Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A02D869033F411F1A9F90DDECE1D38B0.roa
File: A02D869033F411F1A9F90DDECE1D38B0.roa (raw, json)
Hash identifier: jg8Wb/JVqe9N+aJF3OKCu4QFjIqOUKUSPDyaBApzNys=
Subject key identifier: 72:DA:C7:F3:69:26:D9:B8:1F:30:36:13:90:53:8D:D9:B8:69:A9:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C3B1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A02D869033F411F1A9F90DDECE1D38B0.roa
Signing time: Thu 09 Apr 2026 09:15:18 +0000
ROA not before: Thu 09 Apr 2026 09:15:13 +0000
ROA not after: Sat 16 May 2026 09:15:13 +0000
asID: 151352
IP address blocks: 154.85.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115633 (0x1c3b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 9 09:15:13 2026 GMT
Not After : May 16 09:15:13 2026 GMT
Subject: CN=69d76e26-eda3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f0:2c:d9:fe:07:00:e8:88:cb:93:da:af:a5:
58:c9:c0:04:af:43:51:e1:49:92:cb:5d:10:b2:c2:
d4:f1:c6:9d:94:4d:68:7d:89:39:24:d1:ce:37:70:
67:c9:72:45:b7:70:6b:55:b5:e6:c0:82:9e:85:57:
c0:d4:81:e2:44:0c:a9:ac:f2:8b:e6:bc:13:b8:4f:
a6:c0:94:5f:41:6a:7f:39:78:9a:d7:fd:e8:b6:e2:
24:41:2b:a8:6f:fc:f9:6f:6e:b8:d1:0e:a7:0f:30:
8f:98:e2:10:ad:f7:23:9f:c8:1f:c4:15:9a:6a:d7:
1b:7a:07:1d:f6:d3:ba:68:37:0b:9f:44:57:e8:9b:
be:60:0a:f9:3b:a6:e7:09:d0:66:97:17:ea:de:63:
5f:43:ed:e9:55:ca:bd:fd:51:c7:75:6b:86:ca:34:
16:55:1a:58:91:c8:3c:ea:1e:97:a9:bd:34:e2:67:
aa:b9:b2:8c:02:d2:92:a7:de:69:e7:8b:aa:9f:ba:
eb:2b:4f:53:6c:66:4e:69:60:2e:06:d3:db:c2:37:
8d:40:5e:47:22:0b:69:27:cc:9d:f7:0f:67:a6:eb:
89:15:25:cc:13:1c:6a:c8:c0:f0:ed:f6:a1:67:fe:
db:e6:49:75:e4:f7:8c:96:0e:a0:bd:ce:75:10:6a:
7e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DA:C7:F3:69:26:D9:B8:1F:30:36:13:90:53:8D:D9:B8:69:A9:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A02D869033F411F1A9F90DDECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.20.0/24
Signature Algorithm: sha256WithRSAEncryption
07:d8:6b:be:b1:7f:f5:14:27:40:31:bd:36:ec:c6:60:1f:e5:
27:b1:d4:de:fc:00:e8:2b:f1:3c:55:6e:30:c6:ef:9c:dd:66:
ff:98:41:4d:65:dc:11:07:67:ea:26:af:73:bc:7a:73:2d:70:
2c:3a:64:25:0c:5c:43:54:67:b8:43:7a:b3:29:24:8a:cd:9b:
20:48:d4:cb:6f:6b:17:53:f9:87:ef:93:5a:1d:1f:71:86:9d:
f2:bc:41:ee:4f:2a:3e:a6:73:d5:2d:e5:42:8d:3f:8c:90:e6:
2a:f2:9b:81:ef:64:63:70:81:0f:e5:e2:97:18:7b:60:44:e2:
60:22:24:a9:81:76:cd:ca:cf:8b:71:8d:b0:44:71:fe:2e:04:
d9:e6:dd:1d:f4:b3:ac:e0:f6:e2:6a:38:31:4c:48:f1:f1:68:
00:1b:66:ff:f6:c5:50:3d:5c:9f:f6:1c:d2:ea:e9:fc:26:20:
af:2a:f3:d6:d6:fb:da:7d:36:e1:1c:31:78:89:ad:6f:64:bd:
fb:8f:bc:77:18:3d:ca:e3:bc:8c:e7:95:c0:ea:8e:d5:2b:5f:
78:90:df:ea:55:13:07:e2:c1:64:b8:11:37:be:f2:e2:41:29:
a1:c5:09:44:df:9b:7a:8e:b1:d3:e8:06:ab:f7:52:b6:4a:e5:
a4:b1:3f:b3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcOxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDA5MDkxNTEzWhcNMjYwNTE2MDkxNTEzWjAYMRYw
FAYDVQQDEw02OWQ3NmUyNi1lZGEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn/As2f4HAOiIy5Par6VYycAEr0NR4UmSy10QssLU8cadlE1ofYk5JNHO
N3BnyXJFt3BrVbXmwIKehVfA1IHiRAyprPKL5rwTuE+mwJRfQWp/OXia1/3otuIk
QSuob/z5b2640Q6nDzCPmOIQrfcjn8gfxBWaatcbegcd9tO6aDcLn0RX6Ju+YAr5
O6bnCdBmlxfq3mNfQ+3pVcq9/VHHdWuGyjQWVRpYkcg86h6Xqb004mequbKMAtKS
p95p54uqn7rrK09TbGZOaWAuBtPbwjeNQF5HIgtpJ8yd9w9npuuJFSXMExxqyMDw
7fahZ/7b5kl15PeMlg6gvc51EGp+JwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHLa
x/NpJtm4HzA2E5BTjdm4aam1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMDJEODY5MDMzRjQxMUYxQTlGOTBEREVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlUUMA0GCSqGSIb3DQEB
CwUAA4IBAQAH2Gu+sX/1FCdAMb027MZgH+UnsdTe/ADoK/E8VW4wxu+c3Wb/mEFN
ZdwRB2fqJq9zvHpzLXAsOmQlDFxDVGe4Q3qzKSSKzZsgSNTLb2sXU/mH75NaHR9x
hp3yvEHuTyo+pnPVLeVCjT+MkOYq8puB72RjcIEP5eKXGHtgROJgIiSpgXbNys+L
cY2wRHH+LgTZ5t0d9LOs4PbiajgxTEjx8WgAG2b/9sVQPVyf9hzS6un8JiCvKvPW
1vvafTbhHDF4ia1vZL37j7x3GD3K47yM55XA6o7VK194kN/qVRMH4sFkuBE3vvLi
QSmhxQlE35t6jrHT6Aar91K2SuWksT+z
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:28:22 2026 by rpki-client