Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74ED7590121F11F1AB80CA79DAE4EC9C.roa
File: 74ED7590121F11F1AB80CA79DAE4EC9C.roa (raw, json)
Hash identifier: 1ik/9A/HH6xh8vjkP2UIdAFs/j+O0dS5G1TsJC6oyws=
Subject key identifier: 30:09:F2:D4:CC:09:A0:78:D3:99:17:8C:07:AA:C5:19:03:F8:B6:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BB8B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74ED7590121F11F1AB80CA79DAE4EC9C.roa
Signing time: Wed 25 Feb 2026 07:56:14 +0000
ROA not before: Wed 25 Feb 2026 07:56:10 +0000
ROA not after: Tue 31 Mar 2026 07:56:10 +0000
asID: 202656
IP address blocks: 154.200.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113547 (0x1bb8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 25 07:56:10 2026 GMT
Not After : Mar 31 07:56:10 2026 GMT
Subject: CN=699eab1e-5809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2d:a9:e6:f9:34:77:cf:a5:78:15:07:fd:9c:
90:74:2c:be:79:6a:e2:05:fa:55:61:3e:56:34:61:
4b:8a:15:65:7c:6e:a3:49:3e:89:7c:88:69:0d:ea:
25:c7:31:33:b0:ed:f5:45:cc:7b:a6:bb:34:92:3f:
24:34:b7:7b:b2:e4:e0:ff:62:7f:b4:8a:7a:a9:cf:
11:82:21:44:d2:9d:08:d4:94:9d:4a:c3:4f:93:08:
fc:3c:5a:0b:aa:82:92:5d:80:b2:b4:b1:2d:d5:2d:
b1:e5:39:6f:9b:05:78:43:e0:b9:29:fd:95:3d:99:
26:71:95:2e:06:19:68:83:6f:65:f4:ba:05:34:b9:
d9:fa:f9:81:8e:94:95:60:bd:5b:bc:9b:c7:71:8b:
4b:e9:d7:4f:a0:0b:7e:4b:d8:1e:7c:65:50:ff:d1:
97:4c:84:f9:5c:d8:1b:63:49:b4:33:12:42:d6:c9:
38:36:38:d2:cd:23:1c:bb:52:71:84:2e:3c:f4:0c:
94:9b:b5:35:3b:83:c5:e1:32:f0:c0:f8:33:f3:b6:
61:da:92:c5:95:14:a8:45:2f:7c:52:34:87:eb:dd:
a8:c0:b8:db:4d:a6:ab:e0:13:34:26:50:a6:ed:fc:
b9:83:f4:90:8b:59:30:f4:37:99:0e:09:2e:c6:4f:
2c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:09:F2:D4:CC:09:A0:78:D3:99:17:8C:07:AA:C5:19:03:F8:B6:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74ED7590121F11F1AB80CA79DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.227.0/24
Signature Algorithm: sha256WithRSAEncryption
25:0b:af:e8:99:43:cf:ba:38:56:47:b2:8a:df:47:13:11:06:
32:33:2b:d9:30:fc:aa:f6:f2:eb:78:50:13:b7:01:4f:c5:f7:
2e:fb:92:f9:34:f3:a7:48:5d:9a:24:b5:f8:12:0d:ca:0d:e6:
ee:4e:88:dd:3e:7d:e4:c6:4f:f3:04:32:5d:16:37:f9:49:71:
b1:e3:f3:6d:2e:56:84:58:42:af:e3:cb:53:65:84:b1:bc:f5:
83:c4:d7:04:d3:23:5d:2a:42:bd:bd:73:6e:0c:15:7d:9d:3d:
db:e1:32:9c:7e:39:68:95:1d:f5:7f:03:1e:e7:b2:2f:63:b7:
c3:6b:dd:5b:38:5c:37:be:db:85:ea:0c:90:b0:3d:6d:74:95:
17:87:30:88:cf:14:b6:9a:b8:56:f1:c4:54:05:6a:14:12:17:
58:62:5a:99:bc:33:1a:4d:11:ef:8d:6f:a5:fe:dd:72:75:9f:
77:f4:8c:8a:7d:53:81:62:3f:78:3b:05:b3:be:00:34:02:70:
dd:d1:92:79:88:db:10:0e:77:02:a7:70:9e:8a:65:e8:c6:23:
17:48:3b:9c:e2:78:f0:74:12:61:05:0e:25:b7:63:59:a8:f7:
6f:c6:cb:51:a1:28:fe:b9:5d:21:4c:cc:59:42:1d:08:74:c6:
dd:f3:5e:bf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbuLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI1MDc1NjEwWhcNMjYwMzMxMDc1NjEwWjAYMRYw
FAYDVQQDEw02OTllYWIxZS01ODA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsy2p5vk0d8+leBUH/ZyQdCy+eWriBfpVYT5WNGFLihVlfG6jST6JfIhp
DeolxzEzsO31Rcx7prs0kj8kNLd7suTg/2J/tIp6qc8RgiFE0p0I1JSdSsNPkwj8
PFoLqoKSXYCytLEt1S2x5TlvmwV4Q+C5Kf2VPZkmcZUuBhlog29l9LoFNLnZ+vmB
jpSVYL1bvJvHcYtL6ddPoAt+S9gefGVQ/9GXTIT5XNgbY0m0MxJC1sk4NjjSzSMc
u1JxhC489AyUm7U1O4PF4TLwwPgz87Zh2pLFlRSoRS98UjSH692owLjbTaar4BM0
JlCm7fy5g/SQi1kw9DeZDgkuxk8shwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDAJ
8tTMCaB405kXjAeqxRkD+LZnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NEVENzU5MDEyMUYxMUYxQUI4MENBNzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjjMA0GCSqGSIb3DQEB
CwUAA4IBAQAlC6/omUPPujhWR7KK30cTEQYyMyvZMPyq9vLreFATtwFPxfcu+5L5
NPOnSF2aJLX4Eg3KDebuTojdPn3kxk/zBDJdFjf5SXGx4/NtLlaEWEKv48tTZYSx
vPWDxNcE0yNdKkK9vXNuDBV9nT3b4TKcfjlolR31fwMe57IvY7fDa91bOFw3vtuF
6gyQsD1tdJUXhzCIzxS2mrhW8cRUBWoUEhdYYlqZvDMaTRHvjW+l/t1ydZ939IyK
fVOBYj94OwWzvgA0AnDd0ZJ5iNsQDncCp3CeimXoxiMXSDuc4njwdBJhBQ4lt2NZ
qPdvxstRoSj+uV0hTMxZQh0IdMbd816/
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:17:13 2026 by rpki-client