Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A73BB4460B0B11F1AA8B9DF5DAE4EC9C.roa
File: A73BB4460B0B11F1AA8B9DF5DAE4EC9C.roa (raw, json)
Hash identifier: pJ6eQ1loHE6Q2gTtOl01SVGxZ4YZaIz6SR/19qSHqzE=
Subject key identifier: 98:0E:19:0C:12:A6:78:E8:D5:DB:CC:0E:72:56:9B:0B:59:82:B1:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B9B2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A73BB4460B0B11F1AA8B9DF5DAE4EC9C.roa
Signing time: Mon 16 Feb 2026 07:46:54 +0000
ROA not before: Mon 16 Feb 2026 07:46:43 +0000
ROA not after: Mon 09 Mar 2026 07:46:43 +0000
asID: 201670
IP address blocks: 154.213.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113074 (0x1b9b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 16 07:46:43 2026 GMT
Not After : Mar 9 07:46:43 2026 GMT
Subject: CN=6992cb6e-93c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b5:e2:56:c3:1c:fe:c3:2a:82:7f:8b:07:0c:
0a:5f:1c:38:e8:8e:94:76:07:db:29:86:8c:e4:a4:
d5:8d:69:14:5d:f1:51:9a:6b:74:d1:6e:e2:de:77:
b8:7e:f2:ac:88:43:dd:c3:1e:fe:9f:62:a7:a9:c3:
86:e7:83:c0:be:f0:4d:8a:7b:72:1b:a6:5a:3f:32:
77:e2:63:2b:2f:e1:db:f5:fc:c9:b9:85:71:0d:5f:
82:09:ba:22:dd:78:03:80:75:69:8c:b5:af:a5:b0:
f3:2e:63:7d:1b:32:b8:e4:78:77:10:af:01:c8:1f:
a1:65:c3:3e:5e:d4:4e:93:5b:12:a6:3e:4f:34:62:
63:a6:c8:6a:3b:8c:85:82:1f:5b:23:6c:df:79:9f:
6f:6d:99:9b:a6:d1:fc:89:04:11:da:da:61:e8:0c:
36:b1:fc:fe:ca:d2:c2:68:37:10:5b:ff:90:01:f2:
97:99:03:f6:77:38:aa:47:92:3e:7c:dd:37:50:d4:
5b:d4:5b:f7:a0:0d:1b:c6:95:32:66:aa:8f:7a:ec:
9c:f8:24:06:a3:a8:53:eb:d2:91:29:cc:3e:f1:9f:
01:03:3f:89:19:15:53:f3:e6:f5:6d:20:5b:94:24:
0c:b3:f0:0b:4f:36:81:ae:09:65:a7:a8:f3:0f:a7:
ce:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0E:19:0C:12:A6:78:E8:D5:DB:CC:0E:72:56:9B:0B:59:82:B1:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A73BB4460B0B11F1AA8B9DF5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.167.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:47:33:3b:51:6d:4e:bb:ea:4d:fc:49:6a:6b:95:c5:34:22:
e3:d3:40:b4:c8:ba:dd:a4:ca:ca:b9:f5:d2:3b:70:e4:17:14:
58:81:c8:c0:a6:0e:37:0b:96:13:64:e2:8e:93:cd:ea:a3:9f:
f9:3f:33:49:bc:b6:61:4a:63:59:9c:2a:f4:4f:9e:2c:06:bb:
8b:4a:09:d9:79:42:72:98:3b:02:17:14:6d:20:93:32:5b:f2:
ff:34:c1:48:de:e9:66:9e:ad:cc:50:1f:f3:34:0a:ee:39:14:
c8:ac:42:0f:4e:7d:07:0e:25:66:a8:77:0a:8d:fc:8b:0d:c4:
9b:bb:8b:d7:4d:a6:3e:fe:64:27:c6:91:2d:cc:01:ba:5d:e6:
ec:47:08:a0:29:36:df:f3:dc:63:53:c4:3e:fb:b1:b0:ae:2e:
b4:1e:ce:9a:3e:88:8a:c7:bc:ee:26:6a:cc:83:be:41:41:a0:
19:5d:4b:67:13:b8:69:c3:3b:27:dd:d8:48:fb:9e:f4:9d:9b:
57:58:2f:2b:ea:13:58:34:2f:3b:7d:41:d9:61:0d:06:25:1a:
92:a8:84:37:77:46:86:38:e5:3b:da:23:63:e0:bb:63:0c:33:
39:a0:92:3a:cc:ba:0f:94:41:ce:ab:e7:53:86:52:8a:a5:7e:
5f:70:36:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbmyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjE2MDc0NjQzWhcNMjYwMzA5MDc0NjQzWjAYMRYw
FAYDVQQDEw02OTkyY2I2ZS05M2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs7XiVsMc/sMqgn+LBwwKXxw46I6UdgfbKYaM5KTVjWkUXfFRmmt00W7i
3ne4fvKsiEPdwx7+n2KnqcOG54PAvvBNintyG6ZaPzJ34mMrL+Hb9fzJuYVxDV+C
Cboi3XgDgHVpjLWvpbDzLmN9GzK45Hh3EK8ByB+hZcM+XtROk1sSpj5PNGJjpshq
O4yFgh9bI2zfeZ9vbZmbptH8iQQR2tph6Aw2sfz+ytLCaDcQW/+QAfKXmQP2dziq
R5I+fN03UNRb1Fv3oA0bxpUyZqqPeuyc+CQGo6hT69KRKcw+8Z8BAz+JGRVT8+b1
bSBblCQMs/ALTzaBrgllp6jzD6fOZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJgO
GQwSpnjo1dvMDnJWmwtZgrGDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNzNCQjQ0NjBCMEIxMUYxQUE4QjlERjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtWnMA0GCSqGSIb3DQEB
CwUAA4IBAQCqRzM7UW1Ou+pN/Elqa5XFNCLj00C0yLrdpMrKufXSO3DkFxRYgcjA
pg43C5YTZOKOk83qo5/5PzNJvLZhSmNZnCr0T54sBruLSgnZeUJymDsCFxRtIJMy
W/L/NMFI3ulmnq3MUB/zNAruORTIrEIPTn0HDiVmqHcKjfyLDcSbu4vXTaY+/mQn
xpEtzAG6XebsRwigKTbf89xjU8Q++7Gwri60Hs6aPoiKx7zuJmrMg75BQaAZXUtn
E7hpwzsn3dhI+570nZtXWC8r6hNYNC87fUHZYQ0GJRqSqIQ3d0aGOOU72iNj4Ltj
DDM5oJI6zLoPlEHOq+dThlKKpX5fcDZu
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:08:42 2026 by rpki-client