Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7235D44C13B311F18858A5A4DAE4EC9C.roa
File: 7235D44C13B311F18858A5A4DAE4EC9C.roa (raw, json)
Hash identifier: dyuBLEzT++o4i/Im1UjTaHjC3WdxvzK6t7P3uQG2TLQ=
Subject key identifier: B1:94:DF:0C:5F:24:45:D5:A6:B4:56:45:7D:87:50:F3:B9:F9:49:3D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BC2C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7235D44C13B311F18858A5A4DAE4EC9C.roa
Signing time: Fri 27 Feb 2026 08:08:06 +0000
ROA not before: Fri 27 Feb 2026 08:08:02 +0000
ROA not after: Wed 01 Apr 2026 08:08:02 +0000
asID: 11427
IP address blocks: 154.82.26.0/23 maxlen: 24
154.85.0.0/23 maxlen: 24
154.85.124.0/22 maxlen: 24
154.88.32.0/22 maxlen: 24
154.88.44.0/22 maxlen: 24
154.88.48.0/22 maxlen: 24
154.88.60.0/22 maxlen: 24
154.90.168.0/22 maxlen: 24
154.90.184.0/22 maxlen: 24
154.94.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113708 (0x1bc2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 08:08:02 2026 GMT
Not After : Apr 1 08:08:02 2026 GMT
Subject: CN=69a150e6-671d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:46:cc:04:97:c4:91:00:ba:17:30:e2:48:a2:
b9:74:a6:00:a9:5c:d7:e7:5e:c7:c7:97:94:4a:a3:
b0:34:de:41:a1:2c:10:c1:40:0a:7b:73:a9:b1:4f:
23:90:f7:5a:c2:b4:cc:20:7f:39:eb:f5:c6:4e:6e:
7f:d6:45:36:bc:98:bc:8d:b5:a6:61:a3:ef:f5:3a:
82:8f:cb:03:a2:2d:e0:ca:d8:45:16:48:ba:42:69:
cf:f0:69:40:87:43:e4:dc:f6:72:8f:f1:d3:fb:2c:
ae:2c:f4:6b:6b:97:85:13:60:7c:48:76:54:fe:30:
80:34:7b:80:1d:24:f4:89:67:ed:d4:9e:f2:df:fe:
c2:f2:c4:94:cf:a8:fe:5f:b2:d0:54:1a:5c:1e:d1:
36:2b:6f:77:b4:b6:f0:e8:c2:76:44:34:70:8f:c7:
16:f4:b2:e4:0d:1e:59:2d:d2:bd:b2:08:3e:80:91:
d3:0a:37:9a:fe:42:a9:ef:ef:74:48:ff:12:03:44:
22:4e:58:3b:3c:d1:fa:a2:1f:4b:cf:d7:5c:6f:09:
c1:c8:bd:67:1a:40:1b:a0:2c:31:fe:d2:31:49:2f:
40:d0:f7:70:16:47:0c:e1:6b:e5:38:43:c8:3f:23:
ae:e5:97:62:17:ec:ce:85:b2:5a:02:f2:0c:e9:69:
b4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:94:DF:0C:5F:24:45:D5:A6:B4:56:45:7D:87:50:F3:B9:F9:49:3D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7235D44C13B311F18858A5A4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.26.0/23
154.85.0.0/23
154.85.124.0/22
154.88.32.0/22
154.88.44.0-154.88.51.255
154.88.60.0/22
154.90.168.0/22
154.90.184.0/22
154.94.8.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:a2:aa:2e:93:5e:51:bb:e6:ae:c4:d9:3a:31:f2:97:f5:c1:
ef:46:71:1f:e7:fb:72:21:59:6d:ae:68:18:4e:c8:1e:ab:73:
a6:3f:eb:32:7a:a1:ea:5f:d4:f0:bc:91:63:e3:1d:d6:f4:dc:
fd:6d:41:7a:f8:c3:3b:af:c3:b9:db:da:5f:9a:fc:2f:63:8b:
cb:99:61:05:36:e8:77:e9:36:17:17:09:10:b1:e6:5c:2f:9b:
d0:34:fe:51:74:69:cf:66:be:45:a2:cd:68:4e:f5:38:f8:35:
5a:f8:94:33:54:da:5b:aa:30:c9:c9:45:07:c2:3a:dc:5a:ed:
e3:97:b1:e0:2a:16:92:2b:7d:d4:a3:a6:d8:3d:0c:33:ee:91:
ca:da:3f:00:b5:ef:94:75:6e:2a:b9:b9:62:97:f7:3c:27:1e:
7d:47:6e:3f:37:cd:82:69:04:4b:4c:d5:40:bd:1a:1a:26:20:
1a:e2:d4:03:52:e4:1f:f2:99:be:c4:57:14:14:0e:d8:5e:1c:
7c:4f:d1:56:b6:47:e5:6e:52:5d:58:52:20:9f:f8:73:82:4e:
c6:0f:8e:ce:c4:b2:d1:0d:c7:a8:d3:40:5f:69:31:be:0c:b0:
ed:d9:bd:dd:96:c7:8c:79:10:90:07:f7:af:90:b7:e0:ff:ba:
d9:8e:7d:c4
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDAbwsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI3MDgwODAyWhcNMjYwNDAxMDgwODAyWjAYMRYw
FAYDVQQDEw02OWExNTBlNi02NzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA60bMBJfEkQC6FzDiSKK5dKYAqVzX517Hx5eUSqOwNN5BoSwQwUAKe3Op
sU8jkPdawrTMIH856/XGTm5/1kU2vJi8jbWmYaPv9TqCj8sDoi3gythFFki6QmnP
8GlAh0Pk3PZyj/HT+yyuLPRra5eFE2B8SHZU/jCANHuAHST0iWft1J7y3/7C8sSU
z6j+X7LQVBpcHtE2K293tLbw6MJ2RDRwj8cW9LLkDR5ZLdK9sgg+gJHTCjea/kKp
7+90SP8SA0QiTlg7PNH6oh9Lz9dcbwnByL1nGkAboCwx/tIxSS9A0PdwFkcM4Wvl
OEPIPyOu5ZdiF+zOhbJaAvIM6Wm0+wIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFLGU
3wxfJEXVprRWRX2HUPO5+Uk9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MjM1RDQ0QzEzQjMxMUYxODg1OEE1QTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQBmlIaAwQBmlUAAwQCmlV8
AwQCmlggMAwDBAKaWCwDBAKaWDADBAKaWDwDBAKaWqgDBAKaWrgDBAKaXggwDQYJ
KoZIhvcNAQELBQADggEBALOiqi6TXlG75q7E2Tox8pf1we9GcR/n+3IhWW2uaBhO
yB6rc6Y/6zJ6oepf1PC8kWPjHdb03P1tQXr4wzuvw7nb2l+a/C9ji8uZYQU26Hfp
NhcXCRCx5lwvm9A0/lF0ac9mvkWizWhO9Tj4NVr4lDNU2luqMMnJRQfCOtxa7eOX
seAqFpIrfdSjptg9DDPukcraPwC175R1biq5uWKX9zwnHn1Hbj83zYJpBEtM1UC9
GhomIBri1ANS5B/ymb7EVxQUDtheHHxP0Va2R+VuUl1YUiCf+HOCTsYPjs7EstEN
x6jTQF9pMb4MsO3Zvd2Wx4x5EJAH96+Qt+D/utmOfcQ=
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:45:26 2026 by rpki-client