Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6BC603F0FE7A11F08C91A9BBDAE4EC9C.roa
File: 6BC603F0FE7A11F08C91A9BBDAE4EC9C.roa (raw, json)
Hash identifier: ToeWvd1f3u0AS/2C08PcXFeMpuj8e4jYwS5QbC3XgDI=
Subject key identifier: 0A:E7:A1:73:94:B7:D1:9C:E2:89:69:93:EE:F4:87:1D:A7:FC:41:A0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B7BA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6BC603F0FE7A11F08C91A9BBDAE4EC9C.roa
Signing time: Sat 31 Jan 2026 07:57:00 +0000
ROA not before: Sat 31 Jan 2026 07:56:55 +0000
ROA not after: Sun 08 Mar 2026 07:56:55 +0000
asID: 202656
IP address blocks: 154.218.30.0/24 maxlen: 24
154.219.16.0/24 maxlen: 24
154.219.24.0/24 maxlen: 24
154.219.28.0/24 maxlen: 24
154.219.207.0/24 maxlen: 24
154.219.211.0/24 maxlen: 24
154.219.222.0/24 maxlen: 24
154.219.230.0/24 maxlen: 24
154.219.232.0/24 maxlen: 24
154.219.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112570 (0x1b7ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 31 07:56:55 2026 GMT
Not After : Mar 8 07:56:55 2026 GMT
Subject: CN=697db5cc-9c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9b:d6:cd:eb:21:77:f2:14:d5:8e:e3:1f:89:
6f:c0:e9:30:3d:12:a9:23:05:95:9f:3f:f2:d0:f0:
62:b8:ed:cd:ee:72:af:ab:2c:5d:ee:81:b3:20:f5:
7d:5f:d5:d3:16:da:d2:99:1a:6f:05:ee:d4:b0:35:
00:2d:22:94:a0:d9:8f:f6:0e:00:b6:a5:63:23:e6:
63:ef:e1:9b:8f:6f:00:a5:10:81:cb:0a:d7:b7:2a:
bf:39:a9:75:21:5e:57:a0:44:bf:36:c8:b4:71:5b:
fa:66:e8:de:21:59:d5:de:22:a3:92:21:7a:66:ac:
60:e7:5a:df:7f:66:e6:40:19:8e:04:cb:08:97:10:
b5:81:63:11:a0:03:63:4a:f6:04:81:98:b6:55:fe:
4d:4d:6c:c5:db:0f:3b:9d:8c:8c:8c:00:81:96:2c:
72:6a:5b:8c:96:96:c2:17:a8:c1:27:da:99:cd:68:
53:a9:d1:e1:f1:45:e5:67:6b:70:8e:b9:7f:08:1b:
96:4e:14:96:d5:6a:ad:01:0e:12:72:d6:4c:7a:ae:
65:8f:e8:d8:ab:3f:6d:ed:0b:39:c3:2b:98:04:c7:
ee:6e:21:3e:f7:82:b4:fe:3f:48:b4:e9:df:6c:48:
cf:eb:0e:a4:25:44:3e:09:08:2d:2a:ed:c7:65:e7:
a7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E7:A1:73:94:B7:D1:9C:E2:89:69:93:EE:F4:87:1D:A7:FC:41:A0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6BC603F0FE7A11F08C91A9BBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.30.0/24
154.219.16.0/24
154.219.24.0/24
154.219.28.0/24
154.219.207.0/24
154.219.211.0/24
154.219.222.0/24
154.219.230.0/24
154.219.232.0/24
154.219.245.0/24
Signature Algorithm: sha256WithRSAEncryption
be:62:f4:9f:ac:30:e6:5a:34:d9:59:6a:70:9d:4a:17:a3:06:
72:56:c8:b1:83:a6:ec:73:23:76:cc:be:f9:cc:a9:dd:2b:54:
48:2e:cd:cb:3d:f0:c8:e9:f5:6c:b9:d0:f7:b1:7f:cd:e2:b5:
08:40:db:da:b2:56:62:98:0c:55:80:58:b2:71:14:18:c3:77:
f1:94:9d:0b:84:e6:be:cd:18:70:50:c6:4c:62:e8:d2:89:30:
f2:45:98:83:e5:33:2c:91:e8:f9:b5:32:bb:c1:96:57:12:54:
f7:57:a2:54:dc:bc:34:c8:a9:35:38:a8:44:fb:cd:b1:66:19:
b4:29:4d:eb:dc:c5:ac:4b:f3:4b:af:29:6e:0f:94:65:06:c0:
28:8f:d6:7a:b8:21:b1:55:88:e7:e4:a7:f5:b3:63:13:ca:6f:
f9:86:bf:4d:94:87:00:05:00:e6:6a:0b:13:99:3b:2f:2d:c2:
6a:a3:cd:3f:2f:fd:fb:04:40:b8:07:63:b9:ec:a0:e5:f3:02:
7d:4b:46:62:e5:85:6d:3c:bc:c5:ce:b1:0f:02:1d:7b:a3:e8:
fd:84:4f:2c:89:48:a9:5f:0e:86:46:7a:db:45:99:d8:8d:60:
92:d5:54:2d:91:37:40:f2:9e:5c:40:65:8e:b5:5e:f7:52:8e:
b9:56:2e:c5
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIDAbe6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMTMxMDc1NjU1WhcNMjYwMzA4MDc1NjU1WjAYMRYw
FAYDVQQDEw02OTdkYjVjYy05YzhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp5vWzeshd/IU1Y7jH4lvwOkwPRKpIwWVnz/y0PBiuO3N7nKvqyxd7oGz
IPV9X9XTFtrSmRpvBe7UsDUALSKUoNmP9g4AtqVjI+Zj7+Gbj28ApRCBywrXtyq/
Oal1IV5XoES/Nsi0cVv6ZujeIVnV3iKjkiF6Zqxg51rff2bmQBmOBMsIlxC1gWMR
oANjSvYEgZi2Vf5NTWzF2w87nYyMjACBlixyaluMlpbCF6jBJ9qZzWhTqdHh8UXl
Z2twjrl/CBuWThSW1WqtAQ4SctZMeq5lj+jYqz9t7Qs5wyuYBMfubiE+94K0/j9I
tOnfbEjP6w6kJUQ+CQgtKu3HZeenXQIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFArn
oXOUt9Gc4olpk+70hx2n/EGgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QkM2MDNGMEZFN0ExMUYwOEM5MUE5QkJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAmtoeAwQAmtsQAwQAmtsY
AwQAmtscAwQAmtvPAwQAmtvTAwQAmtveAwQAmtvmAwQAmtvoAwQAmtv1MA0GCSqG
SIb3DQEBCwUAA4IBAQC+YvSfrDDmWjTZWWpwnUoXowZyVsixg6bscyN2zL75zKnd
K1RILs3LPfDI6fVsudD3sX/N4rUIQNvaslZimAxVgFiycRQYw3fxlJ0LhOa+zRhw
UMZMYujSiTDyRZiD5TMskej5tTK7wZZXElT3V6JU3Lw0yKk1OKhE+82xZhm0KU3r
3MWsS/NLryluD5RlBsAoj9Z6uCGxVYjn5Kf1s2MTym/5hr9NlIcABQDmagsTmTsv
LcJqo80/L/37BEC4B2O57KDl8wJ9S0Zi5YVtPLzFzrEPAh17o+j9hE8siUipXw6G
RnrbRZnYjWCS1VQtkTdA8p5cQGWOtV73Uo65Vi7F
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:59:29 2026 by rpki-client