Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4186DDB208E311F1967CC0ACDAE4EC9C.roa
File: 4186DDB208E311F1967CC0ACDAE4EC9C.roa (raw, json)
Hash identifier: g3zFivHMsS+LODy3WBK3NiIdZq8vxWIqQ4hrUu7Bsj8=
Subject key identifier: F6:32:11:E3:30:6B:2A:03:24:6A:81:49:AF:C0:94:61:8A:7F:F2:8D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B952
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4186DDB208E311F1967CC0ACDAE4EC9C.roa
Signing time: Fri 13 Feb 2026 13:52:38 +0000
ROA not before: Fri 13 Feb 2026 13:52:33 +0000
ROA not after: Fri 05 Jun 2026 13:52:33 +0000
asID: 135377
IP address blocks: 154.82.21.0/24 maxlen: 24
154.85.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112978 (0x1b952)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 13 13:52:33 2026 GMT
Not After : Jun 5 13:52:33 2026 GMT
Subject: CN=698f2ca6-3fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e8:bb:05:fc:92:c4:10:a1:08:75:35:67:7d:
13:d4:88:20:8b:cf:49:78:6b:2f:dc:54:04:20:c8:
6d:ed:07:a2:fc:30:de:e1:96:11:6c:e2:2a:e8:60:
d7:cc:43:08:4b:25:59:1c:4b:85:d6:46:d2:9b:28:
3b:6a:5b:b5:3d:a7:30:1c:2e:71:87:d3:28:5e:65:
70:f4:40:9e:48:2c:d5:66:06:a9:7e:43:c6:d1:35:
3c:1d:2f:12:bf:4a:9b:b7:e0:21:cb:3f:a6:2e:ce:
d3:f1:7d:4e:ad:7d:b8:bb:15:bd:da:6d:f3:ea:7d:
df:c2:23:8f:8d:2f:29:cf:69:60:88:f2:cb:ca:b1:
a7:dd:60:23:50:15:dc:75:cc:c6:0a:a8:a5:0a:24:
b4:8a:31:84:68:2b:ad:af:73:4e:03:32:bc:eb:d7:
b6:50:44:eb:32:33:e4:a4:ca:39:8c:bc:64:2b:a7:
d6:de:63:04:a5:da:c3:2e:41:69:3a:dd:0f:62:97:
1e:aa:9f:d2:4c:87:bb:2f:e0:2a:a1:8d:e4:7e:b1:
0f:6d:67:32:59:3d:f6:da:47:94:24:a9:62:03:c3:
64:96:fa:b9:0c:53:35:78:80:91:fc:af:87:0b:b1:
0f:96:8a:29:8d:ff:18:12:fe:db:8b:60:b2:0b:cc:
79:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:32:11:E3:30:6B:2A:03:24:6A:81:49:AF:C0:94:61:8A:7F:F2:8D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4186DDB208E311F1967CC0ACDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.21.0/24
154.85.27.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:67:b3:55:d1:f4:54:6c:6f:f5:82:1e:5e:bd:12:f9:b8:04:
2b:15:64:a9:4e:ec:c9:bc:17:b4:88:33:de:d4:d5:71:26:4b:
b6:68:61:d7:ec:08:a1:4d:64:b9:c7:9d:20:c3:44:4e:36:21:
37:c3:bf:eb:9f:a3:72:04:6c:df:d0:78:67:84:da:a8:25:d8:
64:16:d7:aa:b7:f5:10:3a:fe:f1:42:fe:cd:82:1f:2b:8e:65:
a5:19:79:a7:17:07:22:60:1e:1f:c6:50:53:e3:44:0f:72:3e:
a3:cd:c8:7b:1b:f2:75:48:26:4f:4b:3a:4a:16:b3:df:ee:10:
fd:ea:3b:0c:14:d8:c7:e5:bd:1a:9c:96:37:19:b2:89:6a:52:
ba:8a:ba:c4:f5:d3:cd:55:56:c3:96:fd:ac:82:46:01:12:4d:
1e:3d:4a:58:d2:6d:cb:cb:f9:98:ca:70:83:df:de:21:ed:9a:
e9:38:26:9a:bd:b8:5e:38:ab:9f:53:91:43:4d:ad:31:a4:51:
93:1e:9c:dd:80:47:f2:a3:db:b0:18:b9:02:e5:62:37:c2:2d:
d4:55:97:4b:4f:c1:eb:78:50:40:67:6b:b3:39:20:e4:bc:11:
21:12:cc:6f:44:4a:8f:c5:23:52:9d:90:ea:ae:53:cd:2f:1e:
77:6e:ff:e4
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAblSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjEzMTM1MjMzWhcNMjYwNjA1MTM1MjMzWjAYMRYw
FAYDVQQDEw02OThmMmNhNi0zZmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxui7BfySxBChCHU1Z30T1Iggi89JeGsv3FQEIMht7Qei/DDe4ZYRbOIq
6GDXzEMISyVZHEuF1kbSmyg7alu1PacwHC5xh9MoXmVw9ECeSCzVZgapfkPG0TU8
HS8Sv0qbt+Ahyz+mLs7T8X1OrX24uxW92m3z6n3fwiOPjS8pz2lgiPLLyrGn3WAj
UBXcdczGCqilCiS0ijGEaCutr3NOAzK869e2UETrMjPkpMo5jLxkK6fW3mMEpdrD
LkFpOt0PYpceqp/STIe7L+AqoY3kfrEPbWcyWT322keUJKliA8Nklvq5DFM1eICR
/K+HC7EPloopjf8YEv7bi2CyC8x5rwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFPYy
EeMwayoDJGqBSa/AlGGKf/KNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MTg2RERCMjA4RTMxMUYxOTY3Q0MwQUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlIVAwQAmlUbMA0GCSqG
SIb3DQEBCwUAA4IBAQAvZ7NV0fRUbG/1gh5evRL5uAQrFWSpTuzJvBe0iDPe1NVx
Jku2aGHX7AihTWS5x50gw0RONiE3w7/rn6NyBGzf0HhnhNqoJdhkFteqt/UQOv7x
Qv7Ngh8rjmWlGXmnFwciYB4fxlBT40QPcj6jzch7G/J1SCZPSzpKFrPf7hD96jsM
FNjH5b0anJY3GbKJalK6irrE9dPNVVbDlv2sgkYBEk0ePUpY0m3Ly/mYynCD394h
7ZrpOCaavbheOKufU5FDTa0xpFGTHpzdgEfyo9uwGLkC5WI3wi3UVZdLT8HreFBA
Z2uzOSDkvBEhEsxvREqPxSNSnZDqrlPNLx53bv/k
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:31:00 2026 by rpki-client