Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/864528B4154F11F193208C84DAE4EC9C.roa
File: 864528B4154F11F193208C84DAE4EC9C.roa (raw, json)
Hash identifier: D2yKtdxHACJFzj1ilbtFYXvBZy6+7DWKc0nmOFm51yg=
Subject key identifier: FA:9F:65:13:2B:41:EF:6C:16:5E:4C:B5:34:3F:4A:A7:10:FE:EE:F2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BC68
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/864528B4154F11F193208C84DAE4EC9C.roa
Signing time: Sun 01 Mar 2026 09:17:52 +0000
ROA not before: Sun 01 Mar 2026 09:17:48 +0000
ROA not after: Thu 01 Mar 2029 09:17:48 +0000
asID: 17561
IP address blocks: 154.208.140.0/24 maxlen: 24
154.208.141.0/24 maxlen: 24
154.208.142.0/24 maxlen: 24
154.208.143.0/24 maxlen: 24
154.208.144.0/24 maxlen: 24
154.208.145.0/24 maxlen: 24
154.208.146.0/24 maxlen: 24
154.208.147.0/24 maxlen: 24
154.208.148.0/24 maxlen: 24
154.208.149.0/24 maxlen: 24
154.208.150.0/24 maxlen: 24
154.208.151.0/24 maxlen: 24
154.208.152.0/24 maxlen: 24
154.208.153.0/24 maxlen: 24
154.208.154.0/24 maxlen: 24
154.208.155.0/24 maxlen: 24
154.208.156.0/24 maxlen: 24
154.208.157.0/24 maxlen: 24
154.208.158.0/24 maxlen: 24
154.208.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113768 (0x1bc68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 09:17:48 2026 GMT
Not After : Mar 1 09:17:48 2029 GMT
Subject: CN=69a40440-a428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:51:3e:0f:30:02:49:83:46:2c:95:93:a2:fc:
bc:3f:0f:c1:87:bb:4d:17:67:9b:16:5e:48:4d:dc:
70:ae:9f:b6:a4:5d:e5:19:18:fd:1d:10:43:a3:e1:
dd:d3:36:35:57:32:24:a0:1e:c9:b0:0d:96:68:0e:
3d:3e:03:31:ec:88:d6:a4:fb:f6:38:2b:a4:9f:ff:
80:25:b0:4d:96:bc:25:a9:1c:23:35:ab:c7:0b:7b:
4a:59:c3:0f:b2:57:65:5e:a0:5d:99:a5:24:0d:ac:
3f:cf:0f:ca:86:9a:fb:8f:88:9c:de:5c:e6:e8:ea:
a3:d1:f0:09:ff:cb:27:d3:d8:54:af:96:79:bb:32:
20:76:a5:f4:a0:f3:e2:cc:e4:a9:44:85:50:d9:e2:
5e:61:ca:60:6b:9d:53:6c:15:fa:11:61:09:4e:a2:
81:4a:b9:45:7c:5b:58:98:4f:49:6b:81:fd:94:b1:
f5:4c:35:10:e3:d8:45:cc:10:6d:10:5a:2b:21:4e:
8b:f4:3d:0e:d0:65:86:43:f5:b7:6c:1f:89:cb:d4:
18:fa:86:94:22:29:2d:fc:aa:fd:26:00:2c:26:a3:
b6:f3:00:b6:99:ff:ed:ec:c2:87:0c:5f:99:ca:63:
85:ba:5f:a9:0a:f8:25:98:55:49:e2:f9:9a:3e:19:
53:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9F:65:13:2B:41:EF:6C:16:5E:4C:B5:34:3F:4A:A7:10:FE:EE:F2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/864528B4154F11F193208C84DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.140.0-154.208.159.255
Signature Algorithm: sha256WithRSAEncryption
d4:73:08:8e:59:dc:67:f8:65:a5:bf:4c:52:9f:f9:58:10:ee:
ca:76:c1:af:60:85:c1:4a:5b:75:1b:36:33:15:99:24:1c:59:
bc:3c:cf:1e:04:97:d6:71:51:df:00:48:e0:54:47:33:69:f3:
c9:c5:63:94:de:40:cf:55:b0:17:92:e1:ac:ae:6b:52:ff:a5:
fd:91:76:c3:bf:02:37:e7:f6:8c:7a:ca:80:7f:8e:c2:f4:6d:
65:02:37:75:5d:3d:91:90:13:c7:c3:25:50:9f:61:ac:0c:31:
33:a2:89:4f:fe:cf:d3:59:ef:f2:75:60:16:9d:a2:2e:ac:78:
34:b4:48:04:33:b6:da:d1:ad:a8:4f:51:12:ef:16:ba:d9:9e:
9e:d0:f4:48:df:88:fa:a2:e0:48:e9:0d:e4:17:84:5f:f2:98:
01:ec:28:87:c2:e4:b9:b6:fe:8f:0f:e2:21:34:c3:6e:8b:65:
2b:92:c1:a8:1e:74:f6:7e:bd:b6:f8:8a:6a:4d:be:69:7f:4c:
a3:95:ff:d2:f1:bf:47:53:ca:bb:b7:f4:10:ff:ee:d1:36:ce:
68:88:7f:bf:3c:23:d4:f2:da:63:76:c1:65:8b:15:36:d1:17:
d0:46:1a:6e:b3:96:35:8a:c0:8f:0a:c1:2b:23:ef:a2:b8:05:
dd:5e:be:06
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAbxoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzAxMDkxNzQ4WhcNMjkwMzAxMDkxNzQ4WjAYMRYw
FAYDVQQDEw02OWE0MDQ0MC1hNDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1VE+DzACSYNGLJWTovy8Pw/Bh7tNF2ebFl5ITdxwrp+2pF3lGRj9HRBD
o+Hd0zY1VzIkoB7JsA2WaA49PgMx7IjWpPv2OCukn/+AJbBNlrwlqRwjNavHC3tK
WcMPsldlXqBdmaUkDaw/zw/Khpr7j4ic3lzm6Oqj0fAJ/8sn09hUr5Z5uzIgdqX0
oPPizOSpRIVQ2eJeYcpga51TbBX6EWEJTqKBSrlFfFtYmE9Ja4H9lLH1TDUQ49hF
zBBtEForIU6L9D0O0GWGQ/W3bB+Jy9QY+oaUIikt/Kr9JgAsJqO28wC2mf/t7MKH
DF+ZymOFul+pCvglmFVJ4vmaPhlTywIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPqf
ZRMrQe9sFl5MtTQ/SqcQ/u7yMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NjQ1MjhCNDE1NEYxMUYxOTMyMDhDODREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKa0IwDBAWa0IAwDQYJ
KoZIhvcNAQELBQADggEBANRzCI5Z3Gf4ZaW/TFKf+VgQ7sp2wa9ghcFKW3UbNjMV
mSQcWbw8zx4El9ZxUd8ASOBURzNp88nFY5TeQM9VsBeS4ayua1L/pf2RdsO/Ajfn
9ox6yoB/jsL0bWUCN3VdPZGQE8fDJVCfYawMMTOiiU/+z9NZ7/J1YBadoi6seDS0
SAQzttrRrahPURLvFrrZnp7Q9EjfiPqi4EjpDeQXhF/ymAHsKIfC5Lm2/o8P4iE0
w26LZSuSwagedPZ+vbb4impNvml/TKOV/9Lxv0dTyru39BD/7tE2zmiIf788I9Ty
2mN2wWWLFTbRF9BGGm6zljWKwI8KwSsj76K4Bd1evgY=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:08:35 2026 by rpki-client