Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6223D5FA072311F1986AE8F2DAE4EC9C.roa
File: 6223D5FA072311F1986AE8F2DAE4EC9C.roa (raw, json)
Hash identifier: c+23cWdRuCJH6Weq0MJCcAMUp/Yn9z5S/N1irK2PYc4=
Subject key identifier: 70:4A:F3:4C:B7:5C:E2:55:B1:E4:27:52:09:A9:36:EB:70:77:BC:87
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B924
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6223D5FA072311F1986AE8F2DAE4EC9C.roa
Signing time: Wed 11 Feb 2026 08:26:38 +0000
ROA not before: Wed 11 Feb 2026 08:26:33 +0000
ROA not after: Wed 18 Mar 2026 08:26:33 +0000
asID: 395886
IP address blocks: 154.200.128.0/24 maxlen: 24
154.200.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112932 (0x1b924)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 11 08:26:33 2026 GMT
Not After : Mar 18 08:26:33 2026 GMT
Subject: CN=698c3d3e-b12c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c1:64:2e:49:a1:26:c3:89:83:cc:d7:f6:a2:
96:f6:81:8d:7a:e9:15:c8:01:ac:95:8f:2b:2b:c5:
3a:a2:9b:89:de:58:cb:d8:1f:37:6a:0f:1d:69:48:
33:29:0b:11:51:11:c7:77:cf:57:4a:56:12:14:d5:
ef:f3:45:f2:0e:39:82:16:d4:ae:6d:30:ab:dc:bd:
18:b7:91:c4:b8:0e:71:b2:bd:90:96:0c:b0:e1:d7:
52:2b:76:08:cd:59:80:f8:5b:84:c4:d7:af:50:f2:
92:eb:43:55:0d:79:b5:6e:6e:d2:b8:78:1d:69:c1:
28:f7:0a:5c:de:1c:e4:7a:1a:06:fa:57:c4:bd:5e:
78:df:99:db:bb:91:a2:0b:7f:c0:d0:6f:4d:4e:ed:
fe:3a:81:28:45:18:26:47:64:4f:d7:ca:53:32:4c:
18:19:73:c4:f8:a8:10:75:a2:62:b8:0e:d6:b3:a7:
60:ac:d2:24:30:b5:ba:fe:36:8b:cf:02:90:59:50:
75:d8:36:59:db:ef:07:e0:a7:28:ed:6e:75:35:db:
83:96:b1:a3:db:56:65:35:f3:f2:f1:1c:58:96:dc:
5e:53:d3:9b:a2:d1:2b:a7:29:90:09:25:83:13:8e:
76:e7:a6:eb:1f:4d:33:0a:22:ae:24:de:06:89:9a:
84:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:4A:F3:4C:B7:5C:E2:55:B1:E4:27:52:09:A9:36:EB:70:77:BC:87
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6223D5FA072311F1986AE8F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.128.0/24
154.200.132.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:d2:eb:b1:ab:a7:3c:f0:06:04:1f:11:13:7a:11:16:40:0a:
ad:f0:50:81:d2:75:2e:27:fb:03:50:5a:4d:1a:ad:5b:08:05:
df:83:71:89:ae:80:3e:d2:61:9e:7d:68:5c:26:a0:b8:1a:7e:
35:57:40:14:1d:89:50:35:51:41:8e:f5:34:41:bc:f9:00:05:
43:3e:a3:50:a6:73:f4:29:cd:37:1d:ef:cf:cd:83:62:ba:59:
31:8a:75:b5:e0:05:87:30:3a:88:31:c3:98:ad:d5:07:29:6e:
44:0b:a1:64:fb:bf:81:06:e5:ec:fa:c3:b7:90:fa:b4:94:3b:
61:be:25:66:76:7a:74:5d:ec:59:39:60:3f:6d:23:32:c7:83:
d7:66:fd:25:05:24:e7:e4:58:d2:49:af:06:6e:95:ed:5a:fc:
ee:7e:ae:f8:25:08:33:45:5b:48:8d:15:49:3c:5a:9c:0c:6a:
18:d7:17:a9:73:e3:bd:53:cf:30:08:91:e4:44:06:98:59:9f:
a6:36:77:2f:8a:0c:74:b3:f8:4c:44:cc:61:3c:63:40:40:69:
32:16:29:72:08:d7:38:1c:d5:f5:ef:66:b8:63:da:61:3e:ae:
f0:d6:83:ac:f4:71:69:5f:4e:aa:41:70:b5:21:41:67:ad:48:
a2:fa:d8:26
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAbkkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjExMDgyNjMzWhcNMjYwMzE4MDgyNjMzWjAYMRYw
FAYDVQQDEw02OThjM2QzZS1iMTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt8FkLkmhJsOJg8zX9qKW9oGNeukVyAGslY8rK8U6opuJ3ljL2B83ag8d
aUgzKQsRURHHd89XSlYSFNXv80XyDjmCFtSubTCr3L0Yt5HEuA5xsr2Qlgyw4ddS
K3YIzVmA+FuExNevUPKS60NVDXm1bm7SuHgdacEo9wpc3hzkehoG+lfEvV5435nb
u5GiC3/A0G9NTu3+OoEoRRgmR2RP18pTMkwYGXPE+KgQdaJiuA7Ws6dgrNIkMLW6
/jaLzwKQWVB12DZZ2+8H4Kco7W51NduDlrGj21ZlNfPy8RxYltxeU9ObotErpymQ
CSWDE45256brH00zCiKuJN4GiZqESQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFHBK
80y3XOJVseQnUgmpNutwd7yHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MjIzRDVGQTA3MjMxMUYxOTg2QUU4RjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsiAAwQAmsiEMA0GCSqG
SIb3DQEBCwUAA4IBAQDB0uuxq6c88AYEHxETehEWQAqt8FCB0nUuJ/sDUFpNGq1b
CAXfg3GJroA+0mGefWhcJqC4Gn41V0AUHYlQNVFBjvU0Qbz5AAVDPqNQpnP0Kc03
He/PzYNiulkxinW14AWHMDqIMcOYrdUHKW5EC6Fk+7+BBuXs+sO3kPq0lDthviVm
dnp0XexZOWA/bSMyx4PXZv0lBSTn5FjSSa8GbpXtWvzufq74JQgzRVtIjRVJPFqc
DGoY1xepc+O9U88wCJHkRAaYWZ+mNncvigx0s/hMRMxhPGNAQGkyFilyCNc4HNX1
72a4Y9phPq7w1oOs9HFpX06qQXC1IUFnrUii+tgm
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:19:42 2026 by rpki-client