Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD9BE58113011F18D18BBBADAE4EC9C.roa
File: 3AD9BE58113011F18D18BBBADAE4EC9C.roa (raw, json)
Hash identifier: ZEnjmgxwzfYWiW9ESM1vUGd9YipzlgqUO9hPq8N2qc0=
Subject key identifier: CF:17:97:ED:4E:39:4C:26:E7:AD:5B:18:C3:07:6E:DB:A0:43:42:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BB1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD9BE58113011F18D18BBBADAE4EC9C.roa
Signing time: Tue 24 Feb 2026 03:23:47 +0000
ROA not before: Tue 24 Feb 2026 03:23:42 +0000
ROA not after: Tue 03 Mar 2026 03:23:42 +0000
asID: 150706
IP address blocks: 154.223.168.0/24 maxlen: 24
154.223.169.0/24 maxlen: 24
154.223.170.0/24 maxlen: 24
154.223.171.0/24 maxlen: 24
154.223.176.0/24 maxlen: 24
154.223.177.0/24 maxlen: 24
154.223.178.0/24 maxlen: 24
154.223.179.0/24 maxlen: 24
154.223.180.0/24 maxlen: 24
154.223.181.0/24 maxlen: 24
154.223.182.0/24 maxlen: 24
154.223.183.0/24 maxlen: 24
154.223.188.0/24 maxlen: 24
154.223.189.0/24 maxlen: 24
154.223.190.0/24 maxlen: 24
154.223.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 03:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113436 (0x1bb1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 03:23:42 2026 GMT
Not After : Mar 3 03:23:42 2026 GMT
Subject: CN=699d19c3-dd06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:21:53:a3:2d:fb:ef:c1:7b:f9:40:ae:71:a0:
33:e4:39:dc:27:31:49:f1:a4:c6:c3:7d:55:a4:99:
41:20:ba:e8:1d:98:1d:68:8b:df:c4:66:36:5a:d9:
f5:b5:3f:61:db:b5:2e:5b:bd:93:b6:f1:d2:de:17:
4b:9a:04:07:b1:b5:10:8b:79:b9:04:ad:94:f3:d8:
4c:07:b3:0f:a4:c7:ea:18:40:8e:6b:02:35:0e:d4:
94:0d:50:67:ac:df:0b:76:61:97:ac:3d:89:8c:bf:
a0:d2:46:96:7c:1f:91:41:8d:6b:f3:61:17:08:3f:
e3:e6:f1:6c:1f:07:4c:45:34:ea:c3:b6:f3:72:9a:
f1:e2:3d:e5:8c:2b:6b:7d:1c:0e:f1:7b:7e:13:11:
b5:bc:58:ec:4b:90:10:a2:92:ce:8d:48:34:47:66:
27:07:52:0a:8e:d1:40:ee:87:82:af:dc:35:9a:eb:
dd:2e:0d:6c:2b:85:b8:ae:4b:8f:87:58:a8:2a:00:
27:e5:be:d3:2f:ed:13:c4:1e:20:76:d4:1e:7b:c1:
0b:d8:87:bf:78:4e:78:73:57:f6:de:e9:57:9f:22:
1f:77:e0:8c:0a:af:23:80:9f:79:20:d1:63:a0:c4:
35:b2:15:54:7c:6f:73:dc:d8:d5:64:3a:b3:bf:9f:
0a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:17:97:ED:4E:39:4C:26:E7:AD:5B:18:C3:07:6E:DB:A0:43:42:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD9BE58113011F18D18BBBADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
97:81:25:de:e8:d9:62:fd:1b:9f:4b:4a:63:e6:e9:00:d0:53:
fc:dc:58:bc:51:5b:44:8f:d2:54:b6:b6:da:ee:7e:86:e2:ac:
fd:13:90:cd:5b:a9:b6:69:8b:85:ce:ae:73:27:12:56:47:ca:
5c:3c:2c:fd:f7:e6:f1:87:66:51:c7:f5:f5:24:f3:33:87:e4:
f3:44:3c:48:c3:33:48:c5:29:12:4e:1f:17:c4:b4:da:c2:e4:
b1:c9:8f:6b:79:4e:fd:f0:f6:2f:36:f2:f7:f3:58:59:aa:45:
5f:40:3d:2b:90:5c:35:75:a4:ba:46:fe:bf:b4:4a:c3:2f:14:
a3:1a:31:6d:07:fb:98:31:80:5a:df:e8:ba:17:3e:ca:ee:25:
26:65:28:f5:63:b6:cb:69:b1:e8:7e:79:03:f6:33:97:e1:e8:
fa:ba:b3:63:85:d7:6a:13:9f:f9:59:b0:3d:a2:41:67:2f:8a:
ee:ff:33:29:d8:50:20:c6:36:44:42:7d:be:b5:6a:b1:96:c2:
b6:f0:13:a3:d0:20:32:be:54:94:fb:b8:7a:cc:42:ab:2f:b3:
71:4f:cd:af:21:cd:d9:51:72:4b:10:e2:43:05:de:61:39:5a:
b2:e8:01:aa:ae:94:0b:7f:fd:04:71:39:b8:9e:cd:1b:60:cf:
4f:b5:99:9b
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAbscMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI0MDMyMzQyWhcNMjYwMzAzMDMyMzQyWjAYMRYw
FAYDVQQDEw02OTlkMTljMy1kZDA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7iFToy3778F7+UCucaAz5DncJzFJ8aTGw31VpJlBILroHZgdaIvfxGY2
Wtn1tT9h27UuW72TtvHS3hdLmgQHsbUQi3m5BK2U89hMB7MPpMfqGECOawI1DtSU
DVBnrN8LdmGXrD2JjL+g0kaWfB+RQY1r82EXCD/j5vFsHwdMRTTqw7bzcprx4j3l
jCtrfRwO8Xt+ExG1vFjsS5AQopLOjUg0R2YnB1IKjtFA7oeCr9w1muvdLg1sK4W4
rkuPh1ioKgAn5b7TL+0TxB4gdtQee8EL2Ie/eE54c1f23ulXnyIfd+CMCq8jgJ95
INFjoMQ1shVUfG9z3NjVZDqzv58K3QIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFM8X
l+1OOUwm561bGMMHbtugQ0K/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQUQ5QkU1ODExMzAxMUYxOEQxOEJCQkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQCXgSXe6Nli/RufS0pj5ukA0FP83Fi8UVtEj9JU
trba7n6G4qz9E5DNW6m2aYuFzq5zJxJWR8pcPCz99+bxh2ZRx/X1JPMzh+TzRDxI
wzNIxSkSTh8XxLTawuSxyY9reU798PYvNvL381hZqkVfQD0rkFw1daS6Rv6/tErD
LxSjGjFtB/uYMYBa3+i6Fz7K7iUmZSj1Y7bLabHofnkD9jOX4ej6urNjhddqE5/5
WbA9okFnL4ru/zMp2FAgxjZEQn2+tWqxlsK28BOj0CAyvlSU+7h6zEKrL7NxT82v
Ic3ZUXJLEOJDBd5hOVqy6AGqrpQLf/0EcTm4ns0bYM9PtZmb
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:42:02 2026 by rpki-client