Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4587265C0BD511F19B855FCFDAE4EC9C.roa
File: 4587265C0BD511F19B855FCFDAE4EC9C.roa (raw, json)
Hash identifier: Z9iM2aEKCRiK6VLIsiZ3wtfZWfiyv8eTtD31zprl2ZE=
Subject key identifier: 45:46:D1:74:EB:5C:34:9B:52:82:6B:EF:95:B6:08:1A:FE:48:C4:59
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B9E9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4587265C0BD511F19B855FCFDAE4EC9C.roa
Signing time: Tue 17 Feb 2026 07:50:05 +0000
ROA not before: Tue 17 Feb 2026 07:50:00 +0000
ROA not after: Tue 24 Mar 2026 07:50:00 +0000
asID: 40065
IP address blocks: 154.89.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113129 (0x1b9e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 17 07:50:00 2026 GMT
Not After : Mar 24 07:50:00 2026 GMT
Subject: CN=69941dad-0482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:4d:4c:e5:f4:d3:65:66:e9:ae:38:90:31:1d:
da:76:5f:a9:98:5c:57:12:90:6e:80:a5:4d:97:6b:
2e:5c:13:65:c9:bc:2b:43:8e:a7:f0:1d:ba:36:21:
4e:a8:3b:bd:b6:1f:c0:18:f5:ba:0f:d7:ed:7c:47:
e6:cb:a6:a5:26:37:0a:29:77:80:83:ee:e7:91:00:
0f:69:1b:e2:55:d2:86:f2:05:47:cc:54:96:31:56:
ad:1c:ec:62:2b:8d:13:4f:db:92:34:9f:a1:9a:a6:
12:16:95:95:22:45:c1:24:d0:d0:03:78:c0:0e:02:
54:ad:3a:72:46:32:61:5e:6b:d5:69:dc:ea:39:a2:
ae:5d:27:8d:76:2f:f4:e1:32:6e:93:7d:69:a5:f6:
d4:bb:ed:74:12:11:3f:59:ec:36:db:2c:37:3b:0d:
9f:e8:41:b9:63:94:33:cf:de:46:16:89:6a:8e:59:
96:63:8f:ef:8b:4d:cd:e2:25:12:0d:7a:f4:10:8e:
0b:6d:46:b4:ed:58:af:71:99:9a:b7:dc:4f:1a:11:
4f:53:4f:0c:96:e4:11:b8:91:92:42:8c:fb:73:33:
f6:49:3b:14:6b:6e:e1:34:19:cd:45:f7:eb:be:82:
82:a7:7b:13:f1:b6:ac:fb:46:d4:6f:5b:68:4e:c6:
29:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:46:D1:74:EB:5C:34:9B:52:82:6B:EF:95:B6:08:1A:FE:48:C4:59
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4587265C0BD511F19B855FCFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.160.0/19
Signature Algorithm: sha256WithRSAEncryption
bb:2f:ae:21:86:49:57:86:4d:1d:74:ed:d1:a3:cf:4a:4d:96:
da:d4:9b:d8:02:1b:25:d5:2b:b8:ee:ff:ec:c5:e6:c3:1b:c2:
1e:71:b9:eb:d1:d2:13:1f:e0:df:72:64:ad:dd:2c:a5:35:26:
fb:ed:72:89:fd:69:00:61:f0:0e:1f:39:21:8e:82:8e:7f:13:
59:df:ec:88:de:f5:f5:24:c1:11:c8:22:83:d7:7e:9e:c8:7e:
3a:53:70:7c:93:98:8e:91:fe:95:0a:64:f8:a7:e9:11:c2:25:
7e:fe:9a:e2:30:7f:94:07:b2:8a:59:b7:d4:63:eb:f1:b6:4a:
b2:24:d2:62:85:a7:77:9e:47:86:df:cc:0d:9f:b1:ef:be:45:
a7:1d:13:f2:c8:e6:a1:67:34:22:c1:71:81:0f:4d:37:03:f7:
d6:a8:10:74:c7:4a:91:99:07:56:1c:51:f9:c3:13:12:6d:9a:
df:db:39:e5:ed:59:da:17:37:3a:98:d2:87:73:e5:73:03:6e:
3f:b2:3e:d5:2f:fd:86:43:b1:27:76:c4:39:f0:ed:0d:9a:5c:
a7:11:97:7e:93:4c:a6:08:57:68:fe:80:ec:c2:90:d4:a1:e0:
95:09:29:43:09:bb:3f:35:d2:b3:11:43:48:7e:bf:72:8b:0e:
00:cc:4a:38
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbnpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjE3MDc1MDAwWhcNMjYwMzI0MDc1MDAwWjAYMRYw
FAYDVQQDEw02OTk0MWRhZC0wNDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA701M5fTTZWbprjiQMR3adl+pmFxXEpBugKVNl2suXBNlybwrQ46n8B26
NiFOqDu9th/AGPW6D9ftfEfmy6alJjcKKXeAg+7nkQAPaRviVdKG8gVHzFSWMVat
HOxiK40TT9uSNJ+hmqYSFpWVIkXBJNDQA3jADgJUrTpyRjJhXmvVadzqOaKuXSeN
di/04TJuk31ppfbUu+10EhE/Wew22yw3Ow2f6EG5Y5Qzz95GFolqjlmWY4/vi03N
4iUSDXr0EI4LbUa07VivcZmat9xPGhFPU08MluQRuJGSQoz7czP2STsUa27hNBnN
RffrvoKCp3sT8bas+0bUb1toTsYp+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEVG
0XTrXDSbUoJr75W2CBr+SMRZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NTg3MjY1QzBCRDUxMUYxOUI4NTVGQ0ZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlmgMA0GCSqGSIb3DQEB
CwUAA4IBAQC7L64hhklXhk0ddO3Ro89KTZba1JvYAhsl1Su47v/sxebDG8Iecbnr
0dITH+DfcmSt3SylNSb77XKJ/WkAYfAOHzkhjoKOfxNZ3+yI3vX1JMERyCKD136e
yH46U3B8k5iOkf6VCmT4p+kRwiV+/priMH+UB7KKWbfUY+vxtkqyJNJihad3nkeG
38wNn7HvvkWnHRPyyOahZzQiwXGBD003A/fWqBB0x0qRmQdWHFH5wxMSbZrf2znl
7VnaFzc6mNKHc+VzA24/sj7VL/2GQ7EndsQ58O0NmlynEZd+k0ymCFdo/oDswpDU
oeCVCSlDCbs/NdKzEUNIfr9yiw4AzEo4
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:19:20 2026 by rpki-client