Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3E0B85E33FB11F1A50AF008CF1D38B0.roa
File: B3E0B85E33FB11F1A50AF008CF1D38B0.roa (raw, json)
Hash identifier: moXUkw1W7wDxdo27pfGw4lJv6pOdREF5h7hObo1s7zE=
Subject key identifier: 4C:E7:F0:FA:26:BF:33:71:76:D1:97:B3:60:08:2C:F0:C2:97:8F:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C3C7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3E0B85E33FB11F1A50AF008CF1D38B0.roa
Signing time: Thu 09 Apr 2026 10:05:58 +0000
ROA not before: Thu 09 Apr 2026 10:05:53 +0000
ROA not after: Mon 09 Apr 2029 10:05:53 +0000
asID: 17561
IP address blocks: 154.86.214.0/24 maxlen: 24
154.86.215.0/24 maxlen: 24
154.86.216.0/24 maxlen: 24
154.86.217.0/24 maxlen: 24
154.86.218.0/24 maxlen: 24
154.86.219.0/24 maxlen: 24
154.86.220.0/24 maxlen: 24
154.86.221.0/24 maxlen: 24
154.86.222.0/24 maxlen: 24
154.86.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 16:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115655 (0x1c3c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 9 10:05:53 2026 GMT
Not After : Apr 9 10:05:53 2029 GMT
Subject: CN=69d77a05-6a8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cf:de:8d:40:67:23:42:cc:55:ac:08:a5:b5:
09:73:50:55:c9:c7:95:bb:99:e5:be:96:23:62:fe:
df:88:f8:09:a5:b2:b3:fe:32:d7:28:18:a9:2d:a5:
29:b9:dd:73:3d:a3:09:69:22:41:c7:45:6e:d9:dd:
37:b6:da:8f:46:82:12:e6:c7:24:46:77:69:b5:ef:
48:6d:81:19:70:c3:d6:c3:56:94:3a:69:28:22:49:
cf:68:6d:21:fc:6e:7f:6f:3d:08:c0:bd:09:94:14:
5f:a1:b8:3e:cc:e3:1b:3b:27:1b:7e:c3:c0:53:6b:
00:be:90:2c:63:97:c2:d7:7e:e9:22:41:80:6f:30:
d5:fa:b7:26:f6:8f:d9:60:44:06:60:bf:94:ab:3d:
f0:ae:94:6c:d4:60:83:25:dd:88:8b:11:36:4c:79:
76:f1:d2:d7:51:f2:7a:9b:9b:da:28:17:42:e4:2c:
d9:08:3a:65:80:b2:e2:b0:cb:14:fc:d2:64:87:99:
5f:11:3a:2f:a5:c2:0f:35:e2:57:6e:92:32:f0:3d:
8c:b7:dc:bd:5b:31:a3:2c:eb:cd:6c:e6:23:1b:e4:
b9:77:fe:ad:22:f2:3c:62:2e:3e:7b:fb:dd:43:fd:
5d:0b:55:d5:ac:59:ba:d0:3f:b6:b5:56:65:0c:91:
2f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E7:F0:FA:26:BF:33:71:76:D1:97:B3:60:08:2C:F0:C2:97:8F:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3E0B85E33FB11F1A50AF008CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.214.0-154.86.223.255
Signature Algorithm: sha256WithRSAEncryption
84:15:33:7b:c4:d3:ca:27:20:2a:11:76:b0:73:8c:2c:6b:37:
5e:2c:34:47:17:36:f7:85:85:b7:a2:30:81:3f:c7:79:0a:57:
26:2f:b8:0f:dc:24:41:e6:30:65:af:0a:79:66:52:5e:c7:46:
b7:68:9c:4f:dc:1d:54:7b:cb:8d:b2:8f:ec:62:1f:6e:db:e5:
3b:4c:b4:fe:fd:a3:ff:57:28:37:63:6b:d5:bf:c4:2e:72:dd:
72:31:44:fa:5a:29:9e:7f:74:29:bd:8a:c1:f2:3a:0c:08:f0:
28:7e:c3:a0:5b:e2:d1:e9:67:4f:61:0e:8b:6b:69:d9:f3:5f:
fe:27:7f:7b:ee:ad:b4:a8:18:79:c9:10:4f:24:ae:0a:e7:6b:
d0:4d:4a:e0:4a:9f:87:92:ed:ba:d6:d6:fe:94:56:d0:30:79:
8d:51:b4:be:9d:d4:70:25:dd:17:bb:b0:9d:22:f0:be:76:9c:
18:c2:55:8a:dd:ae:ad:38:53:e0:e0:40:14:d9:fe:7d:a6:08:
c0:ed:88:0d:2d:8b:72:b4:cf:59:e6:91:6a:8d:b6:c3:b1:16:
dc:ec:6c:03:76:6f:86:fc:65:09:09:2b:57:54:a7:d1:07:32:
6b:36:f2:97:c7:01:16:80:10:33:70:2d:16:2f:e0:45:e2:85:
86:8d:9f:78
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAcPHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDA5MTAwNTUzWhcNMjkwNDA5MTAwNTUzWjAYMRYw
FAYDVQQDEw02OWQ3N2EwNS02YThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtM/ejUBnI0LMVawIpbUJc1BVyceVu5nlvpYjYv7fiPgJpbKz/jLXKBip
LaUpud1zPaMJaSJBx0Vu2d03ttqPRoIS5sckRndpte9IbYEZcMPWw1aUOmkoIknP
aG0h/G5/bz0IwL0JlBRfobg+zOMbOycbfsPAU2sAvpAsY5fC137pIkGAbzDV+rcm
9o/ZYEQGYL+Uqz3wrpRs1GCDJd2IixE2THl28dLXUfJ6m5vaKBdC5CzZCDplgLLi
sMsU/NJkh5lfETovpcIPNeJXbpIy8D2Mt9y9WzGjLOvNbOYjG+S5d/6tIvI8Yi4+
e/vdQ/1dC1XVrFm60D+2tVZlDJEvoQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFEzn
8PomvzNxdtGXs2AILPDCl4/RMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CM0UwQjg1RTMzRkIxMUYxQTUwQUYwMDhDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGaVtYDBAWaVsAwDQYJ
KoZIhvcNAQELBQADggEBAIQVM3vE08onICoRdrBzjCxrN14sNEcXNveFhbeiMIE/
x3kKVyYvuA/cJEHmMGWvCnlmUl7HRrdonE/cHVR7y42yj+xiH27b5TtMtP79o/9X
KDdja9W/xC5y3XIxRPpaKZ5/dCm9isHyOgwI8Ch+w6Bb4tHpZ09hDotradnzX/4n
f3vurbSoGHnJEE8krgrna9BNSuBKn4eS7brW1v6UVtAweY1RtL6d1HAl3Re7sJ0i
8L52nBjCVYrdrq04U+DgQBTZ/n2mCMDtiA0ti3K0z1nmkWqNtsOxFtzsbAN2b4b8
ZQkJK1dUp9EHMms28pfHARaAEDNwLRYv4EXihYaNn3g=
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:54:14 2026 by rpki-client