Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65BB5DC2FF4A11F09FD7C1BADAE4EC9C.roa
File: 65BB5DC2FF4A11F09FD7C1BADAE4EC9C.roa (raw, json)
Hash identifier: 6e+3nvKjdvQbOzved8XT3tEmFEGvtFDtBYqLwxnCukA=
Subject key identifier: B6:F2:7B:65:D0:BE:DF:24:F8:F4:19:79:CA:5A:BA:35:05:F2:C9:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B7FE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65BB5DC2FF4A11F09FD7C1BADAE4EC9C.roa
Signing time: Sun 01 Feb 2026 08:45:45 +0000
ROA not before: Sun 01 Feb 2026 08:45:40 +0000
ROA not after: Sat 07 Mar 2026 08:45:40 +0000
asID: 394432
IP address blocks: 154.90.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112638 (0x1b7fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 1 08:45:40 2026 GMT
Not After : Mar 7 08:45:40 2026 GMT
Subject: CN=697f12b9-0176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a9:4e:69:11:41:75:8a:27:fb:4c:38:d0:2f:
00:96:98:c1:21:25:87:1c:4d:18:da:8f:38:d6:4f:
69:6f:8b:42:33:b4:5c:e8:d0:22:97:66:9a:07:7f:
43:2f:c7:78:b6:a3:fe:e3:04:5a:b1:b7:88:e9:7f:
a9:6a:a0:4b:2d:09:2d:7f:cd:88:c2:1a:f9:05:c6:
38:5b:b8:01:af:90:69:cd:a5:4a:72:4d:30:90:48:
b7:bb:cb:80:f3:dd:2b:d3:2f:e1:b9:19:9d:f7:3e:
3d:1b:02:4d:06:99:f4:ff:c9:51:7d:f9:b8:8d:b6:
a6:14:68:38:48:b1:48:5b:26:12:bc:02:fd:ae:30:
03:a6:2d:7c:7b:a7:b2:cf:db:a4:c5:27:e3:21:39:
d9:3d:21:9d:b2:3f:6d:96:e1:fd:68:dd:35:b0:88:
cf:6f:5e:c3:e2:c3:cb:bb:19:75:43:35:da:29:ea:
58:18:65:16:96:e2:5a:4c:2a:8f:a8:5f:f8:23:8a:
d1:41:c0:de:25:4c:c9:57:8c:bf:98:12:3c:d9:5e:
4f:bd:bd:d6:cc:c2:d9:47:81:07:32:3c:07:43:bf:
40:14:ea:7f:93:ae:65:20:28:0f:d6:d6:46:5f:e3:
ad:3c:f0:5d:fa:09:14:bc:55:d4:29:60:dc:7d:5b:
25:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F2:7B:65:D0:BE:DF:24:F8:F4:19:79:CA:5A:BA:35:05:F2:C9:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65BB5DC2FF4A11F09FD7C1BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.224.0/19
Signature Algorithm: sha256WithRSAEncryption
14:a1:01:63:23:b0:9e:e4:e2:b4:96:1b:75:25:fd:62:4e:a0:
80:ce:c7:5c:df:79:d5:af:d2:9c:c3:34:c0:34:3b:8b:13:33:
f9:af:72:83:00:4c:cf:f3:84:67:40:72:9c:3d:e9:27:b6:d6:
af:00:aa:d3:58:2e:c3:95:e4:00:f0:37:0d:74:1d:2c:e9:47:
0c:92:8d:bd:96:96:8a:45:94:08:0e:92:9b:bd:92:e6:00:a0:
1f:73:bd:7b:0e:50:df:8d:bd:bb:64:93:05:3c:a6:de:1b:a9:
ba:15:e1:9b:af:10:9f:73:8f:5c:ff:08:25:a2:f7:37:0f:89:
99:69:6a:f6:9c:88:92:21:87:6f:30:ba:b4:6e:55:6d:d0:83:
a7:34:66:1d:8b:08:25:02:97:60:db:29:1e:41:93:6b:75:96:
ab:c4:c9:26:8b:0b:5c:7a:1f:16:d2:b3:db:7f:f3:ed:94:65:
61:2a:f0:c6:1e:5d:75:ca:7a:ef:0e:d9:a9:0d:82:b7:17:cc:
de:ed:12:6e:4b:92:36:18:df:84:41:4e:87:04:da:47:6a:9d:
16:0e:b1:13:b6:b9:44:bb:0f:76:70:3c:5e:63:be:e3:4b:0e:
b9:b5:0a:b3:1a:23:90:66:5c:00:84:f7:70:a6:0f:ba:b1:95:
b3:bb:e3:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbf+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjAxMDg0NTQwWhcNMjYwMzA3MDg0NTQwWjAYMRYw
FAYDVQQDEw02OTdmMTJiOS0wMTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvqlOaRFBdYon+0w40C8AlpjBISWHHE0Y2o841k9pb4tCM7Rc6NAil2aa
B39DL8d4tqP+4wRasbeI6X+paqBLLQktf82Iwhr5BcY4W7gBr5BpzaVKck0wkEi3
u8uA890r0y/huRmd9z49GwJNBpn0/8lRffm4jbamFGg4SLFIWyYSvAL9rjADpi18
e6eyz9ukxSfjITnZPSGdsj9tluH9aN01sIjPb17D4sPLuxl1QzXaKepYGGUWluJa
TCqPqF/4I4rRQcDeJUzJV4y/mBI82V5Pvb3WzMLZR4EHMjwHQ79AFOp/k65lICgP
1tZGX+OtPPBd+gkUvFXUKWDcfVslrQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLby
e2XQvt8k+PQZecpaujUF8skrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NUJCNURDMkZGNEExMUYwOUZEN0MxQkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlrgMA0GCSqGSIb3DQEB
CwUAA4IBAQAUoQFjI7Ce5OK0lht1Jf1iTqCAzsdc33nVr9KcwzTANDuLEzP5r3KD
AEzP84RnQHKcPeknttavAKrTWC7DleQA8DcNdB0s6UcMko29lpaKRZQIDpKbvZLm
AKAfc717DlDfjb27ZJMFPKbeG6m6FeGbrxCfc49c/wglovc3D4mZaWr2nIiSIYdv
MLq0blVt0IOnNGYdiwglApdg2ykeQZNrdZarxMkmiwtceh8W0rPbf/PtlGVhKvDG
Hl11ynrvDtmpDYK3F8ze7RJuS5I2GN+EQU6HBNpHap0WDrETtrlEuw92cDxeY77j
Sw65tQqzGiOQZlwAhPdwpg+6sZWzu+MG
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:07:15 2026 by rpki-client