Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDD9B2FA119311F1A1904D95DAE4EC9C.roa
File: BDD9B2FA119311F1A1904D95DAE4EC9C.roa (raw, json)
Hash identifier: g1x8e8bRRD0TUYx/eM3Pw7jxL6KJ3vM2Uggr9mzGQ9Y=
Subject key identifier: D9:A3:7A:BC:71:8D:3E:28:78:38:DE:73:E3:CF:12:40:E0:01:88:4E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BB78
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDD9B2FA119311F1A1904D95DAE4EC9C.roa
Signing time: Tue 24 Feb 2026 15:16:07 +0000
ROA not before: Tue 24 Feb 2026 15:16:02 +0000
ROA not after: Sat 04 Apr 2026 15:16:02 +0000
asID: 20326
IP address blocks: 154.85.123.0/24 maxlen: 24
154.94.33.0/24 maxlen: 24
154.94.38.0/24 maxlen: 24
154.94.41.0/24 maxlen: 24
154.94.46.0/24 maxlen: 24
154.94.50.0/24 maxlen: 24
154.94.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113528 (0x1bb78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 15:16:02 2026 GMT
Not After : Apr 4 15:16:02 2026 GMT
Subject: CN=699dc0b7-b2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9c:de:ab:89:96:b5:17:64:90:1a:c2:aa:30:
d0:fd:30:60:6f:f0:c7:02:b3:bf:df:af:a7:4b:c5:
eb:0b:c8:b9:9c:c1:01:fc:d1:c9:52:64:94:fb:3e:
fe:f4:5f:d1:b1:3b:af:7e:6d:d3:12:ba:2f:d4:88:
c7:45:61:73:47:1c:b0:5b:1e:27:78:21:54:3e:45:
fe:7c:4e:c3:1f:00:d5:66:75:13:be:ae:65:e7:a3:
b8:b1:45:87:55:be:08:93:5d:b0:87:f3:f1:ca:68:
2a:ef:80:57:e7:24:94:61:88:9d:19:0c:61:2f:5a:
b8:32:1b:91:08:d6:a6:1a:9f:3d:cf:63:f4:37:70:
32:e5:bc:83:cf:ea:ad:8e:45:63:18:e2:a7:89:f6:
5b:1d:8c:ad:c5:eb:4b:fa:28:bc:e8:c0:e4:90:3c:
67:89:09:c0:ff:97:8b:c1:f3:86:24:59:80:39:a8:
30:54:fa:cd:d9:e8:f5:18:6b:7f:23:81:44:fa:fe:
cb:f9:c4:40:9a:8d:76:de:44:01:86:1c:25:e5:14:
81:a7:32:b2:20:63:21:b0:4c:e0:da:bf:86:7f:47:
99:27:0c:69:01:37:aa:b5:53:78:57:1d:dd:98:5c:
ab:ba:56:a2:9e:b1:76:a5:6c:e4:6c:67:ef:c2:02:
7b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A3:7A:BC:71:8D:3E:28:78:38:DE:73:E3:CF:12:40:E0:01:88:4E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDD9B2FA119311F1A1904D95DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.123.0/24
154.94.33.0/24
154.94.38.0/24
154.94.41.0/24
154.94.46.0/24
154.94.50.0/24
154.94.60.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:0c:b3:ff:0e:e3:30:c4:df:63:94:c7:51:5c:2c:cf:a3:0a:
0f:28:76:67:58:3c:c0:ac:54:68:7f:f9:33:ca:d8:d9:e9:ce:
c5:87:6b:a4:42:8b:f4:16:86:b9:62:08:c9:13:24:01:ea:a9:
03:75:89:4f:fa:31:1e:d2:ad:03:56:bb:f7:8e:41:6a:67:2e:
ef:b9:bd:fb:cf:76:52:ae:40:33:4e:1b:69:89:2d:1f:31:99:
71:6d:09:be:3e:fd:f6:4b:04:c2:d3:f0:05:14:a9:16:72:f6:
b7:79:8a:77:7b:b1:2a:df:85:20:ec:06:8d:04:86:f5:70:e0:
87:40:0f:b8:3b:0f:88:fb:6e:b7:3b:1c:08:88:3c:39:6c:76:
9f:ca:85:74:f5:6f:de:09:a1:93:d5:3c:ec:dc:94:d4:c2:b6:
a6:09:ac:bf:b2:8e:1e:1c:b0:e8:b1:b7:db:d7:8a:8e:c6:06:
0b:42:4f:fd:a9:a6:3a:74:95:8a:03:aa:e4:d4:c0:45:61:a1:
92:b3:14:38:e0:6b:73:90:14:76:93:df:43:86:4a:79:1a:2b:
02:11:fe:ef:2a:b3:f9:ed:a4:f4:7b:28:7b:41:9c:6f:d7:ca:
bf:fa:a0:71:ef:b0:06:71:bf:29:5b:1c:00:d0:b2:31:26:7c:
9d:55:b7:14
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgIDAbt4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI0MTUxNjAyWhcNMjYwNDA0MTUxNjAyWjAYMRYw
FAYDVQQDEw02OTlkYzBiNy1iMmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6Zzeq4mWtRdkkBrCqjDQ/TBgb/DHArO/36+nS8XrC8i5nMEB/NHJUmSU
+z7+9F/RsTuvfm3TErov1IjHRWFzRxywWx4neCFUPkX+fE7DHwDVZnUTvq5l56O4
sUWHVb4Ik12wh/Pxymgq74BX5ySUYYidGQxhL1q4MhuRCNamGp89z2P0N3Ay5byD
z+qtjkVjGOKnifZbHYytxetL+ii86MDkkDxniQnA/5eLwfOGJFmAOagwVPrN2ej1
GGt/I4FE+v7L+cRAmo123kQBhhwl5RSBpzKyIGMhsEzg2r+Gf0eZJwxpATeqtVN4
Vx3dmFyrulainrF2pWzkbGfvwgJ73wIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFNmj
erxxjT4oeDjec+PPEkDgAYhOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CREQ5QjJGQTExOTMxMUYxQTE5MDREOTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAmlV7AwQAml4hAwQAml4m
AwQAml4pAwQAml4uAwQAml4yAwQAml48MA0GCSqGSIb3DQEBCwUAA4IBAQDRDLP/
DuMwxN9jlMdRXCzPowoPKHZnWDzArFRof/kzytjZ6c7Fh2ukQov0Foa5YgjJEyQB
6qkDdYlP+jEe0q0DVrv3jkFqZy7vub37z3ZSrkAzThtpiS0fMZlxbQm+Pv32SwTC
0/AFFKkWcva3eYp3e7Eq34Ug7AaNBIb1cOCHQA+4Ow+I+263OxwIiDw5bHafyoV0
9W/eCaGT1Tzs3JTUwramCay/so4eHLDosbfb14qOxgYLQk/9qaY6dJWKA6rk1MBF
YaGSsxQ44GtzkBR2k99Dhkp5GisCEf7vKrP57aT0eyh7QZxv18q/+qBx77AGcb8p
WxwA0LIxJnydVbcU
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:26:19 2026 by rpki-client