Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/495CF61E000211F1A6D5F4A7DAE4EC9C.roa
File: 495CF61E000211F1A6D5F4A7DAE4EC9C.roa (raw, json)
Hash identifier: EnC/G05zM9dKH/30MSPyRb7L0M4t6X8YxA+swdIod+8=
Subject key identifier: A3:D7:F1:01:C8:A9:CC:44:A9:40:21:D2:10:3B:43:2E:DA:B3:82:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B831
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/495CF61E000211F1A6D5F4A7DAE4EC9C.roa
Signing time: Mon 02 Feb 2026 06:42:05 +0000
ROA not before: Mon 02 Feb 2026 06:42:00 +0000
ROA not after: Mon 09 Mar 2026 06:42:00 +0000
asID: 135377
IP address blocks: 154.202.65.0/24 maxlen: 24
154.202.66.0/23 maxlen: 24
154.202.66.0/24 maxlen: 24
154.202.67.0/24 maxlen: 24
154.202.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112689 (0x1b831)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 2 06:42:00 2026 GMT
Not After : Mar 9 06:42:00 2026 GMT
Subject: CN=6980473d-7b63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cd:8d:a3:f1:8c:8c:f2:dd:86:27:e3:33:5c:
c9:d6:c3:80:f0:f6:b4:22:08:dd:3a:77:76:88:34:
e0:2a:c0:bc:a4:5d:d4:89:39:bb:1f:3a:c6:c9:e5:
af:65:ae:6a:2b:86:40:74:7a:72:d0:6a:18:34:e6:
3f:5f:06:fb:71:42:8a:36:cb:15:84:33:8b:80:f6:
41:c1:f9:f0:c2:ba:06:b0:e0:8d:5b:33:10:33:e9:
da:7f:0a:28:32:6a:b7:77:bd:05:9c:b5:30:f5:89:
a3:3f:c0:ab:e5:c3:fa:3b:09:1a:1b:65:46:69:67:
04:25:a0:0b:1b:c2:13:ea:ff:62:10:f6:c3:50:7b:
cf:95:6e:78:e5:97:9f:7d:f1:37:da:39:6a:0f:41:
3a:d0:d6:be:ec:c4:87:48:8a:d6:a4:6e:7e:de:56:
ff:0c:4e:b5:61:86:12:b2:3f:71:d9:56:15:f2:be:
b4:67:49:fe:07:6e:20:40:1e:21:e9:7f:04:f6:e0:
de:d5:69:e3:1f:28:e8:b1:0b:f5:ce:1b:b7:c7:01:
c0:fd:69:ac:f7:c4:91:7d:02:56:28:bb:2b:5a:4b:
03:20:6c:40:c2:a2:83:66:35:84:1f:02:8d:e6:16:
bf:17:3a:c8:9f:b1:c6:d2:a1:a6:09:62:6c:ac:5e:
29:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D7:F1:01:C8:A9:CC:44:A9:40:21:D2:10:3B:43:2E:DA:B3:82:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/495CF61E000211F1A6D5F4A7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.65.0-154.202.68.255
Signature Algorithm: sha256WithRSAEncryption
c5:65:aa:c3:7a:6f:b9:f9:4d:9f:ce:40:5a:6a:b0:bc:a4:d5:
65:db:dc:11:34:70:e1:73:bc:67:43:f1:df:b2:f3:30:2d:ca:
47:6b:9a:8f:f7:9a:4f:c9:47:2c:7f:2f:ca:89:42:0f:a3:18:
34:0c:36:64:9f:9a:b8:50:0c:ca:1b:3f:ca:e7:86:ad:e5:76:
97:c8:01:76:9d:b4:91:56:a6:fb:a1:76:a5:e1:ee:20:56:2a:
ff:0f:bf:24:f8:0c:b6:9e:48:b3:25:b7:08:75:b6:5e:79:1c:
50:a8:a3:8b:c5:6c:47:6a:a3:b5:0b:8d:16:64:10:c3:6d:42:
12:e2:50:26:75:44:ce:1e:e6:bf:c7:b5:35:f8:7c:dc:03:cc:
b8:2c:b2:f2:3b:46:e5:7b:4f:a9:5f:1a:27:bb:e1:a3:f4:a7:
dd:60:c0:a2:b6:bc:fd:f7:2b:50:8a:05:83:a6:d8:8a:f2:87:
d2:96:74:7f:f2:51:46:fc:f7:14:6d:3d:6f:b4:72:d3:b2:23:
89:04:40:cc:ff:d7:ba:f3:95:cd:94:0d:a0:d2:2a:cc:d8:51:
2e:66:fe:e9:fb:1c:7a:f9:af:08:42:a0:7a:03:aa:3b:f9:49:
76:6c:16:e1:5d:c4:c7:49:cb:82:bd:f8:a4:5c:de:d0:2a:2c:
53:ae:56:b2
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAbgxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjAyMDY0MjAwWhcNMjYwMzA5MDY0MjAwWjAYMRYw
FAYDVQQDEw02OTgwNDczZC03YjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuc2No/GMjPLdhifjM1zJ1sOA8Pa0IgjdOnd2iDTgKsC8pF3UiTm7HzrG
yeWvZa5qK4ZAdHpy0GoYNOY/Xwb7cUKKNssVhDOLgPZBwfnwwroGsOCNWzMQM+na
fwooMmq3d70FnLUw9YmjP8Cr5cP6OwkaG2VGaWcEJaALG8IT6v9iEPbDUHvPlW54
5ZefffE32jlqD0E60Na+7MSHSIrWpG5+3lb/DE61YYYSsj9x2VYV8r60Z0n+B24g
QB4h6X8E9uDe1WnjHyjosQv1zhu3xwHA/Wms98SRfQJWKLsrWksDIGxAwqKDZjWE
HwKN5ha/FzrIn7HG0qGmCWJsrF4pRwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKPX
8QHIqcxEqUAh0hA7Qy7as4JXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OTVDRjYxRTAwMDIxMUYxQTZENUY0QTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaykEDBACaykQwDQYJ
KoZIhvcNAQELBQADggEBAMVlqsN6b7n5TZ/OQFpqsLyk1WXb3BE0cOFzvGdD8d+y
8zAtykdrmo/3mk/JRyx/L8qJQg+jGDQMNmSfmrhQDMobP8rnhq3ldpfIAXadtJFW
pvuhdqXh7iBWKv8PvyT4DLaeSLMltwh1tl55HFCoo4vFbEdqo7ULjRZkEMNtQhLi
UCZ1RM4e5r/HtTX4fNwDzLgssvI7RuV7T6lfGie74aP0p91gwKK2vP33K1CKBYOm
2Iryh9KWdH/yUUb89xRtPW+0ctOyI4kEQMz/17rzlc2UDaDSKszYUS5m/un7HHr5
rwhCoHoDqjv5SXZsFuFdxMdJy4K9+KRc3tAqLFOuVrI=
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:19:37 2026 by rpki-client