Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/666F3AC4058311F1B757E3F5DAE4EC9C.roa
File: 666F3AC4058311F1B757E3F5DAE4EC9C.roa (raw, json)
Hash identifier: TG8LtzPL+PPiPwxYtMLpoeO7q3sJnQBGzgf1ryhlYdY=
Subject key identifier: C1:6B:4B:BF:BB:C0:AA:E8:AE:D1:18:DC:18:32:7D:C0:B1:F4:39:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B8E6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/666F3AC4058311F1B757E3F5DAE4EC9C.roa
Signing time: Mon 09 Feb 2026 06:48:55 +0000
ROA not before: Mon 09 Feb 2026 06:48:46 +0000
ROA not after: Tue 10 Mar 2026 06:48:46 +0000
asID: 401701
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112870 (0x1b8e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 9 06:48:46 2026 GMT
Not After : Mar 10 06:48:46 2026 GMT
Subject: CN=69898357-208a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:10:ec:21:44:58:d6:68:fd:c8:c4:a9:1f:22:
3d:35:88:4b:02:94:7e:c5:84:d6:0a:a7:9b:10:65:
92:5d:57:9a:15:f7:85:f4:d5:54:1e:85:ac:fa:fa:
ec:bc:a0:b7:b9:0b:1d:3b:f1:61:d5:55:f8:4a:f2:
a8:15:92:3c:80:32:f7:0a:6d:0f:f5:cd:5a:a5:69:
6b:5c:07:01:b2:b3:e5:02:ac:da:bd:b4:6e:27:83:
61:f2:bf:a8:e5:3b:f6:ab:54:a5:9f:f4:55:93:c3:
fc:c2:8f:fa:dd:76:09:f9:dd:3c:80:83:bd:68:32:
69:4d:70:42:4a:68:bf:b2:74:3e:74:12:6b:67:9a:
c3:5a:20:dd:5b:e4:02:3e:3c:80:ec:0b:0c:f3:25:
32:72:15:ef:40:7a:1c:d7:2e:0b:e6:49:25:1c:39:
5e:79:e5:fc:ab:65:f1:d0:98:4a:b9:97:90:30:f3:
32:6b:5f:67:75:ec:38:54:05:d2:59:ca:dd:1a:f3:
e3:0b:bb:3a:12:6d:6d:a1:17:b5:db:bd:90:89:df:
6f:a1:c0:bf:76:5f:ce:94:b9:4b:80:19:57:df:a7:
24:4c:25:42:7f:66:a8:49:c2:f6:5c:a5:40:7b:7c:
90:59:18:8e:1f:bb:37:d7:78:be:de:2a:43:45:ac:
ca:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:6B:4B:BF:BB:C0:AA:E8:AE:D1:18:DC:18:32:7D:C0:B1:F4:39:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/666F3AC4058311F1B757E3F5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
90:ba:0c:d9:c4:ec:9d:a8:e9:64:20:07:fb:78:fa:e5:fc:01:
95:96:91:06:4f:ad:0a:98:8c:5b:cc:4f:05:e2:58:a3:f5:5f:
e3:c7:3d:1d:f6:14:87:87:ac:bf:ac:6b:2f:f8:92:d1:39:75:
1e:0b:e7:47:2a:9e:fd:43:1d:d1:e4:f1:3b:60:85:94:d9:27:
ac:5f:ce:ee:12:93:87:54:48:3a:f5:c3:44:56:01:26:d3:18:
0c:55:a6:19:3d:68:e8:8a:2d:22:c2:4b:a2:2c:d5:d1:66:c5:
9b:6e:00:11:dd:97:c0:7e:9d:66:80:a9:59:ef:3c:70:0f:53:
8a:7b:39:e7:4c:ab:12:86:82:6d:46:df:67:00:69:9a:80:f8:
c2:1d:c0:8d:d6:15:2b:c9:d7:97:c5:79:46:b6:34:3e:35:e1:
60:22:cc:72:e1:cf:7c:4d:74:bf:e8:cf:b9:e8:c8:bb:4a:cc:
e9:0e:7b:e2:e9:84:38:40:cf:6f:23:02:e3:b2:e2:eb:56:a7:
13:54:16:e2:94:9d:23:9b:86:dc:1a:0b:e9:83:e1:05:20:f8:
63:d2:73:ce:28:4f:95:36:62:30:9c:6f:22:58:2d:fb:78:d2:
5b:6e:eb:3f:f8:97:41:6f:53:be:7b:94:a7:82:d0:24:dc:78:
50:ac:48:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbjmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjA5MDY0ODQ2WhcNMjYwMzEwMDY0ODQ2WjAYMRYw
FAYDVQQDEw02OTg5ODM1Ny0yMDhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoBDsIURY1mj9yMSpHyI9NYhLApR+xYTWCqebEGWSXVeaFfeF9NVUHoWs
+vrsvKC3uQsdO/Fh1VX4SvKoFZI8gDL3Cm0P9c1apWlrXAcBsrPlAqzavbRuJ4Nh
8r+o5Tv2q1Sln/RVk8P8wo/63XYJ+d08gIO9aDJpTXBCSmi/snQ+dBJrZ5rDWiDd
W+QCPjyA7AsM8yUychXvQHoc1y4L5kklHDleeeX8q2Xx0JhKuZeQMPMya19ndew4
VAXSWcrdGvPjC7s6Em1toRe1272Qid9vocC/dl/OlLlLgBlX36ckTCVCf2aoScL2
XKVAe3yQWRiOH7s313i+3ipDRazKNwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMFr
S7+7wKrortEY3BgyfcCx9DmIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NjZGM0FDNDA1ODMxMUYxQjc1N0UzRjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQCQugzZxOydqOlkIAf7ePrl/AGVlpEGT60KmIxbzE8F4lij9V/jxz0d
9hSHh6y/rGsv+JLROXUeC+dHKp79Qx3R5PE7YIWU2SesX87uEpOHVEg69cNEVgEm
0xgMVaYZPWjoii0iwkuiLNXRZsWbbgAR3ZfAfp1mgKlZ7zxwD1OKeznnTKsShoJt
Rt9nAGmagPjCHcCN1hUrydeXxXlGtjQ+NeFgIsxy4c98TXS/6M+56Mi7SszpDnvi
6YQ4QM9vIwLjsuLrVqcTVBbilJ0jm4bcGgvpg+EFIPhj0nPOKE+VNmIwnG8iWC37
eNJbbus/+JdBb1O+e5SngtAk3HhQrEik
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:41:40 2026 by rpki-client