Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFF11278116A11F1AA71C99CDAE4EC9C.roa
File: BFF11278116A11F1AA71C99CDAE4EC9C.roa (raw, json)
Hash identifier: 8vkDNG+HdhS0J6UxlND1Cz4D5/IcsZ+lXY2jcjUhE64=
Subject key identifier: A9:14:93:1C:33:FD:FD:4C:FF:9F:E8:0C:31:D8:BF:A7:1A:56:3B:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BB3E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFF11278116A11F1AA71C99CDAE4EC9C.roa
Signing time: Tue 24 Feb 2026 10:22:41 +0000
ROA not before: Tue 24 Feb 2026 10:22:36 +0000
ROA not after: Tue 31 Mar 2026 10:22:36 +0000
asID: 62240
IP address blocks: 154.195.116.0/24 maxlen: 24
154.195.117.0/24 maxlen: 24
154.195.118.0/24 maxlen: 24
154.195.152.0/24 maxlen: 24
154.195.153.0/24 maxlen: 24
154.195.154.0/24 maxlen: 24
154.195.155.0/24 maxlen: 24
154.195.156.0/24 maxlen: 24
154.195.157.0/24 maxlen: 24
154.196.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113470 (0x1bb3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 10:22:36 2026 GMT
Not After : Mar 31 10:22:36 2026 GMT
Subject: CN=699d7bf1-17ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9e:8a:1f:43:bc:c7:c3:09:b3:45:e0:b2:a8:
f6:a4:42:10:67:e1:47:2b:58:81:bf:f0:f6:9a:f3:
53:10:80:88:fe:f9:bc:15:8d:6f:7d:bb:43:dd:b8:
42:d1:71:a1:4f:3f:66:5c:eb:19:36:95:ba:ff:6d:
61:31:e4:56:e9:45:21:c2:75:bb:6c:4e:ad:ac:06:
e7:d2:72:5d:db:41:1f:f6:60:77:67:7d:fd:7a:2b:
a5:5a:3d:d0:08:2b:c2:8a:37:07:91:89:fa:18:fa:
35:7d:73:93:aa:08:88:15:3d:26:5e:c5:7c:5a:b1:
27:24:b6:e0:0c:b7:ac:55:1c:63:70:ca:90:74:82:
75:89:07:b0:28:c3:99:8f:eb:75:65:92:06:98:84:
23:0c:af:9f:25:c6:6a:58:85:a8:77:b8:24:20:15:
2f:24:a5:8e:e9:48:5c:c5:ed:db:15:eb:b1:37:11:
ac:48:7b:59:3a:be:8e:3c:1e:37:ec:a6:5a:14:08:
78:7f:2f:02:84:c9:34:a3:69:52:62:ad:15:77:9b:
2b:e8:81:78:04:47:09:46:e0:c2:b9:d2:a2:e0:81:
86:8f:e8:21:fd:0a:2e:7e:17:8a:a9:54:90:ab:e5:
97:49:21:32:70:ea:b7:98:0a:aa:b4:9f:9a:df:a3:
f2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:14:93:1C:33:FD:FD:4C:FF:9F:E8:0C:31:D8:BF:A7:1A:56:3B:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFF11278116A11F1AA71C99CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.116.0-154.195.118.255
154.195.152.0-154.195.157.255
154.196.30.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:33:03:64:d2:b5:39:0d:e9:75:3c:fb:d6:36:83:f7:7d:35:
6a:17:84:1a:37:11:2c:2a:fb:01:39:50:2e:e4:f0:84:8e:06:
c3:74:11:01:65:c6:04:a8:b2:30:50:81:9a:62:90:e5:f0:2c:
64:62:69:47:61:6f:b2:e5:c3:cd:3b:09:cb:d1:2d:e2:69:49:
09:3b:64:32:1c:7b:99:58:8d:7d:07:ca:33:49:2c:0c:c7:83:
eb:66:0d:f0:c8:77:76:d1:0a:d1:cd:7c:9f:12:f9:f5:39:1c:
11:fc:cf:1b:3e:08:52:aa:48:b8:f2:01:83:ae:23:6c:14:53:
b4:61:a8:fd:b2:21:50:14:6e:2f:47:60:dd:bd:b1:fa:dd:ec:
4c:3b:18:fb:97:12:5e:23:f7:a8:37:9d:e5:ea:05:a4:5c:1e:
a0:1b:d9:b0:f4:ce:8e:92:55:4b:0d:72:bb:77:09:ec:bf:42:
b6:0d:a6:63:5a:2b:55:c5:de:15:f4:7a:1c:03:0c:e5:96:08:
92:de:8f:23:c4:47:93:6b:fe:0e:a9:f4:c2:05:2e:56:2d:4a:
cd:dd:78:c9:42:21:28:1b:8b:47:39:1e:02:bd:e7:bd:d8:54:
01:aa:39:40:29:bc:18:2e:1f:f8:7c:f0:3b:c1:f5:7d:b3:af:
a9:ad:29:56
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAbs+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI0MTAyMjM2WhcNMjYwMzMxMTAyMjM2WjAYMRYw
FAYDVQQDEw02OTlkN2JmMS0xN2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqZ6KH0O8x8MJs0Xgsqj2pEIQZ+FHK1iBv/D2mvNTEICI/vm8FY1vfbtD
3bhC0XGhTz9mXOsZNpW6/21hMeRW6UUhwnW7bE6trAbn0nJd20Ef9mB3Z339eiul
Wj3QCCvCijcHkYn6GPo1fXOTqgiIFT0mXsV8WrEnJLbgDLesVRxjcMqQdIJ1iQew
KMOZj+t1ZZIGmIQjDK+fJcZqWIWod7gkIBUvJKWO6Uhcxe3bFeuxNxGsSHtZOr6O
PB437KZaFAh4fy8ChMk0o2lSYq0Vd5sr6IF4BEcJRuDCudKi4IGGj+gh/QoufheK
qVSQq+WXSSEycOq3mAqqtJ+a36PyLwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFKkU
kxwz/f1M/5/oDDHYv6caVjsrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRkYxMTI3ODExNkExMUYxQUE3MUM5OUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAKaw3QDBACaw3YwDAME
A5rDmAMEAZrDnAMEAJrEHjANBgkqhkiG9w0BAQsFAAOCAQEASjMDZNK1OQ3pdTz7
1jaD9301aheEGjcRLCr7ATlQLuTwhI4Gw3QRAWXGBKiyMFCBmmKQ5fAsZGJpR2Fv
suXDzTsJy9Et4mlJCTtkMhx7mViNfQfKM0ksDMeD62YN8Mh3dtEK0c18nxL59Tkc
EfzPGz4IUqpIuPIBg64jbBRTtGGo/bIhUBRuL0dg3b2x+t3sTDsY+5cSXiP3qDed
5eoFpFweoBvZsPTOjpJVSw1yu3cJ7L9Ctg2mY1orVcXeFfR6HAMM5ZYIkt6PI8RH
k2v+Dqn0wgUuVi1Kzd14yUIhKBuLRzkeAr3nvdhUAao5QCm8GC4f+HzwO8H1fbOv
qa0pVg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:04:00 2026 by rpki-client