Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5686C5DE097311F1BD0090A8DAE4EC9C.roa
File: 5686C5DE097311F1BD0090A8DAE4EC9C.roa (raw, json)
Hash identifier: gP/22Vm2+wH2AD7JZMDwLwREOX2YLYpCzS+bzgRSnG8=
Subject key identifier: ED:F2:DB:D7:F2:AB:80:78:8D:90:83:B2:57:F7:8F:05:92:D8:78:47
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B957
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5686C5DE097311F1BD0090A8DAE4EC9C.roa
Signing time: Sat 14 Feb 2026 07:04:01 +0000
ROA not before: Sat 14 Feb 2026 07:03:56 +0000
ROA not after: Fri 20 Mar 2026 07:03:56 +0000
asID: 273155
IP address blocks: 154.200.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112983 (0x1b957)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 14 07:03:56 2026 GMT
Not After : Mar 20 07:03:56 2026 GMT
Subject: CN=69901e60-efda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fe:2e:c7:a5:b4:9c:54:e0:64:01:cf:de:a5:
a8:8f:43:57:de:a1:84:46:d7:49:5c:cf:72:93:c9:
20:a8:31:b8:c2:eb:57:c8:3d:a1:9a:6f:64:0d:ef:
28:f4:18:15:9d:9b:1f:2b:39:03:46:22:84:cd:f9:
a7:fc:f6:93:87:71:58:bb:c3:22:26:6b:88:35:6a:
bb:79:50:60:ff:3f:0b:9c:ca:18:b7:6d:42:1c:1c:
ac:cf:dc:ea:79:02:fa:cf:ec:30:94:d6:bf:48:65:
49:07:1c:ec:d2:88:8c:a7:74:a3:eb:c1:e8:84:be:
06:ac:b4:1c:a0:69:39:e3:5a:ba:ae:15:96:1f:06:
74:0b:81:16:4b:50:03:41:e3:f3:56:ff:b8:6f:99:
94:93:37:7e:a8:5c:e0:82:7a:d1:68:a0:dd:ca:fb:
24:e1:41:9f:d4:c2:6f:3e:5a:e4:9f:57:3c:dc:d6:
bd:c6:cd:c0:06:d2:c8:94:88:8c:5a:39:b1:b5:8f:
b5:dd:6a:fa:42:e7:fd:ff:df:91:17:e4:94:ef:36:
3f:5b:fe:51:1d:7f:3c:54:91:88:e5:7a:21:22:0d:
34:d9:27:db:3b:fb:be:59:02:f1:40:e1:e4:46:ee:
da:13:3d:a9:bc:ea:ee:ea:d5:6c:7f:6a:87:79:5b:
c5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F2:DB:D7:F2:AB:80:78:8D:90:83:B2:57:F7:8F:05:92:D8:78:47
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5686C5DE097311F1BD0090A8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.236.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:9b:59:79:bf:64:b7:f7:73:d3:a4:0b:55:38:9f:68:49:b7:
db:a6:78:ee:48:04:d2:fd:5e:62:3a:b5:c1:ba:61:d2:5d:a0:
6f:15:2b:2d:69:9b:5a:bc:27:91:9c:1c:98:32:4b:67:12:f3:
b3:4a:69:60:9b:30:8c:e5:27:29:20:ec:09:1b:91:44:1c:f5:
e5:0c:db:e3:1d:b8:b5:c7:c8:7b:d8:35:cb:29:5a:4f:5d:89:
3f:ec:fb:3d:51:f0:87:70:0f:1a:b3:7e:40:5c:f6:db:46:ac:
fd:09:8f:be:42:d8:87:bc:bb:07:78:6f:7e:23:44:a0:68:ec:
7c:f7:01:fb:67:89:bb:aa:dc:3c:fb:c0:78:5c:90:e5:06:e7:
be:ff:ea:1d:18:70:6c:a5:7a:6f:29:3a:cc:ea:b8:82:91:87:
2b:55:6c:3f:80:4f:08:d1:24:2b:bf:d4:f2:0e:de:00:d5:17:
cd:14:16:f9:65:a5:a2:66:54:f9:c9:3d:ca:0c:80:23:43:81:
80:5d:8a:80:01:bd:32:6f:9b:c4:a7:ce:d6:81:5c:1d:94:7f:
c6:f0:51:b1:9b:1b:33:d7:11:3d:1b:79:e6:19:af:46:c5:c6:
b0:51:2e:27:95:47:37:86:95:81:9c:b1:d7:27:29:0a:10:01:
45:27:99:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAblXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjE0MDcwMzU2WhcNMjYwMzIwMDcwMzU2WjAYMRYw
FAYDVQQDEw02OTkwMWU2MC1lZmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0f4ux6W0nFTgZAHP3qWoj0NX3qGERtdJXM9yk8kgqDG4wutXyD2hmm9k
De8o9BgVnZsfKzkDRiKEzfmn/PaTh3FYu8MiJmuINWq7eVBg/z8LnMoYt21CHBys
z9zqeQL6z+wwlNa/SGVJBxzs0oiMp3Sj68HohL4GrLQcoGk541q6rhWWHwZ0C4EW
S1ADQePzVv+4b5mUkzd+qFzggnrRaKDdyvsk4UGf1MJvPlrkn1c83Na9xs3ABtLI
lIiMWjmxtY+13Wr6Quf9/9+RF+SU7zY/W/5RHX88VJGI5XohIg002SfbO/u+WQLx
QOHkRu7aEz2pvOru6tVsf2qHeVvFIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO3y
29fyq4B4jZCDslf3jwWS2HhHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81Njg2QzVERTA5NzMxMUYxQkQwMDkwQThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsjsMA0GCSqGSIb3DQEB
CwUAA4IBAQCym1l5v2S393PTpAtVOJ9oSbfbpnjuSATS/V5iOrXBumHSXaBvFSst
aZtavCeRnByYMktnEvOzSmlgmzCM5ScpIOwJG5FEHPXlDNvjHbi1x8h72DXLKVpP
XYk/7Ps9UfCHcA8as35AXPbbRqz9CY++QtiHvLsHeG9+I0SgaOx89wH7Z4m7qtw8
+8B4XJDlBue+/+odGHBspXpvKTrM6riCkYcrVWw/gE8I0SQrv9TyDt4A1RfNFBb5
ZaWiZlT5yT3KDIAjQ4GAXYqAAb0yb5vEp87WgVwdlH/G8FGxmxsz1xE9G3nmGa9G
xcawUS4nlUc3hpWBnLHXJykKEAFFJ5mE
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:03:20 2026 by rpki-client