Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C73B1F02FDAA11F083F234C0DAE4EC9C.roa
File: C73B1F02FDAA11F083F234C0DAE4EC9C.roa (raw, json)
Hash identifier: A/eNZIm6zVcOZZAlCGcojqujkYMBLblEviREShCpWi8=
Subject key identifier: 24:94:7A:30:17:86:A6:D6:73:66:B4:D8:E3:55:97:00:0A:37:C0:76
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B75F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C73B1F02FDAA11F083F234C0DAE4EC9C.roa
Signing time: Fri 30 Jan 2026 07:10:38 +0000
ROA not before: Fri 30 Jan 2026 07:10:33 +0000
ROA not after: Fri 06 Mar 2026 07:10:33 +0000
asID: 17497
IP address blocks: 154.196.140.0/24 maxlen: 24
154.196.142.0/24 maxlen: 24
154.196.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112479 (0x1b75f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 30 07:10:33 2026 GMT
Not After : Mar 6 07:10:33 2026 GMT
Subject: CN=697c596e-4e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4c:51:89:35:09:ad:67:8b:78:c4:d3:57:ce:
bf:ee:29:fd:fe:7d:9d:90:0a:ab:97:82:e0:56:87:
a1:bc:3a:e8:3f:b0:ed:71:dd:3e:4d:4f:15:f4:91:
53:74:ee:6d:93:7e:b8:61:e9:2e:82:0f:20:51:5f:
e4:5a:1d:22:78:15:13:ff:da:e8:8b:fd:26:0b:ab:
32:f2:90:0b:f8:f0:90:21:f5:bb:bc:f4:2e:50:64:
15:2f:bf:b8:90:29:8d:94:d9:a7:dc:21:3b:3d:23:
7f:b4:6d:cf:c4:07:9e:a0:7a:a8:bc:eb:4c:1c:4d:
46:17:f9:95:b5:be:05:c4:b9:c0:e0:65:3b:74:ae:
67:36:81:1f:7d:55:0d:b4:30:f3:7f:2c:7c:34:df:
43:7b:7b:79:a0:6f:02:f2:05:b7:4f:63:57:0d:97:
b8:8e:a8:e4:62:27:b4:72:35:80:14:0e:22:dc:cd:
31:be:8d:90:d3:17:94:dc:a8:4c:cc:87:a6:13:e4:
ce:ff:7a:ff:a7:ce:d3:86:6d:27:92:1f:ef:8e:d5:
17:30:cf:cf:19:b0:6d:5d:2f:9d:1a:d2:0d:77:9e:
7a:ac:62:d1:c2:42:d3:b8:8f:30:05:ec:b1:9c:7b:
db:b4:e0:21:fe:ee:1a:ce:19:e4:e9:ae:92:9c:5a:
df:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:94:7A:30:17:86:A6:D6:73:66:B4:D8:E3:55:97:00:0A:37:C0:76
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C73B1F02FDAA11F083F234C0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.140.0/24
154.196.142.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:41:e2:11:7c:8e:9d:9a:ed:03:f3:ce:af:8c:50:31:7d:57:
e7:ed:33:3c:6f:bc:5d:ca:e2:16:1c:d2:43:d5:26:b7:23:b6:
c1:2a:ac:e3:7a:78:ec:e1:3b:6f:7c:33:96:08:f9:d7:a6:4f:
2e:4a:db:97:ed:de:13:b7:7d:9a:16:35:77:70:d4:f0:b6:48:
fa:b4:97:0b:dd:b1:bd:67:7b:bc:91:8f:ec:5a:b1:e6:27:de:
c2:45:a7:79:35:40:d4:bc:4f:17:63:51:b3:65:1a:6f:71:7f:
9e:9a:52:75:53:e9:7e:e9:aa:93:5a:f6:fc:22:39:76:f1:5d:
1b:94:87:8f:e9:3d:72:ce:d2:08:36:c8:bd:9b:be:32:e8:13:
b6:42:26:4d:19:9b:52:e1:86:33:c1:30:d0:8a:93:0f:ae:f6:
74:cc:29:c7:06:7f:32:c3:68:e4:d4:99:50:9c:a6:90:a7:73:
be:24:c3:b4:09:2a:d3:9b:6e:e4:e4:3d:02:22:d9:55:9c:64:
a2:3d:49:0d:dc:97:75:29:35:9e:5e:17:f9:17:cc:1d:88:38:
90:72:b8:5c:24:87:46:b9:db:08:1c:3d:54:ab:ef:22:15:d6:
0b:e9:f7:fe:44:7c:0b:ef:b2:16:bb:4e:db:36:63:00:66:e0:
57:74:78:97
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAbdfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMTMwMDcxMDMzWhcNMjYwMzA2MDcxMDMzWjAYMRYw
FAYDVQQDEw02OTdjNTk2ZS00ZThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzkxRiTUJrWeLeMTTV86/7in9/n2dkAqrl4LgVoehvDroP7Dtcd0+TU8V
9JFTdO5tk364Yekugg8gUV/kWh0ieBUT/9roi/0mC6sy8pAL+PCQIfW7vPQuUGQV
L7+4kCmNlNmn3CE7PSN/tG3PxAeeoHqovOtMHE1GF/mVtb4FxLnA4GU7dK5nNoEf
fVUNtDDzfyx8NN9De3t5oG8C8gW3T2NXDZe4jqjkYie0cjWAFA4i3M0xvo2Q0xeU
3KhMzIemE+TO/3r/p87Thm0nkh/vjtUXMM/PGbBtXS+dGtINd556rGLRwkLTuI8w
BeyxnHvbtOAh/u4azhnk6a6SnFrfKwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFCSU
ejAXhqbWc2a02ONVlwAKN8B2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNzNCMUYwMkZEQUExMUYwODNGMjM0QzBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsSMAwQBmsSOMA0GCSqG
SIb3DQEBCwUAA4IBAQB/QeIRfI6dmu0D886vjFAxfVfn7TM8b7xdyuIWHNJD1Sa3
I7bBKqzjenjs4TtvfDOWCPnXpk8uStuX7d4Tt32aFjV3cNTwtkj6tJcL3bG9Z3u8
kY/sWrHmJ97CRad5NUDUvE8XY1GzZRpvcX+emlJ1U+l+6aqTWvb8Ijl28V0blIeP
6T1yztIINsi9m74y6BO2QiZNGZtS4YYzwTDQipMPrvZ0zCnHBn8yw2jk1JlQnKaQ
p3O+JMO0CSrTm27k5D0CItlVnGSiPUkN3Jd1KTWeXhf5F8wdiDiQcrhcJIdGudsI
HD1Uq+8iFdYL6ff+RHwL77IWu07bNmMAZuBXdHiX
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:11:40 2026 by rpki-client