Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5508DC6E118511F18BE3FFBCDAE4EC9C.roa
File: 5508DC6E118511F18BE3FFBCDAE4EC9C.roa (raw, json)
Hash identifier: PEyACcFCU3/W+K0SXA9F8GesL2XRsuA+/yRJ6zRxDEg=
Subject key identifier: 3D:37:4F:42:70:C1:85:64:E3:01:D5:32:51:F8:7D:20:7E:F0:52:35
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BB72
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5508DC6E118511F18BE3FFBCDAE4EC9C.roa
Signing time: Tue 24 Feb 2026 13:32:58 +0000
ROA not before: Tue 24 Feb 2026 13:32:54 +0000
ROA not after: Tue 31 Mar 2026 13:32:54 +0000
asID: 62240
IP address blocks: 154.194.126.0/24 maxlen: 24
154.195.3.0/24 maxlen: 24
154.195.97.0/24 maxlen: 24
154.195.98.0/24 maxlen: 24
154.195.99.0/24 maxlen: 24
154.195.101.0/24 maxlen: 24
154.195.102.0/24 maxlen: 24
154.195.103.0/24 maxlen: 24
154.195.104.0/24 maxlen: 24
154.195.105.0/24 maxlen: 24
154.195.106.0/24 maxlen: 24
154.196.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113522 (0x1bb72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 13:32:54 2026 GMT
Not After : Mar 31 13:32:54 2026 GMT
Subject: CN=699da88a-f61b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:11:30:e4:23:32:20:bd:de:33:16:a7:86:9f:
55:13:01:9d:f7:2e:30:40:4c:1d:69:4c:d3:3d:b1:
88:3e:b1:51:bc:cc:ac:07:c1:77:31:da:f4:c2:c9:
0b:6c:82:dc:a2:60:5d:6d:24:a3:33:f1:7e:1f:ff:
b6:ce:72:94:88:9e:b9:5b:06:11:5a:6a:ac:b6:11:
72:c2:f1:95:c4:3a:a0:d3:9f:e3:6f:05:c3:9f:70:
84:a1:05:3f:20:7e:e3:30:50:52:b1:cf:e4:51:27:
d6:7c:00:73:34:da:91:d1:0c:b1:5c:3e:c5:8e:36:
06:8c:1b:58:1a:7f:45:1e:32:93:7d:a3:98:43:4d:
c5:d1:a6:f9:58:62:31:65:3b:19:41:67:92:41:17:
7a:46:ac:e2:00:7e:1a:49:94:f6:9a:eb:55:51:c3:
a4:ac:aa:7a:38:3b:ff:3a:c1:c7:70:fd:2f:36:47:
d6:6d:81:6e:66:2c:60:07:ea:cd:c8:e5:9f:fb:32:
0f:2d:41:95:b3:4e:ab:44:a5:cf:4b:9d:f2:17:c7:
9f:52:92:c4:0d:94:39:06:ec:6f:2f:e0:c5:68:c1:
3d:a3:25:ef:4b:d4:91:a3:1e:d9:52:57:06:7f:85:
dd:53:cc:87:7b:ec:51:83:a9:aa:10:50:78:6b:cf:
76:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:37:4F:42:70:C1:85:64:E3:01:D5:32:51:F8:7D:20:7E:F0:52:35
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5508DC6E118511F18BE3FFBCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.126.0/24
154.195.3.0/24
154.195.97.0-154.195.99.255
154.195.101.0-154.195.106.255
154.196.88.0/24
Signature Algorithm: sha256WithRSAEncryption
02:53:e8:91:0e:2c:14:e7:41:05:b1:d0:a1:9c:92:c7:2e:aa:
52:d1:8a:e1:d2:ed:ca:21:40:63:2e:84:90:a4:6a:38:4f:7c:
ea:e6:a4:04:be:0b:3a:11:45:b1:c5:85:b6:88:01:ae:54:a1:
48:ad:13:a7:1c:b8:4f:25:5f:0f:1d:c1:4b:7d:a0:25:81:b3:
61:93:79:33:d2:2a:e8:39:b7:40:c0:4e:ad:6e:0a:42:1f:33:
ae:ed:a1:ae:12:5d:4c:ed:b7:bb:d8:86:06:84:06:f3:98:d7:
5a:3f:a1:58:e4:4c:95:4a:3b:9d:6d:03:1f:de:20:b0:fb:a8:
b1:fc:55:cc:dd:5c:d1:17:de:cc:c8:cd:0e:a5:b0:4f:ed:5b:
30:69:a2:1b:03:df:b8:71:da:a3:12:46:6b:9c:5a:a7:63:a7:
f6:91:c0:ab:38:c8:e4:2b:a7:74:fe:ff:7f:50:04:3d:5e:5a:
79:ec:f6:03:81:0f:c3:76:ac:a8:fb:45:24:66:f8:a9:be:d4:
da:e7:79:08:39:67:6b:7d:e9:7e:fe:04:e8:7b:40:38:b8:68:
b5:5c:d5:33:4e:2f:dc:53:f2:f6:bf:12:0b:55:e0:9b:82:5e:
ab:af:bf:e7:d2:5e:3a:35:20:47:ff:6a:d0:d5:87:14:2f:3a:
fa:e9:d3:b4
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAbtyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI0MTMzMjU0WhcNMjYwMzMxMTMzMjU0WjAYMRYw
FAYDVQQDEw02OTlkYTg4YS1mNjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmxEw5CMyIL3eMxanhp9VEwGd9y4wQEwdaUzTPbGIPrFRvMysB8F3Mdr0
wskLbILcomBdbSSjM/F+H/+2znKUiJ65WwYRWmqsthFywvGVxDqg05/jbwXDn3CE
oQU/IH7jMFBSsc/kUSfWfABzNNqR0QyxXD7FjjYGjBtYGn9FHjKTfaOYQ03F0ab5
WGIxZTsZQWeSQRd6RqziAH4aSZT2mutVUcOkrKp6ODv/OsHHcP0vNkfWbYFuZixg
B+rNyOWf+zIPLUGVs06rRKXPS53yF8efUpLEDZQ5BuxvL+DFaME9oyXvS9SRox7Z
UlcGf4XdU8yHe+xRg6mqEFB4a892twIDAQABo4ICzTCCAskwHQYDVR0OBBYEFD03
T0JwwYVk4wHVMlH4fSB+8FI1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NTA4REM2RTExODUxMUYxOEJFM0ZGQkNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAmsJ+AwQAmsMDMAwDBACa
w2EDBAKaw2AwDAMEAJrDZQMEAJrDagMEAJrEWDANBgkqhkiG9w0BAQsFAAOCAQEA
AlPokQ4sFOdBBbHQoZySxy6qUtGK4dLtyiFAYy6EkKRqOE986uakBL4LOhFFscWF
togBrlShSK0Tpxy4TyVfDx3BS32gJYGzYZN5M9Iq6Dm3QMBOrW4KQh8zru2hrhJd
TO23u9iGBoQG85jXWj+hWORMlUo7nW0DH94gsPuosfxVzN1c0RfezMjNDqWwT+1b
MGmiGwPfuHHaoxJGa5xap2On9pHAqzjI5CundP7/f1AEPV5aeez2A4EPw3asqPtF
JGb4qb7U2ud5CDlna33pfv4E6HtAOLhotVzVM04v3FPy9r8SC1Xgm4Jeq6+/59Je
OjUgR/9q0NWHFC86+unTtA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:53:00 2026 by rpki-client