Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C96C0942FE7411F0BD61C29ADAE4EC9C.roa
File: C96C0942FE7411F0BD61C29ADAE4EC9C.roa (raw, json)
Hash identifier: HUnsZpgHi3gpZj0aQiPYOB3BV0b3CgKBm5BfuMKhZl0=
Subject key identifier: 38:2C:EB:D4:1D:46:71:E7:0A:AA:9F:55:FA:E6:54:40:45:F6:67:11
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B7AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C96C0942FE7411F0BD61C29ADAE4EC9C.roa
Signing time: Sat 31 Jan 2026 07:16:40 +0000
ROA not before: Sat 31 Jan 2026 07:16:35 +0000
ROA not after: Sun 08 Mar 2026 07:16:35 +0000
asID: 44559
IP address blocks: 154.209.205.0/24 maxlen: 24
154.209.207.0/24 maxlen: 24
154.218.27.0/24 maxlen: 24
154.219.193.0/24 maxlen: 24
154.219.194.0/24 maxlen: 24
154.219.197.0/24 maxlen: 24
154.219.200.0/24 maxlen: 24
154.219.204.0/24 maxlen: 24
154.219.205.0/24 maxlen: 24
154.219.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112556 (0x1b7ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 31 07:16:35 2026 GMT
Not After : Mar 8 07:16:35 2026 GMT
Subject: CN=697dac58-d2ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:89:bb:93:dd:09:e2:58:79:cf:7e:c4:35:c3:
47:ea:81:5c:fc:54:c7:ee:be:25:98:da:68:fa:77:
57:c1:9f:a9:0c:2d:96:05:21:c2:da:89:20:07:04:
cd:43:10:12:07:9f:08:b7:5c:3b:7d:37:3b:3f:98:
49:a1:79:6d:4e:26:67:cb:c4:94:c7:1b:25:81:8b:
51:16:83:4f:93:61:b9:de:cc:40:7c:22:29:b0:9a:
5e:9a:b0:63:d5:7e:5d:be:fe:3a:e3:c2:d8:3a:78:
fa:2f:78:0b:9f:48:22:18:e1:c0:72:85:c8:ab:7d:
2f:08:2e:4b:b9:25:1c:4d:a2:5f:84:c8:00:0e:d9:
27:71:46:d9:07:e0:ef:b2:76:19:19:f1:44:11:44:
09:69:5b:80:35:22:5a:0a:1f:65:21:6a:ed:7e:c6:
9d:2e:1e:92:6d:e8:1d:9a:83:35:cf:5e:bb:52:d0:
15:19:66:dd:ed:2f:ca:a2:7e:04:6b:81:f4:5d:0f:
84:cb:55:25:0c:58:2a:32:9c:8e:02:fb:bf:e0:3c:
ab:f1:96:c5:5d:3a:f5:87:6a:77:f6:bf:1e:76:e9:
18:ad:6b:bc:13:a4:ba:50:09:b5:23:ea:e1:41:b1:
92:04:dd:0c:25:9a:2a:e3:dd:13:a5:04:cd:5b:2f:
42:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:2C:EB:D4:1D:46:71:E7:0A:AA:9F:55:FA:E6:54:40:45:F6:67:11
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C96C0942FE7411F0BD61C29ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.205.0/24
154.209.207.0/24
154.218.27.0/24
154.219.193.0-154.219.194.255
154.219.197.0/24
154.219.200.0/24
154.219.204.0-154.219.206.255
Signature Algorithm: sha256WithRSAEncryption
5b:49:60:81:87:da:ec:2f:ff:f4:3a:bb:9b:61:53:8e:dd:18:
f6:9c:6f:d6:67:09:a2:8f:e6:c2:6f:18:51:4a:9f:d3:19:dd:
de:08:b4:ba:a7:d5:a3:2c:d6:84:f0:33:9f:c9:27:ae:92:c2:
52:3a:6f:5f:83:29:e2:49:83:5a:68:25:b1:81:9a:8c:66:64:
25:53:58:6c:a1:dd:dd:9f:e7:d5:ae:fa:9d:41:cf:31:7f:77:
c0:12:58:1f:6b:c3:e7:74:dd:ea:ae:c6:96:d8:ec:04:64:73:
1e:d1:69:83:ec:8f:0f:d8:98:c7:c6:7c:1c:5d:67:87:b8:93:
82:d4:74:ac:2b:6e:67:1a:da:3e:df:41:3d:44:92:37:20:6b:
ca:e9:7f:48:d9:33:bf:73:cd:96:cf:54:33:5a:35:f6:81:b5:
5b:ea:69:18:d8:d5:91:49:34:f8:fd:de:6c:ff:73:40:22:6c:
2e:3a:2f:45:77:e3:e8:66:8d:52:2a:5e:5f:45:a8:8c:3a:99:
6c:c4:2f:00:6d:dd:3b:07:a8:b5:13:9a:66:21:eb:80:ac:62:
62:c0:8c:7b:32:cd:c7:45:7b:64:51:4b:cf:36:5f:71:dd:38:
84:35:bd:a9:33:4a:df:66:03:be:f0:49:39:ce:c9:7c:db:7a:
a9:65:9f:33
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIDAbesMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMTMxMDcxNjM1WhcNMjYwMzA4MDcxNjM1WjAYMRYw
FAYDVQQDEw02OTdkYWM1OC1kMmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw4m7k90J4lh5z37ENcNH6oFc/FTH7r4lmNpo+ndXwZ+pDC2WBSHC2okg
BwTNQxASB58It1w7fTc7P5hJoXltTiZny8SUxxslgYtRFoNPk2G53sxAfCIpsJpe
mrBj1X5dvv4648LYOnj6L3gLn0giGOHAcoXIq30vCC5LuSUcTaJfhMgADtkncUbZ
B+DvsnYZGfFEEUQJaVuANSJaCh9lIWrtfsadLh6SbegdmoM1z167UtAVGWbd7S/K
on4Ea4H0XQ+Ey1UlDFgqMpyOAvu/4Dyr8ZbFXTr1h2p39r8edukYrWu8E6S6UAm1
I+rhQbGSBN0MJZoq490TpQTNWy9CcwIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFDgs
69QdRnHnCqqfVfrmVEBF9mcRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOTZDMDk0MkZFNzQxMUYwQkQ2MUMyOUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAmtHNAwQAmtHPAwQAmtob
MAwDBACa28EDBACa28IDBACa28UDBACa28gwDAMEAprbzAMEAJrbzjANBgkqhkiG
9w0BAQsFAAOCAQEAW0lggYfa7C//9Dq7m2FTjt0Y9pxv1mcJoo/mwm8YUUqf0xnd
3gi0uqfVoyzWhPAzn8knrpLCUjpvX4Mp4kmDWmglsYGajGZkJVNYbKHd3Z/n1a76
nUHPMX93wBJYH2vD53Td6q7GltjsBGRzHtFpg+yPD9iYx8Z8HF1nh7iTgtR0rCtu
ZxraPt9BPUSSNyBryul/SNkzv3PNls9UM1o19oG1W+ppGNjVkUk0+P3ebP9zQCJs
LjovRXfj6GaNUipeX0WojDqZbMQvAG3dOweotROaZiHrgKxiYsCMezLNx0V7ZFFL
zzZfcd04hDW9qTNK32YDvvBJOc7JfNt6qWWfMw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:19:41 2026 by rpki-client