Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B694F1E20BD711F1A4EA34DDDAE4EC9C.roa
File: B694F1E20BD711F1A4EA34DDDAE4EC9C.roa (raw, json)
Hash identifier: 4KqyJxDNLYzRdSl8zXinuozv0WVi2RUqDNgaNBWX7oM=
Subject key identifier: 45:EB:D0:26:93:AA:15:3F:5C:81:60:CD:D5:74:33:53:65:BF:A0:F6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B9F1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B694F1E20BD711F1A4EA34DDDAE4EC9C.roa
Signing time: Tue 17 Feb 2026 08:07:34 +0000
ROA not before: Tue 17 Feb 2026 08:07:29 +0000
ROA not after: Tue 24 Mar 2026 08:07:29 +0000
asID: 55020
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113137 (0x1b9f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 17 08:07:29 2026 GMT
Not After : Mar 24 08:07:29 2026 GMT
Subject: CN=699421c6-d97f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5d:e3:a3:bc:7a:c2:e6:6f:ea:4a:f1:ca:18:
95:48:a2:e1:d2:7e:01:75:ce:d2:6d:ed:73:96:a7:
c8:0b:eb:e7:7b:ff:b5:08:78:04:1d:a4:4c:f0:cb:
4d:3a:a1:67:04:4c:c1:1d:61:37:07:d5:ba:9f:5c:
89:ca:94:fa:33:ee:01:39:c8:a9:41:c3:05:93:02:
97:e9:c8:41:65:1f:ee:32:bf:66:79:d3:e6:d0:31:
1c:f1:2f:e8:11:c4:2b:72:e4:f9:39:e4:ef:05:86:
2d:92:0f:98:0e:e9:12:ab:f4:52:b7:27:89:3d:ae:
b7:f3:f6:70:71:a8:c6:84:07:38:9d:5c:bf:4f:8c:
26:86:6c:2b:1f:cc:72:c1:b7:00:5a:b1:3a:0d:2f:
9a:0f:5e:89:1e:ee:ba:47:40:52:0a:cf:94:3f:2d:
8c:8a:06:4b:72:e3:9a:ee:c0:51:f3:59:e5:18:bf:
ae:43:22:79:e5:c9:90:60:33:25:7a:0b:83:71:ce:
84:e9:0b:5b:6d:9a:8d:f4:4f:d5:8f:f3:41:0d:a1:
59:e8:c7:83:bc:bb:fa:03:da:7b:cd:b7:a3:b8:55:
9e:0d:c9:f0:62:5e:b5:9f:d7:e7:23:b7:4a:75:c4:
f1:8b:f2:fb:7a:03:87:6a:63:3e:33:fe:14:8c:70:
01:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:EB:D0:26:93:AA:15:3F:5C:81:60:CD:D5:74:33:53:65:BF:A0:F6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B694F1E20BD711F1A4EA34DDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
Signature Algorithm: sha256WithRSAEncryption
a0:17:b6:81:f4:a2:e4:bc:f4:54:71:d4:b5:49:5e:69:21:0d:
fd:7e:b6:67:1b:70:9f:0d:60:81:2a:48:07:36:e4:f3:43:b9:
f1:2e:ee:d9:0c:5b:83:2a:09:f8:8f:80:34:4d:27:19:44:97:
27:a1:40:81:5f:16:16:3e:bb:b7:47:8d:98:a6:b6:3e:47:95:
f2:f6:03:a7:79:99:5b:df:ec:2e:6b:43:a2:64:4c:73:27:53:
ae:5e:39:ed:43:08:0b:fb:92:dd:22:00:06:2e:15:9a:1a:c2:
d0:6b:5f:92:e2:68:d9:c4:14:40:46:24:00:5b:78:88:3d:7c:
74:75:7d:4f:84:0a:b3:f1:6c:e2:d9:ad:83:5f:59:62:22:39:
da:e4:82:ec:2a:fe:fa:a2:c2:8f:42:64:6c:ea:be:49:9e:5c:
e0:d3:86:22:ab:0b:f5:58:6d:7c:ed:3a:38:08:d2:76:3c:38:
fc:db:79:80:79:23:95:06:1b:a9:0c:26:f5:2e:2c:9f:a9:e9:
d8:97:5b:5c:c3:b5:42:25:48:92:9c:82:27:ab:a9:96:2f:e6:
e8:cf:18:48:3c:ed:b2:5e:43:e5:bf:97:41:40:f5:cb:7c:13:
dc:35:ca:a5:a0:88:b9:69:4a:f7:4d:72:29:db:2d:d1:36:2e:
43:77:76:4d
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAbnxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjE3MDgwNzI5WhcNMjYwMzI0MDgwNzI5WjAYMRYw
FAYDVQQDEw02OTk0MjFjNi1kOTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoV3jo7x6wuZv6krxyhiVSKLh0n4Bdc7Sbe1zlqfIC+vne/+1CHgEHaRM
8MtNOqFnBEzBHWE3B9W6n1yJypT6M+4BOcipQcMFkwKX6chBZR/uMr9medPm0DEc
8S/oEcQrcuT5OeTvBYYtkg+YDukSq/RStyeJPa638/ZwcajGhAc4nVy/T4wmhmwr
H8xywbcAWrE6DS+aD16JHu66R0BSCs+UPy2MigZLcuOa7sBR81nlGL+uQyJ55cmQ
YDMleguDcc6E6QtbbZqN9E/Vj/NBDaFZ6MeDvLv6A9p7zbejuFWeDcnwYl61n9fn
I7dKdcTxi/L7egOHamM+M/4UjHABCQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFEXr
0CaTqhU/XIFgzdV0M1Nlv6D2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNjk0RjFFMjBCRDcxMUYxQTRFQTM0REREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASaWZADBASaWcAwDQYJ
KoZIhvcNAQELBQADggEBAKAXtoH0ouS89FRx1LVJXmkhDf1+tmcbcJ8NYIEqSAc2
5PNDufEu7tkMW4MqCfiPgDRNJxlElyehQIFfFhY+u7dHjZimtj5HlfL2A6d5mVvf
7C5rQ6JkTHMnU65eOe1DCAv7kt0iAAYuFZoawtBrX5LiaNnEFEBGJABbeIg9fHR1
fU+ECrPxbOLZrYNfWWIiOdrkguwq/vqiwo9CZGzqvkmeXODThiKrC/VYbXztOjgI
0nY8OPzbeYB5I5UGG6kMJvUuLJ+p6diXW1zDtUIlSJKcgierqZYv5ujPGEg87bJe
Q+W/l0FA9ct8E9w1yqWgiLlpSvdNcinbLdE2LkN3dk0=
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:20:46 2026 by rpki-client