Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8943009011FD11F19826F6AADAE4EC9C.roa
File: 8943009011FD11F19826F6AADAE4EC9C.roa (raw, json)
Hash identifier: Yd4e57qRiru9vFreVdRYppFrGJ7F9uQl3tD4EbCz+Ls=
Subject key identifier: 5D:FB:AA:2B:7C:3F:B9:9C:BA:73:BE:8C:19:C1:E2:08:18:C7:C0:42
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BB81
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8943009011FD11F19826F6AADAE4EC9C.roa
Signing time: Wed 25 Feb 2026 03:53:25 +0000
ROA not before: Wed 25 Feb 2026 03:53:20 +0000
ROA not after: Thu 05 Mar 2026 03:53:20 +0000
asID: 395793
IP address blocks: 154.200.80.0/21 maxlen: 24
154.223.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113537 (0x1bb81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 25 03:53:20 2026 GMT
Not After : Mar 5 03:53:20 2026 GMT
Subject: CN=699e7235-7856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:31:1b:e0:6f:7e:e7:e3:4d:92:fc:90:d4:25:
21:89:8e:46:98:d4:14:9b:96:24:2f:80:63:6e:48:
21:d0:77:77:11:aa:98:6d:57:7b:69:9d:38:27:ec:
92:5b:00:5d:0c:0a:6e:87:05:6a:09:26:b0:1b:de:
20:f9:96:83:0d:58:8c:d3:0f:89:22:7c:5f:76:a1:
4b:fd:be:8a:dc:37:ec:52:f2:24:d8:88:70:22:94:
80:82:72:56:07:ee:b1:2e:2f:4f:83:5e:27:c9:a2:
b7:fa:06:f7:b6:79:30:83:3e:02:91:81:04:92:51:
7c:d9:c2:9f:05:80:f6:d1:84:09:e4:64:59:36:b1:
5d:41:1d:f1:9f:d3:ad:87:45:55:ed:7b:e3:24:da:
76:31:78:02:45:a6:5b:35:ef:df:ee:27:b7:cb:69:
f3:ee:48:57:58:bf:45:ee:7e:49:bf:44:9e:7b:bc:
31:46:99:07:b8:de:fc:74:4e:d6:1c:09:df:b5:64:
05:5e:c0:ca:a9:fe:4a:09:69:19:81:41:5c:2b:c7:
5a:a3:50:8d:38:c9:8f:8e:04:50:c1:c9:4b:a6:59:
b6:3d:39:cc:b4:d3:bf:84:de:a1:66:c6:ae:83:3d:
cf:2c:ac:cc:7b:f4:d8:b9:cc:54:05:32:60:be:7f:
70:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:FB:AA:2B:7C:3F:B9:9C:BA:73:BE:8C:19:C1:E2:08:18:C7:C0:42
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8943009011FD11F19826F6AADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.80.0/21
154.223.248.0/21
Signature Algorithm: sha256WithRSAEncryption
6a:27:c3:72:11:51:f5:72:d4:ec:38:ea:94:ff:74:4d:49:b8:
e7:48:71:46:40:3c:f9:3e:e8:07:58:d4:8e:60:c9:17:87:83:
f5:75:fe:05:c2:c3:d8:cc:1b:6a:e9:5c:41:19:78:3b:24:1a:
f5:83:5c:2d:cd:fa:79:4d:b2:ad:11:b9:e2:73:c8:a9:7f:ca:
bd:21:dd:de:34:ec:b7:f3:fe:e1:dc:b1:84:08:8e:42:7d:de:
9c:ab:06:69:47:dd:a7:f9:b3:ee:e4:7a:09:3a:76:eb:5c:a8:
75:91:a9:21:49:75:b8:4f:6d:50:eb:fe:ce:90:51:cd:b6:fa:
0e:70:02:88:e7:93:c1:1e:4a:84:68:18:95:f6:b4:4c:33:86:
f6:f2:2c:8f:86:cc:4a:b2:2c:1b:ef:71:f4:0b:c4:ee:53:0b:
c3:17:6a:af:fe:55:1d:c9:1b:06:ba:dc:8c:49:9b:95:5d:61:
8e:14:bb:43:53:b4:b4:a3:34:1b:7b:1b:33:00:70:d0:4e:10:
03:fa:51:55:9c:42:14:1b:87:f1:bd:d4:56:93:d4:32:71:62:
9e:7e:5a:98:9f:89:26:b2:b5:b0:69:b0:07:1b:90:9f:34:a1:
00:b2:ec:ae:b1:ee:fe:06:1e:98:df:8f:b2:8a:01:fa:eb:6e:
52:ad:1f:1c
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAbuBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI1MDM1MzIwWhcNMjYwMzA1MDM1MzIwWjAYMRYw
FAYDVQQDEw02OTllNzIzNS03ODU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAujEb4G9+5+NNkvyQ1CUhiY5GmNQUm5YkL4Bjbkgh0Hd3EaqYbVd7aZ04
J+ySWwBdDApuhwVqCSawG94g+ZaDDViM0w+JInxfdqFL/b6K3DfsUvIk2IhwIpSA
gnJWB+6xLi9Pg14nyaK3+gb3tnkwgz4CkYEEklF82cKfBYD20YQJ5GRZNrFdQR3x
n9Oth0VV7XvjJNp2MXgCRaZbNe/f7ie3y2nz7khXWL9F7n5Jv0See7wxRpkHuN78
dE7WHAnftWQFXsDKqf5KCWkZgUFcK8dao1CNOMmPjgRQwclLplm2PTnMtNO/hN6h
Zsaugz3PLKzMe/TYucxUBTJgvn9w9wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFF37
qit8P7mcunO+jBnB4ggYx8BCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OTQzMDA5MDExRkQxMUYxOTgyNkY2QUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDmshQAwQDmt/4MA0GCSqG
SIb3DQEBCwUAA4IBAQBqJ8NyEVH1ctTsOOqU/3RNSbjnSHFGQDz5PugHWNSOYMkX
h4P1df4FwsPYzBtq6VxBGXg7JBr1g1wtzfp5TbKtEbnic8ipf8q9Id3eNOy38/7h
3LGECI5Cfd6cqwZpR92n+bPu5HoJOnbrXKh1kakhSXW4T21Q6/7OkFHNtvoOcAKI
55PBHkqEaBiV9rRMM4b28iyPhsxKsiwb73H0C8TuUwvDF2qv/lUdyRsGutyMSZuV
XWGOFLtDU7S0ozQbexszAHDQThAD+lFVnEIUG4fxvdRWk9QycWKeflqYn4kmsrWw
abAHG5CfNKEAsuyuse7+Bh6Y34+yigH6625SrR8c
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:09:01 2026 by rpki-client