Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35FD56B208B911F18CF505B1DAE4EC9C.roa
File: 35FD56B208B911F18CF505B1DAE4EC9C.roa (raw, json)
Hash identifier: P76z1ZZVOXGBohYrlR5v4wtQKXLPSzWSwD16q5qfgu0=
Subject key identifier: 91:14:EA:03:52:76:E8:68:C4:26:74:51:3D:23:21:A0:37:84:9E:E7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B948
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35FD56B208B911F18CF505B1DAE4EC9C.roa
Signing time: Fri 13 Feb 2026 08:51:46 +0000
ROA not before: Fri 13 Feb 2026 08:51:33 +0000
ROA not after: Fri 20 Mar 2026 08:51:33 +0000
asID: 19318
IP address blocks: 154.94.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112968 (0x1b948)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 13 08:51:33 2026 GMT
Not After : Mar 20 08:51:33 2026 GMT
Subject: CN=698ee622-f968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:05:b1:00:6f:3e:bf:ce:9e:ad:a8:a3:e1:dd:
07:a4:22:1c:02:a0:ec:fc:a4:b4:f4:f3:73:33:1c:
a2:03:ee:75:23:2c:14:f4:67:f7:b9:ff:04:f2:c5:
cb:fc:44:3e:41:95:fc:ac:29:c2:77:20:ea:e5:7a:
20:35:9b:f0:f4:d5:16:5e:3b:f6:c8:6a:0c:75:75:
0c:db:2c:ec:2f:2e:14:24:8b:58:33:e2:d5:76:9e:
48:75:3f:ce:fd:7d:9f:3a:af:57:cb:d9:26:d8:31:
cd:38:b5:51:03:93:f7:f2:08:a4:8f:00:6a:01:06:
bf:9d:ba:28:a9:3a:fd:57:f0:26:42:cb:dd:5e:65:
2c:7d:77:b6:b0:d5:b0:a3:cc:93:63:1a:58:c1:a5:
1b:c2:97:0e:93:86:91:02:53:9d:9f:a3:47:c3:71:
70:9e:c8:da:12:b8:31:90:09:06:91:5c:5a:be:10:
dd:cc:d4:aa:02:d2:81:43:02:48:6f:cc:e5:39:e5:
2f:0f:6e:50:60:28:1a:c3:5e:2f:66:df:8a:66:6d:
5e:ac:0e:15:ce:79:1d:2f:3f:29:4b:4d:b1:4e:04:
19:a2:b7:f4:7e:12:4e:56:25:b0:76:e2:8f:30:7a:
59:f4:1d:18:ae:eb:3c:28:06:b9:0e:01:47:92:90:
bd:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:14:EA:03:52:76:E8:68:C4:26:74:51:3D:23:21:A0:37:84:9E:E7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35FD56B208B911F18CF505B1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.12.0/22
Signature Algorithm: sha256WithRSAEncryption
d0:d3:a8:85:5d:ab:a4:fa:34:51:f1:5a:50:a8:d1:86:15:1c:
0e:15:21:15:31:f0:3e:89:f8:88:78:fb:67:a1:8d:53:94:93:
2a:3b:45:e5:9c:b1:10:17:8b:8a:60:e5:2b:99:c4:1b:a8:a7:
f3:b8:10:12:5f:29:1e:18:a8:eb:f5:02:d3:07:eb:c3:ce:22:
fd:57:9e:5a:60:c4:a2:2d:9b:cf:ed:d6:69:02:e9:09:a6:d6:
54:b5:30:3c:de:89:da:65:ea:55:0f:66:71:54:67:57:d8:37:
1a:32:e0:eb:b0:44:ee:ca:3c:a6:d8:71:83:0f:fd:2d:00:a1:
87:8c:c9:7b:e3:d8:0e:b6:9e:24:f1:30:76:a3:5c:ce:04:62:
6b:36:d0:82:4c:96:17:e3:0d:57:0b:c6:ba:7f:c7:11:05:b0:
b6:df:68:c0:c5:79:7c:b1:9b:88:f9:58:3f:9e:cd:96:4d:07:
87:d4:81:ac:d3:74:2d:e1:7a:8b:64:30:71:27:2f:81:b2:7b:
e8:ba:6e:93:82:1a:64:83:43:51:a6:8c:6b:92:a1:c5:ae:c4:
61:e5:60:e1:67:5e:f0:da:ad:c2:0f:35:d5:ac:49:f3:c9:23:
d6:a6:d2:4e:bb:ce:99:23:3b:65:59:b2:a9:0d:cf:25:5f:b1:
5f:4a:2b:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAblIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjEzMDg1MTMzWhcNMjYwMzIwMDg1MTMzWjAYMRYw
FAYDVQQDEw02OThlZTYyMi1mOTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8AWxAG8+v86eraij4d0HpCIcAqDs/KS09PNzMxyiA+51IywU9Gf3uf8E
8sXL/EQ+QZX8rCnCdyDq5XogNZvw9NUWXjv2yGoMdXUM2yzsLy4UJItYM+LVdp5I
dT/O/X2fOq9Xy9km2DHNOLVRA5P38gikjwBqAQa/nbooqTr9V/AmQsvdXmUsfXe2
sNWwo8yTYxpYwaUbwpcOk4aRAlOdn6NHw3FwnsjaErgxkAkGkVxavhDdzNSqAtKB
QwJIb8zlOeUvD25QYCgaw14vZt+KZm1erA4VznkdLz8pS02xTgQZorf0fhJOViWw
duKPMHpZ9B0Yrus8KAa5DgFHkpC9awIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJEU
6gNSduhoxCZ0UT0jIaA3hJ7nMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNUZENTZCMjA4QjkxMUYxOENGNTA1QjFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCml4MMA0GCSqGSIb3DQEB
CwUAA4IBAQDQ06iFXauk+jRR8VpQqNGGFRwOFSEVMfA+ifiIePtnoY1TlJMqO0Xl
nLEQF4uKYOUrmcQbqKfzuBASXykeGKjr9QLTB+vDziL9V55aYMSiLZvP7dZpAukJ
ptZUtTA83onaZepVD2ZxVGdX2DcaMuDrsETuyjym2HGDD/0tAKGHjMl749gOtp4k
8TB2o1zOBGJrNtCCTJYX4w1XC8a6f8cRBbC232jAxXl8sZuI+Vg/ns2WTQeH1IGs
03Qt4XqLZDBxJy+Bsnvoum6Tghpkg0NRpoxrkqHFrsRh5WDhZ17w2q3CDzXVrEnz
ySPWptJOu86ZIztlWbKpDc8lX7FfSitu
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:26:39 2026 by rpki-client