2:a9:
18:fd:99:9b:11:b9:1a:0e:04:f7:bb:d4:13:8e:a0:d0:ef:9b:
bc:2e:f6:61:87:35:de:3e:2e:d9:f5:ba:0c:06:40:81:30:28:
02:24:ee:ef:56:2e:da:88:91:49:af:d5:0b:19:ee:e8:c3:90:
c6:a8:fd:0e:fd:95:36:f6:3b:0e:77:dc:de:6b:df:eb:43:c8:
d9:e8:ac:7b:9f:a4:04:90:83:13:27:5c:03:8d:54:30:77:5f:
44:5b:b9:f6:86:37:f6:91:0f:6d:e0:f3:93:55:46:ee:b8:9c:
64:69:45:60:67:86:a8:88:25:c1:be:85:89:dc:df:b8:69:2b:
3f:69:b2:4c:80:80:8f:cd:88:54:8a:71:26:56:9c:15:7a:7f:
40:65:bc:6e:37:08:7a:9c:ba:c7:21:06:0d:de:26:b8:0b:bf:
87:e3:99:e9:2b:87:26:b8:ea:18:be:26:f6:eb:a0:f8:02:e8:
af:07:58:77
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcEuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI3MTIwNDU0WhcNMjYwNTEwMTIwNDU0WjAYMRYw
FAYDVQQDEw02OWM2NzI2Yy0zYmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA60brd/KKJyrcNzpafC6rcT6PsCAEt02wLe+GJBuOCdkFgxU3CGHYbHeV
6zYfhjvMb62Od/GY7c3octhDLBentVZ252+HQZlVoQ58SIYO6cNKOKMjnh+1bv2Z
aMjFwmG6hac51T/pxoV7j59q7ZA8bNpHIcuEW5LdBtV2fauTjcUVyCX5s9YeQrCy
9l56IFKFrDItuXcyGHLGRhUwKkRuciiO1X1wQXDM2wxQ5vAGoM8J/xgfZzD8oU+R
JZhrdvL3DksfLRpQtTBWm1X3ATuSK3USFxlyCs9IwXX4LUGlD6t7Amg21H1WM+Oz
22VEdp5xwCrs3iNUeN9Y7/hreel8xQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFETC
KExrbtxcTpSU4m9YjQR/BCXYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yREI2OUQ1QTI5RDUxMUYxQkM4MkNEQjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASawtADBAGawtQwDQYJ
KoZIhvcNAQELBQADggEBAL03cGjjYtxGVPwki/geoda8lqglKVHtvrfbfSA/xBbs
LX43kBWymXZgm24R1doMIxFPYxf7y2BKr/kkZppZr3aTkHdIrebiqRj9mZsRuRoO
BPe71BOOoNDvm7wu9mGHNd4+Ltn1ugwGQIEwKAIk7u9WLtqIkUmv1QsZ7ujDkMao
/Q79lTb2Ow533N5r3+tDyNnorHufpASQgxMnXAONVDB3X0RbufaGN/aRD23g85NV
Ru64nGRpRWBnhqiIJcG+hYnc37hpKz9pskyAgI/NiFSKcSZWnBV6f0BlvG43CHqc
uschBg3eJrgLv4fjmekrhya46hi+JvbroPgC6K8HWHc=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:30:58 2026 by rpki-client