Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/700A05AC124C11F1A8665C87DAE4EC9C.roa
File: 700A05AC124C11F1A8665C87DAE4EC9C.roa (raw, json)
Hash identifier: eNGC1SgCZ5J2yUgM+ajg6cI5PXJ94folniYnMIluBdQ=
Subject key identifier: 64:5B:65:0C:6E:B2:C1:04:4A:C2:C7:28:62:31:CB:1B:9E:E0:19:18
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BBBF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/700A05AC124C11F1A8665C87DAE4EC9C.roa
Signing time: Wed 25 Feb 2026 13:18:13 +0000
ROA not before: Wed 25 Feb 2026 13:18:09 +0000
ROA not after: Fri 06 Mar 2026 13:18:09 +0000
asID: 137899
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113599 (0x1bbbf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 25 13:18:09 2026 GMT
Not After : Mar 6 13:18:09 2026 GMT
Subject: CN=699ef695-468d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7d:94:aa:b2:06:14:56:00:ee:d2:9f:65:a8:
9f:b7:92:82:64:c7:aa:4b:b6:48:7a:96:cf:55:e4:
e9:f0:ec:a6:11:ec:4b:e4:7a:b6:c6:cb:5a:50:ae:
d3:3f:9d:5d:cc:7e:20:5e:69:a8:59:e4:21:1a:57:
ce:8d:ec:36:9a:66:6c:ac:88:4b:56:b2:59:73:80:
0d:1d:4e:4f:1f:c7:c0:b8:c9:67:81:11:cb:b3:af:
c8:f2:a6:6f:6e:6c:66:cb:fe:76:55:7e:09:05:7a:
e9:6c:d5:49:16:88:5b:fe:7b:99:1a:c2:82:90:39:
b2:65:50:66:89:a1:26:8e:08:63:30:ea:52:64:d3:
5e:8c:da:60:c6:66:38:b4:46:10:66:bb:4d:a8:ba:
d2:ea:9b:76:d4:f3:23:54:2b:a0:47:57:d7:c6:1b:
2b:34:59:59:65:f4:d6:a2:76:fb:8f:45:69:38:36:
97:15:95:fa:fa:22:ea:70:f9:b5:31:df:99:09:17:
f8:31:ce:2a:fb:a6:8a:20:82:73:66:e6:94:25:14:
a6:c6:06:53:b6:1f:c0:56:e5:28:cd:29:7d:18:1f:
83:4b:c9:dc:4c:21:9e:f1:29:96:81:60:04:14:27:
fb:99:6e:97:9f:0b:a9:71:bc:01:14:cc:13:04:e3:
55:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5B:65:0C:6E:B2:C1:04:4A:C2:C7:28:62:31:CB:1B:9E:E0:19:18
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/700A05AC124C11F1A8665C87DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
7a:86:6d:ed:c0:48:d8:cf:b6:10:63:a6:16:84:57:8d:95:59:
9d:f6:0a:30:ab:e3:be:6d:86:c1:a8:a6:9b:db:49:73:4b:98:
c3:11:fd:89:73:46:3c:87:96:84:5f:77:fd:4e:52:a7:65:3e:
b3:f7:89:fa:3c:99:e1:b8:32:a4:f5:29:86:6c:7e:a9:2d:51:
dd:09:94:70:5b:41:5d:51:cb:61:2a:ef:e9:1f:dd:58:f2:9b:
bf:f3:61:63:21:a2:02:ac:7c:95:75:04:5d:7e:48:93:51:ce:
48:c7:d4:8a:bf:f1:ef:49:df:19:e8:16:e7:5a:19:88:d2:23:
2b:2b:f9:89:a0:7f:85:57:28:61:d1:4e:a1:d4:c4:7d:0d:9b:
50:8b:26:6a:27:f0:f0:bd:0d:20:0f:2b:f2:85:3a:af:0b:5f:
9f:e1:6a:b3:0e:47:bf:85:3f:5a:2f:d5:8e:e1:52:72:34:59:
ff:03:98:b6:9a:00:ab:42:54:8f:b6:24:0f:76:55:fb:ba:78:
a7:4f:08:7b:08:58:8f:5a:ad:0f:05:00:fb:c1:ad:cb:e0:3b:
8a:ce:7b:0e:b7:68:a0:a7:d2:db:37:eb:01:59:c8:71:4f:3d:
16:9c:18:c7:2d:86:69:7c:22:d5:5c:1e:85:fe:d1:40:e9:55:
1d:5c:9b:d4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbu/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI1MTMxODA5WhcNMjYwMzA2MTMxODA5WjAYMRYw
FAYDVQQDEw02OTllZjY5NS00NjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2X2UqrIGFFYA7tKfZaift5KCZMeqS7ZIepbPVeTp8OymEexL5Hq2xsta
UK7TP51dzH4gXmmoWeQhGlfOjew2mmZsrIhLVrJZc4ANHU5PH8fAuMlngRHLs6/I
8qZvbmxmy/52VX4JBXrpbNVJFohb/nuZGsKCkDmyZVBmiaEmjghjMOpSZNNejNpg
xmY4tEYQZrtNqLrS6pt21PMjVCugR1fXxhsrNFlZZfTWonb7j0VpODaXFZX6+iLq
cPm1Md+ZCRf4Mc4q+6aKIIJzZuaUJRSmxgZTth/AVuUozSl9GB+DS8ncTCGe8SmW
gWAEFCf7mW6XnwupcbwBFMwTBONVNwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGRb
ZQxussEESsLHKGIxyxue4BkYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MDBBMDVBQzEyNEMxMUYxQTg2NjVDODdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQB6hm3twEjYz7YQY6YWhFeNlVmd9gowq+O+bYbBqKab20lzS5jDEf2J
c0Y8h5aEX3f9TlKnZT6z94n6PJnhuDKk9SmGbH6pLVHdCZRwW0FdUcthKu/pH91Y
8pu/82FjIaICrHyVdQRdfkiTUc5Ix9SKv/HvSd8Z6BbnWhmI0iMrK/mJoH+FVyhh
0U6h1MR9DZtQiyZqJ/DwvQ0gDyvyhTqvC1+f4WqzDke/hT9aL9WO4VJyNFn/A5i2
mgCrQlSPtiQPdlX7uninTwh7CFiPWq0PBQD7wa3L4DuKznsOt2igp9LbN+sBWchx
Tz0WnBjHLYZpfCLVXB6F/tFA6VUdXJvU
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:26:32 2026 by rpki-client