Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38F502A612C411F1BA54E7E2DAE4EC9C.roa
File: 38F502A612C411F1BA54E7E2DAE4EC9C.roa (raw, json)
Hash identifier: EDmRfEq36LydPcfuNApqASmPphO8/ge/7+0jhKYA38k=
Subject key identifier: 40:3A:BC:59:72:FA:93:B0:09:06:44:F0:E9:3D:FB:12:C1:09:08:90
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BBCC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38F502A612C411F1BA54E7E2DAE4EC9C.roa
Signing time: Thu 26 Feb 2026 03:35:40 +0000
ROA not before: Thu 26 Feb 2026 03:35:35 +0000
ROA not after: Thu 05 Mar 2026 03:35:35 +0000
asID: 17497
IP address blocks: 154.81.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113612 (0x1bbcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 26 03:35:35 2026 GMT
Not After : Mar 5 03:35:35 2026 GMT
Subject: CN=699fbf8c-b233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a4:7a:55:46:9b:06:e5:74:4e:89:9d:8a:2d:
81:05:45:b6:8d:18:db:09:08:a8:5c:12:0c:fd:a1:
da:a0:aa:36:4c:d2:5c:f1:98:51:53:bb:19:34:98:
b4:18:36:a1:68:4b:4e:14:dc:57:f9:77:d5:3f:94:
63:d6:75:5f:46:64:1c:01:11:f2:81:03:eb:90:bc:
34:e5:3a:cd:1d:6b:08:54:48:0d:25:7d:c2:76:27:
e6:43:83:ba:bf:8b:a9:6c:45:a8:7e:22:4f:63:5c:
e8:87:33:33:b2:86:5d:42:88:26:f5:71:57:5d:d8:
99:f9:8e:1c:6d:c8:8c:57:3f:37:d4:30:51:e7:5d:
4c:1c:4b:39:57:18:b7:6a:78:e9:54:d2:02:16:c4:
bc:01:17:45:73:e5:1c:af:7e:9b:4e:1b:d4:c8:20:
78:f3:7e:d7:c7:6d:f6:12:46:75:70:9c:f3:3d:7a:
70:74:9c:22:2e:ea:ac:dd:41:31:f2:c4:61:5c:2a:
e3:16:f8:8b:42:90:77:1f:bb:34:aa:e1:d1:db:b1:
63:57:3b:f7:1e:4e:9a:d1:5c:d0:4d:7f:b1:43:65:
24:da:67:95:2b:53:b3:04:7d:44:e8:08:fa:8c:c1:
c6:0e:0d:c9:bd:e3:5e:23:ca:67:f7:6e:8b:92:18:
c0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3A:BC:59:72:FA:93:B0:09:06:44:F0:E9:3D:FB:12:C1:09:08:90
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38F502A612C411F1BA54E7E2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.159.0/24
Signature Algorithm: sha256WithRSAEncryption
45:9e:b9:af:df:29:c6:96:bd:a4:53:62:e2:70:88:ea:8d:01:
6e:dd:b6:4b:86:1a:0c:30:66:33:6c:cf:f6:cf:a1:06:28:77:
04:83:4f:4a:63:94:fe:cf:31:15:eb:de:0a:6a:4b:bd:ab:39:
f4:bb:14:97:f6:46:31:51:66:7b:05:35:04:11:a3:a8:85:d7:
c1:c6:7b:7c:de:1e:d5:9c:7f:2a:22:46:40:92:24:99:80:3b:
c8:11:8c:ca:a5:f6:5a:5b:5b:30:bb:d8:1c:5f:2d:5a:17:49:
a2:01:18:30:99:e2:3e:46:d7:00:fe:3e:ac:d6:45:3d:bb:45:
a7:14:37:a0:22:cc:51:e4:6b:25:98:5f:96:34:e6:0e:17:e8:
66:d2:ea:be:74:f3:5f:f2:86:e7:2c:50:e0:e3:fe:47:b1:35:
57:4d:b2:84:e1:cb:82:a9:7f:18:46:2e:b7:62:58:25:e5:8a:
04:63:06:a5:4f:b5:74:73:98:36:85:e9:66:86:b9:92:00:ed:
ff:b3:5a:26:a2:7e:c4:0e:c0:34:d5:83:12:c1:f3:0e:90:b0:
13:39:3d:b1:d9:ea:ba:3b:de:9c:aa:06:ec:15:ae:34:fd:5f:
a1:91:b5:59:1e:c6:58:1f:2a:1b:34:ac:3f:b7:ec:c1:26:5e:
c3:4e:af:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbvMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI2MDMzNTM1WhcNMjYwMzA1MDMzNTM1WjAYMRYw
FAYDVQQDEw02OTlmYmY4Yy1iMjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzKR6VUabBuV0Tomdii2BBUW2jRjbCQioXBIM/aHaoKo2TNJc8ZhRU7sZ
NJi0GDahaEtOFNxX+XfVP5Rj1nVfRmQcARHygQPrkLw05TrNHWsIVEgNJX3Cdifm
Q4O6v4upbEWofiJPY1zohzMzsoZdQogm9XFXXdiZ+Y4cbciMVz831DBR511MHEs5
Vxi3anjpVNICFsS8ARdFc+Ucr36bThvUyCB4837Xx232EkZ1cJzzPXpwdJwiLuqs
3UEx8sRhXCrjFviLQpB3H7s0quHR27FjVzv3Hk6a0VzQTX+xQ2Uk2meVK1OzBH1E
6Aj6jMHGDg3JveNeI8pn926LkhjAMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEA6
vFly+pOwCQZE8Ok9+xLBCQiQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOEY1MDJBNjEyQzQxMUYxQkE1NEU3RTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlGfMA0GCSqGSIb3DQEB
CwUAA4IBAQBFnrmv3ynGlr2kU2LicIjqjQFu3bZLhhoMMGYzbM/2z6EGKHcEg09K
Y5T+zzEV694Kaku9qzn0uxSX9kYxUWZ7BTUEEaOohdfBxnt83h7VnH8qIkZAkiSZ
gDvIEYzKpfZaW1swu9gcXy1aF0miARgwmeI+RtcA/j6s1kU9u0WnFDegIsxR5Gsl
mF+WNOYOF+hm0uq+dPNf8obnLFDg4/5HsTVXTbKE4cuCqX8YRi63Ylgl5YoEYwal
T7V0c5g2helmhrmSAO3/s1omon7EDsA01YMSwfMOkLATOT2x2eq6O96cqgbsFa40
/V+hkbVZHsZYHyobNKw/t+zBJl7DTq9v
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:42:41 2026 by rpki-client