Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/962D96DC0F9911F1B4B7C778DAE4EC9C.roa
File: 962D96DC0F9911F1B4B7C778DAE4EC9C.roa (raw, json)
Hash identifier: 1yL+ph5kFO/9jTMlxG/9feR/XlwqlubY0j5737OUPhg=
Subject key identifier: 25:69:D4:26:47:D9:7E:CB:86:DF:94:91:5C:46:5C:3D:58:9E:05:16
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BAFE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/962D96DC0F9911F1B4B7C778DAE4EC9C.roa
Signing time: Sun 22 Feb 2026 02:52:55 +0000
ROA not before: Sun 22 Feb 2026 02:52:51 +0000
ROA not after: Wed 01 Apr 2026 02:52:51 +0000
asID: 214413
IP address blocks: 154.193.136.0/21 maxlen: 24
154.193.144.0/22 maxlen: 24
154.193.148.0/22 maxlen: 24
154.193.168.0/22 maxlen: 24
154.193.172.0/22 maxlen: 24
154.193.176.0/22 maxlen: 24
154.193.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113406 (0x1bafe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 22 02:52:51 2026 GMT
Not After : Apr 1 02:52:51 2026 GMT
Subject: CN=699a6f87-15d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:02:a8:e1:46:60:89:7a:d5:e5:5c:82:3b:dc:
67:bc:d0:0f:3d:17:23:61:32:3b:51:d8:01:5e:0e:
10:b8:d5:64:66:7e:af:5d:09:7e:c6:08:6d:9a:0c:
cd:1c:6c:b4:e7:ca:93:f5:3c:a9:d9:dd:45:6c:93:
29:85:36:cf:c7:00:45:5b:c7:67:85:d6:4b:b9:fa:
64:63:56:c2:e7:ca:10:37:49:c7:d0:6a:f2:27:09:
87:88:9d:59:b6:19:0a:c5:54:d7:30:b8:c5:91:29:
1c:aa:f7:0c:9f:57:96:f8:d5:71:85:08:fb:c3:10:
49:c0:40:51:ef:99:03:e9:bb:69:e5:11:1d:5c:8c:
9d:38:7f:6c:06:4b:77:41:e8:45:c7:82:14:2e:9a:
7f:7f:d6:10:2f:60:c7:fe:d4:25:07:ed:85:ef:03:
1b:f1:b8:fd:c0:6a:d5:15:8f:8f:6d:e0:cc:55:c2:
a3:84:8e:f6:a7:e6:18:96:cb:89:cc:0b:73:3c:d2:
ba:29:1a:fd:d8:8b:87:53:05:5d:e4:31:a9:32:22:
7f:f3:46:4d:70:04:f0:41:02:a2:86:b0:88:64:e4:
51:8a:09:85:32:3a:9b:71:3f:e2:17:50:96:e1:cd:
1b:6b:37:9a:68:64:13:3d:ff:d8:9a:a9:a7:7a:a6:
55:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:69:D4:26:47:D9:7E:CB:86:DF:94:91:5C:46:5C:3D:58:9E:05:16
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/962D96DC0F9911F1B4B7C778DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.136.0-154.193.151.255
154.193.168.0-154.193.183.255
Signature Algorithm: sha256WithRSAEncryption
0c:bb:4c:b8:8e:bb:d4:35:8b:99:b9:01:b1:3a:e1:28:72:64:
fd:85:20:98:ee:40:64:84:b4:9b:c4:0b:a1:2e:fe:b4:8a:d6:
e3:d7:e9:fb:39:d1:74:c6:d3:09:d8:d0:b9:dd:46:df:13:21:
d2:2d:e3:70:20:ce:1a:3e:30:16:58:78:2d:61:17:a0:0e:f1:
3b:fa:36:24:30:dc:44:9e:34:43:45:a0:e4:96:a0:2f:73:3c:
23:2d:ef:76:22:df:33:c2:b5:83:39:39:5b:2c:e5:e5:02:c9:
90:fd:af:9a:a3:e2:32:12:8b:cc:e3:56:8f:fc:1c:b7:81:07:
9f:15:25:7a:f9:bc:43:99:3b:75:01:91:10:30:ad:81:93:e7:
91:ef:fa:b1:80:b4:d2:9d:ef:81:0f:92:58:7c:a4:87:de:37:
78:74:06:3a:32:cf:20:94:eb:95:e4:02:37:c6:40:67:07:81:
a4:ad:30:59:c9:38:b9:63:33:11:03:86:34:dd:50:5b:23:62:
ee:5f:6d:49:95:d6:ee:2c:f4:bd:c8:61:56:b8:6d:66:6a:30:
a1:94:41:32:02:e9:1d:f9:43:32:59:8b:50:99:9e:71:ab:5d:
20:e2:6e:f8:0f:8f:bf:79:5f:99:47:8c:3f:3f:ce:5a:36:ae:
28:ae:54:c7
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDAbr+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjIyMDI1MjUxWhcNMjYwNDAxMDI1MjUxWjAYMRYw
FAYDVQQDEw02OTlhNmY4Ny0xNWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmgKo4UZgiXrV5VyCO9xnvNAPPRcjYTI7UdgBXg4QuNVkZn6vXQl+xght
mgzNHGy058qT9Typ2d1FbJMphTbPxwBFW8dnhdZLufpkY1bC58oQN0nH0GryJwmH
iJ1ZthkKxVTXMLjFkSkcqvcMn1eW+NVxhQj7wxBJwEBR75kD6btp5REdXIydOH9s
Bkt3QehFx4IULpp/f9YQL2DH/tQlB+2F7wMb8bj9wGrVFY+PbeDMVcKjhI72p+YY
lsuJzAtzPNK6KRr92IuHUwVd5DGpMiJ/80ZNcATwQQKihrCIZORRigmFMjqbcT/i
F1CW4c0bazeaaGQTPf/YmqmneqZV5wIDAQABo4ICuzCCArcwHQYDVR0OBBYEFCVp
1CZH2X7Lht+UkVxGXD1YngUWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NjJEOTZEQzBGOTkxMUYxQjRCN0M3NzhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAOawYgDBAOawZAwDAME
A5rBqAMEA5rBsDANBgkqhkiG9w0BAQsFAAOCAQEADLtMuI671DWLmbkBsTrhKHJk
/YUgmO5AZIS0m8QLoS7+tIrW49fp+znRdMbTCdjQud1G3xMh0i3jcCDOGj4wFlh4
LWEXoA7xO/o2JDDcRJ40Q0Wg5JagL3M8Iy3vdiLfM8K1gzk5Wyzl5QLJkP2vmqPi
MhKLzONWj/wct4EHnxUlevm8Q5k7dQGREDCtgZPnke/6sYC00p3vgQ+SWHykh943
eHQGOjLPIJTrleQCN8ZAZweBpK0wWck4uWMzEQOGNN1QWyNi7l9tSZXW7iz0vchh
VrhtZmowoZRBMgLpHflDMlmLUJmecatdIOJu+A+Pv3lfmUeMPz/OWjauKK5Uxw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:11:18 2026 by rpki-client