Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D7C6AB8FC3911F085BCBCDEDAE4EC9C.roa
File: 3D7C6AB8FC3911F085BCBCDEDAE4EC9C.roa (raw, json)
Hash identifier: Q7e8HdynHP2xPSviTw7jbpn2Yu8aCyoKvCB30g4UD54=
Subject key identifier: 4C:B3:DC:F2:C5:2C:19:EE:2D:F9:52:CD:D2:EC:47:E1:32:57:17:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B719
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D7C6AB8FC3911F085BCBCDEDAE4EC9C.roa
Signing time: Wed 28 Jan 2026 11:05:23 +0000
ROA not before: Wed 28 Jan 2026 11:05:18 +0000
ROA not after: Sat 07 Mar 2026 11:05:18 +0000
asID: 61112
IP address blocks: 154.88.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112409 (0x1b719)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 28 11:05:18 2026 GMT
Not After : Mar 7 11:05:18 2026 GMT
Subject: CN=6979ed73-54b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dc:95:34:1c:e2:ec:4f:76:72:69:f7:46:e8:
1a:1c:38:91:f7:80:00:1d:f5:78:29:8e:9d:05:1b:
b7:66:a3:9c:a6:69:2b:71:e2:7c:4a:f9:f0:e1:46:
71:b0:f9:a1:d7:00:7f:69:95:90:11:35:81:40:df:
87:0c:67:5d:4c:3e:c7:67:c9:2a:17:5f:dc:7c:0b:
e9:6b:39:2d:c4:ba:4b:f1:96:df:97:c3:83:b0:0c:
9f:12:7e:90:9a:ac:fe:fa:80:25:95:c5:e7:ac:d1:
15:c2:ab:77:15:60:e3:ef:5e:eb:7d:9d:f5:ca:59:
40:ba:2b:58:0e:fd:3e:6c:cb:06:4b:51:18:8b:cf:
71:3f:b1:25:63:49:95:c6:6e:ec:38:cb:ef:6c:a4:
6c:b1:4c:77:3b:eb:c0:22:9e:f6:52:aa:f0:d4:67:
86:0e:67:e8:2c:ee:7e:d8:b9:ed:d7:79:25:d1:4c:
28:ba:17:64:59:da:17:46:c2:91:bc:11:02:bb:3f:
62:15:df:eb:e9:d0:6c:c7:d9:f1:2d:3a:9d:aa:4d:
82:5f:4c:e0:34:c9:3b:df:c8:67:29:e7:f5:f8:e2:
2d:35:f5:61:36:8d:ec:68:e8:35:19:88:16:89:82:
24:54:f6:6b:9f:3f:68:02:9a:8d:e8:29:92:61:47:
72:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B3:DC:F2:C5:2C:19:EE:2D:F9:52:CD:D2:EC:47:E1:32:57:17:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D7C6AB8FC3911F085BCBCDEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.66.0/23
Signature Algorithm: sha256WithRSAEncryption
94:fe:65:e7:1d:c4:9f:da:a0:93:c5:b2:d7:09:dd:38:94:51:
00:71:d1:35:0c:34:af:22:96:5e:0b:2a:72:5c:33:aa:84:2d:
a2:14:ea:71:e0:8e:d3:6f:a1:24:71:d6:15:ab:72:26:90:7c:
13:44:00:25:a7:43:27:6d:48:87:be:7d:aa:a0:7f:d8:34:17:
e2:e4:97:e4:ad:13:26:88:e3:bf:c0:74:72:d8:92:b5:cf:10:
19:15:6f:ac:c5:17:7c:b7:0e:d1:cf:70:83:58:61:91:71:3c:
da:06:60:4b:be:15:8c:b3:37:93:5c:05:17:5d:da:c2:b3:63:
7e:5a:2a:a5:1a:34:ff:19:f3:e7:ee:9a:72:bf:70:11:c0:6a:
ab:3e:b3:99:51:b0:7f:1f:62:b8:e9:e3:10:62:a6:1f:84:15:
05:35:a1:35:1d:81:36:f2:b5:d3:49:6d:6c:c8:27:7c:72:c3:
f8:f9:08:d2:3f:ad:5b:39:0b:15:79:0b:a9:4b:e1:a4:07:3d:
08:67:3c:ab:fd:9b:87:ea:cf:88:25:98:e8:92:7c:9c:76:9a:
13:7a:ad:c1:1c:74:94:6a:80:98:af:4f:ca:47:78:64:a6:b0:
fe:a4:15:aa:ae:b3:1e:ca:40:8d:7c:1c:fc:ad:84:f7:31:de:
ce:46:90:47
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbcZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMTI4MTEwNTE4WhcNMjYwMzA3MTEwNTE4WjAYMRYw
FAYDVQQDEw02OTc5ZWQ3My01NGI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuNyVNBzi7E92cmn3RugaHDiR94AAHfV4KY6dBRu3ZqOcpmkrceJ8Svnw
4UZxsPmh1wB/aZWQETWBQN+HDGddTD7HZ8kqF1/cfAvpazktxLpL8Zbfl8ODsAyf
En6Qmqz++oAllcXnrNEVwqt3FWDj717rfZ31yllAuitYDv0+bMsGS1EYi89xP7El
Y0mVxm7sOMvvbKRssUx3O+vAIp72Uqrw1GeGDmfoLO5+2Lnt13kl0UwouhdkWdoX
RsKRvBECuz9iFd/r6dBsx9nxLTqdqk2CX0zgNMk738hnKef1+OItNfVhNo3saOg1
GYgWiYIkVPZrnz9oApqN6CmSYUdyYwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEyz
3PLFLBnuLflSzdLsR+EyVxePMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRDdDNkFCOEZDMzkxMUYwODVCQ0JDREVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhCMA0GCSqGSIb3DQEB
CwUAA4IBAQCU/mXnHcSf2qCTxbLXCd04lFEAcdE1DDSvIpZeCypyXDOqhC2iFOpx
4I7Tb6EkcdYVq3ImkHwTRAAlp0MnbUiHvn2qoH/YNBfi5JfkrRMmiOO/wHRy2JK1
zxAZFW+sxRd8tw7Rz3CDWGGRcTzaBmBLvhWMszeTXAUXXdrCs2N+WiqlGjT/GfPn
7ppyv3ARwGqrPrOZUbB/H2K46eMQYqYfhBUFNaE1HYE28rXTSW1syCd8csP4+QjS
P61bOQsVeQupS+GkBz0IZzyr/ZuH6s+IJZjoknycdpoTeq3BHHSUaoCYr0/KR3hk
prD+pBWqrrMeykCNfBz8rYT3Md7ORpBH
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:18:34 2026 by rpki-client