Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/813DFF66157D11F19F185698DAE4EC9C.roa
File: 813DFF66157D11F19F185698DAE4EC9C.roa (raw, json)
Hash identifier: n83HXD5VHVMFC4CV7zW97QaQZOzGL28iK+W3dVDYAYE=
Subject key identifier: 6B:83:5F:A1:2D:E2:AC:02:5E:DB:71:C2:55:93:B7:A6:F9:0F:98:4A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BC94
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/813DFF66157D11F19F185698DAE4EC9C.roa
Signing time: Sun 01 Mar 2026 14:47:01 +0000
ROA not before: Sun 01 Mar 2026 14:46:57 +0000
ROA not after: Sun 05 Apr 2026 14:46:57 +0000
asID: 214238
IP address blocks: 154.219.23.0/24 maxlen: 24
154.219.25.0/24 maxlen: 24
154.219.30.0/24 maxlen: 24
154.219.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113812 (0x1bc94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 14:46:57 2026 GMT
Not After : Apr 5 14:46:57 2026 GMT
Subject: CN=69a45165-a755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:58:c7:f2:2f:89:4d:33:d0:b5:59:5b:0e:c9:
b7:12:64:12:25:60:c9:be:38:ae:6d:d7:93:d0:91:
0f:3e:fe:37:56:be:35:4f:bb:dd:49:0a:92:e1:d8:
4f:66:df:2b:cf:ff:8b:b0:6f:f4:a0:44:0c:d8:53:
05:27:5b:a3:e9:85:0f:9a:72:7b:a4:1f:dd:8c:7c:
bb:c5:4e:db:37:dd:72:ea:e9:d1:56:03:9c:4b:3f:
7a:0c:5d:0c:05:62:c4:86:46:dd:56:1e:1d:0c:68:
d9:41:05:3c:dc:3e:c1:06:e0:72:d8:09:37:8e:4f:
f2:f6:1a:45:18:a3:db:fa:67:4c:a9:5b:ed:54:db:
23:80:5b:76:37:fd:bb:ad:64:4c:1f:c6:b3:2b:f4:
c5:8e:74:7e:62:ca:c9:fd:64:86:45:fa:01:8f:62:
8a:a4:05:00:60:ab:2d:63:e0:55:55:42:1d:63:db:
42:67:22:f8:ec:a0:3c:3c:69:34:34:f3:8e:d3:b7:
e0:a3:b0:2f:4f:0b:d9:c5:f7:99:ae:c4:1b:b0:72:
a9:29:8c:67:41:a1:63:fc:57:a2:c3:0c:03:da:78:
62:f8:de:54:ee:b1:4d:51:6b:b8:ec:c3:1c:a2:0b:
28:d4:6d:55:cc:9d:b7:6f:e5:fb:58:24:f4:99:88:
d0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:83:5F:A1:2D:E2:AC:02:5E:DB:71:C2:55:93:B7:A6:F9:0F:98:4A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/813DFF66157D11F19F185698DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.23.0/24
154.219.25.0/24
154.219.30.0/23
Signature Algorithm: sha256WithRSAEncryption
81:de:72:d6:a2:34:b4:fd:05:ce:d2:bb:8c:99:67:7a:66:09:
eb:2e:6b:e0:4b:b0:05:7a:54:73:2c:a9:11:2c:f8:2f:7b:09:
c9:05:fb:6e:8d:b7:96:af:66:34:02:8c:04:22:e4:11:b6:a2:
16:05:7d:0b:ef:a2:48:56:a8:16:e4:7b:4e:a9:49:1b:7f:c1:
59:54:a8:23:17:80:43:18:a2:39:69:95:24:45:ac:ce:4e:7e:
17:d8:59:37:99:02:1d:44:ee:38:61:a2:8b:c5:69:2b:47:61:
dc:f3:c3:07:ab:f3:ec:6c:e0:e4:26:17:91:07:e4:67:dd:f9:
6d:0c:45:63:bb:45:ef:56:56:bf:ba:db:bd:21:52:49:5e:97:
19:94:e8:fc:aa:08:05:80:42:d5:52:3c:10:54:99:4f:21:5f:
c2:dd:7e:b6:4c:ae:bf:94:fb:8d:90:fe:e2:2a:c7:24:1e:30:
88:f0:25:a6:ea:fd:7d:b1:21:2c:18:ea:23:09:7c:90:22:d9:
05:34:c0:4c:e7:31:05:07:34:1c:9a:75:64:9a:ad:f6:c1:d2:
89:b2:4b:a2:e1:8d:c0:db:6b:59:c1:53:80:54:05:49:63:34:
d1:ba:52:dd:3d:9c:c0:05:65:6c:2c:20:70:8e:32:fd:fe:48:
72:4c:e2:e8
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAbyUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzAxMTQ0NjU3WhcNMjYwNDA1MTQ0NjU3WjAYMRYw
FAYDVQQDEw02OWE0NTE2NS1hNzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoljH8i+JTTPQtVlbDsm3EmQSJWDJvjiubdeT0JEPPv43Vr41T7vdSQqS
4dhPZt8rz/+LsG/0oEQM2FMFJ1uj6YUPmnJ7pB/djHy7xU7bN91y6unRVgOcSz96
DF0MBWLEhkbdVh4dDGjZQQU83D7BBuBy2Ak3jk/y9hpFGKPb+mdMqVvtVNsjgFt2
N/27rWRMH8azK/TFjnR+YsrJ/WSGRfoBj2KKpAUAYKstY+BVVUIdY9tCZyL47KA8
PGk0NPOO07fgo7AvTwvZxfeZrsQbsHKpKYxnQaFj/FeiwwwD2nhi+N5U7rFNUWu4
7MMcogso1G1VzJ23b+X7WCT0mYjQkwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFGuD
X6Et4qwCXttxwlWTt6b5D5hKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MTNERkY2NjE1N0QxMUYxOUYxODU2OThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmtsXAwQAmtsZAwQBmtse
MA0GCSqGSIb3DQEBCwUAA4IBAQCB3nLWojS0/QXO0ruMmWd6ZgnrLmvgS7AFelRz
LKkRLPgvewnJBftujbeWr2Y0AowEIuQRtqIWBX0L76JIVqgW5HtOqUkbf8FZVKgj
F4BDGKI5aZUkRazOTn4X2Fk3mQIdRO44YaKLxWkrR2Hc88MHq/PsbODkJheRB+Rn
3fltDEVju0XvVla/utu9IVJJXpcZlOj8qggFgELVUjwQVJlPIV/C3X62TK6/lPuN
kP7iKsckHjCI8CWm6v19sSEsGOojCXyQItkFNMBM5zEFBzQcmnVkmq32wdKJskui
4Y3A22tZwVOAVAVJYzTRulLdPZzABWVsLCBwjjL9/khyTOLo
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:28:23 2026 by rpki-client