Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0EB0AE4FC1111F0A69CB8EEDAE4EC9C.roa
File: C0EB0AE4FC1111F0A69CB8EEDAE4EC9C.roa (raw, json)
Hash identifier: uWJym74w7DfMlZyZMcn+V2zn8o2EaGFVkYzSXPwGxNk=
Subject key identifier: B6:6E:E6:7C:D1:81:ED:C6:1D:30:22:C4:89:80:C9:F4:D2:AE:3D:29
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B6F5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0EB0AE4FC1111F0A69CB8EEDAE4EC9C.roa
Signing time: Wed 28 Jan 2026 06:22:43 +0000
ROA not before: Wed 28 Jan 2026 06:22:38 +0000
ROA not after: Fri 06 Mar 2026 06:22:38 +0000
asID: 20326
IP address blocks: 154.222.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112373 (0x1b6f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 28 06:22:38 2026 GMT
Not After : Mar 6 06:22:38 2026 GMT
Subject: CN=6979ab33-52fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:00:9b:36:50:ee:2b:1c:d9:f2:de:77:64:58:
22:14:c6:6e:10:80:87:f1:a7:f1:ad:95:0d:07:be:
3f:05:71:32:ea:6f:ee:39:12:f4:10:b3:1d:71:01:
e2:f2:36:3b:06:d8:b9:cd:84:67:24:a3:36:93:98:
9e:f0:5f:49:be:1a:43:c8:76:e1:50:89:a4:88:8d:
c7:6d:f9:1f:60:d0:aa:7f:0b:8f:3f:d2:08:93:ad:
f3:69:df:65:bd:e8:2d:1e:4b:18:86:23:bf:f7:4f:
41:0e:cf:b5:b7:ca:7a:04:a7:b3:60:52:f1:bc:fb:
56:65:25:fd:18:03:1a:f5:f6:22:6d:fb:30:81:02:
05:07:50:05:54:91:3f:a9:74:f7:43:93:58:70:e8:
8b:04:99:c5:b3:41:b2:72:12:69:0e:fb:97:47:2a:
2f:1b:b0:44:15:9f:04:2b:b3:67:51:13:a9:ef:45:
c4:3c:66:be:64:27:6d:d0:d7:b7:fc:97:50:4a:d3:
c6:44:18:ea:bb:74:d3:ba:ce:54:64:05:e6:92:27:
f8:a2:6c:67:f5:23:e8:d3:32:da:e8:43:d9:d1:c1:
64:52:08:3d:1b:07:a2:05:3e:a6:73:cf:65:37:6b:
25:e1:ac:9f:99:99:48:2b:98:91:b2:89:b1:7f:31:
8d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6E:E6:7C:D1:81:ED:C6:1D:30:22:C4:89:80:C9:F4:D2:AE:3D:29
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0EB0AE4FC1111F0A69CB8EEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.120.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:59:50:72:e4:13:af:12:a7:7e:84:16:4a:b5:a4:d6:f0:be:
99:bf:53:90:76:4c:53:4d:4e:02:af:28:05:15:9d:ea:49:13:
75:b7:b7:a7:23:c3:6b:cc:24:d9:36:98:fb:9d:b8:05:2d:29:
1f:49:b5:4e:b5:fc:d9:66:35:85:12:6b:71:22:8b:02:90:8a:
b2:59:00:1d:f6:7a:10:b5:7f:f5:e7:57:af:34:25:ed:56:ec:
73:a9:b8:bf:5e:eb:c7:9d:a5:76:ea:63:04:d4:cc:6b:e0:0f:
ac:5b:06:7a:da:04:36:fc:10:67:be:37:7f:37:11:c6:0d:1f:
a8:10:6b:ca:90:d4:b6:07:1f:4a:bf:f2:50:48:b4:9a:b7:2e:
f5:65:62:f7:cd:e9:e3:c3:33:23:12:64:de:2f:a9:82:2d:dc:
d3:5e:69:5a:5e:6a:a2:16:76:94:c4:a6:50:53:9d:7b:2e:ef:
f7:d0:63:9b:64:5f:86:c7:61:ca:77:90:22:d6:3d:39:19:5f:
93:b4:d0:b5:0c:41:d6:7d:6a:9d:6d:af:34:94:80:f2:8c:57:
b7:30:c0:0f:bb:33:dd:a2:4d:11:2a:a5:a1:01:20:47:f0:e8:
ca:dc:e0:77:03:b8:27:6d:01:e7:28:de:ff:97:cd:5e:08:74:
86:81:85:9e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbb1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMTI4MDYyMjM4WhcNMjYwMzA2MDYyMjM4WjAYMRYw
FAYDVQQDEw02OTc5YWIzMy01MmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApQCbNlDuKxzZ8t53ZFgiFMZuEICH8afxrZUNB74/BXEy6m/uORL0ELMd
cQHi8jY7Bti5zYRnJKM2k5ie8F9JvhpDyHbhUImkiI3HbfkfYNCqfwuPP9IIk63z
ad9lvegtHksYhiO/909BDs+1t8p6BKezYFLxvPtWZSX9GAMa9fYibfswgQIFB1AF
VJE/qXT3Q5NYcOiLBJnFs0GychJpDvuXRyovG7BEFZ8EK7NnUROp70XEPGa+ZCdt
0Ne3/JdQStPGRBjqu3TTus5UZAXmkif4omxn9SPo0zLa6EPZ0cFkUgg9GweiBT6m
c89lN2sl4ayfmZlIK5iRsomxfzGN6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLZu
5nzRge3GHTAixImAyfTSrj0pMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMEVCMEFFNEZDMTExMUYwQTY5Q0I4RUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmt54MA0GCSqGSIb3DQEB
CwUAA4IBAQCOWVBy5BOvEqd+hBZKtaTW8L6Zv1OQdkxTTU4CrygFFZ3qSRN1t7en
I8NrzCTZNpj7nbgFLSkfSbVOtfzZZjWFEmtxIosCkIqyWQAd9noQtX/151evNCXt
Vuxzqbi/XuvHnaV26mME1Mxr4A+sWwZ62gQ2/BBnvjd/NxHGDR+oEGvKkNS2Bx9K
v/JQSLSaty71ZWL3zenjwzMjEmTeL6mCLdzTXmlaXmqiFnaUxKZQU517Lu/30GOb
ZF+Gx2HKd5Ai1j05GV+TtNC1DEHWfWqdba80lIDyjFe3MMAPuzPdok0RKqWhASBH
8OjK3OB3A7gnbQHnKN7/l81eCHSGgYWe
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:03:02 2026 by rpki-client