Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36413BDC122011F1B62F287EDAE4EC9C.roa
File: 36413BDC122011F1B62F287EDAE4EC9C.roa (raw, json)
Hash identifier: D3KM0uovBeshFvZivDZWWN0GLFT1B0VGOhUnpXjqpDc=
Subject key identifier: 19:00:BA:EB:FC:D4:AC:50:D2:1D:25:AA:41:F2:56:98:68:8A:68:94
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BB8D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36413BDC122011F1B62F287EDAE4EC9C.roa
Signing time: Wed 25 Feb 2026 08:01:38 +0000
ROA not before: Wed 25 Feb 2026 08:01:34 +0000
ROA not after: Wed 01 Apr 2026 08:01:34 +0000
asID: 984
IP address blocks: 154.90.133.0/24 maxlen: 24
154.95.2.0/24 maxlen: 24
154.95.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113549 (0x1bb8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 25 08:01:34 2026 GMT
Not After : Apr 1 08:01:34 2026 GMT
Subject: CN=699eac62-3300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6c:82:63:31:10:cc:28:4b:42:23:5d:56:ac:
e9:de:1f:6b:45:40:48:e5:45:04:84:3b:92:2e:b1:
1a:ee:6a:8c:ff:08:78:ad:a1:66:6e:c0:14:d2:85:
29:a5:0c:88:ad:27:f1:7e:e8:b8:89:6d:47:8d:63:
82:aa:8a:f6:d3:61:14:90:e8:b1:15:1e:d2:53:dc:
9d:93:f9:e6:60:60:79:9f:28:11:d7:4b:65:f3:52:
97:40:7d:81:42:40:b7:ea:31:f4:96:a5:74:f1:4d:
91:1e:36:1b:25:ea:b9:dd:11:74:1e:2d:a4:8e:21:
ed:8f:60:5f:44:42:77:1c:85:4d:0c:0a:d7:38:9c:
c4:58:83:0e:81:19:c6:ab:1c:f9:13:7f:7e:35:90:
81:58:87:ab:b3:a2:63:86:8c:33:47:fc:6f:19:73:
92:9e:8d:b4:e8:02:e4:b0:cf:0d:45:95:4f:f4:1c:
1b:95:88:7a:f5:20:c8:67:6f:49:22:a4:5a:e9:86:
8f:94:fa:9a:25:05:00:dc:77:81:1e:75:54:89:b6:
70:99:03:04:3b:cb:5f:ad:07:33:c2:69:a5:29:f5:
fe:6b:94:1e:65:06:2b:07:37:5f:fe:e5:c7:41:80:
9e:5c:95:29:9b:5a:24:f0:90:37:dc:24:7c:e3:6a:
be:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:00:BA:EB:FC:D4:AC:50:D2:1D:25:AA:41:F2:56:98:68:8A:68:94
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36413BDC122011F1B62F287EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.133.0/24
154.95.2.0/23
Signature Algorithm: sha256WithRSAEncryption
33:99:7f:05:4a:cb:b2:c1:ae:30:b7:a2:58:5e:28:12:5c:4f:
70:2b:1b:dc:de:9e:54:4b:7d:b3:d7:4d:88:04:c4:db:b8:b3:
73:b9:bc:ab:4c:c3:a0:d9:9b:bd:ae:11:bd:ee:68:88:82:12:
66:d8:5e:1c:f8:08:58:23:5e:a7:0a:bb:a3:5b:b8:d0:fb:ce:
71:28:89:1c:54:6f:21:53:10:29:92:07:cc:7b:7d:79:18:0a:
09:f7:15:0e:ee:9d:7d:28:83:4f:68:25:49:dc:4f:14:26:44:
d6:af:c7:47:48:f0:f8:47:02:c6:f8:68:06:89:83:e5:7a:1d:
ad:46:b8:fb:cf:78:6e:69:e4:5b:2a:4a:2b:92:6c:2c:30:ec:
00:8c:27:c8:ed:b6:a6:16:57:04:7f:24:ee:a4:a9:bd:8e:69:
79:03:7a:74:e1:75:f1:96:06:23:c2:f9:62:89:c0:5c:62:a9:
99:ae:76:19:e5:81:56:89:a8:46:6e:be:84:17:6e:04:fb:ad:
96:42:06:f3:d8:1e:7c:b4:50:d7:05:0d:c6:54:e1:28:a7:08:
4b:a4:82:67:fb:75:2a:0d:ed:9b:fa:c9:c5:da:18:21:97:f8:
08:a0:f9:d6:ef:c9:a1:56:2d:5b:30:03:10:58:1d:77:1f:bb:
4b:50:36:01
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAbuNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI1MDgwMTM0WhcNMjYwNDAxMDgwMTM0WjAYMRYw
FAYDVQQDEw02OTllYWM2Mi0zMzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwWyCYzEQzChLQiNdVqzp3h9rRUBI5UUEhDuSLrEa7mqM/wh4raFmbsAU
0oUppQyIrSfxfui4iW1HjWOCqor202EUkOixFR7SU9ydk/nmYGB5nygR10tl81KX
QH2BQkC36jH0lqV08U2RHjYbJeq53RF0Hi2kjiHtj2BfREJ3HIVNDArXOJzEWIMO
gRnGqxz5E39+NZCBWIers6JjhowzR/xvGXOSno206ALksM8NRZVP9BwblYh69SDI
Z29JIqRa6YaPlPqaJQUA3HeBHnVUibZwmQMEO8tfrQczwmmlKfX+a5QeZQYrBzdf
/uXHQYCeXJUpm1ok8JA33CR842q+vwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFBkA
uuv81KxQ0h0lqkHyVphoimiUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNjQxM0JEQzEyMjAxMUYxQjYyRjI4N0VEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlqFAwQBml8CMA0GCSqG
SIb3DQEBCwUAA4IBAQAzmX8FSsuywa4wt6JYXigSXE9wKxvc3p5US32z102IBMTb
uLNzubyrTMOg2Zu9rhG97miIghJm2F4c+AhYI16nCrujW7jQ+85xKIkcVG8hUxAp
kgfMe315GAoJ9xUO7p19KINPaCVJ3E8UJkTWr8dHSPD4RwLG+GgGiYPleh2tRrj7
z3huaeRbKkorkmwsMOwAjCfI7bamFlcEfyTupKm9jml5A3p04XXxlgYjwvliicBc
YqmZrnYZ5YFWiahGbr6EF24E+62WQgbz2B58tFDXBQ3GVOEopwhLpIJn+3UqDe2b
+snF2hghl/gIoPnW78mhVi1bMAMQWB13H7tLUDYB
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:18:35 2026 by rpki-client