Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA0391E6118311F1B2DB98B4DAE4EC9C.roa
File: CA0391E6118311F1B2DB98B4DAE4EC9C.roa (raw, json)
Hash identifier: I5e3N3hyGdVnPyxu04hzywB9zb/TbGeqFox63tqezpU=
Subject key identifier: E6:33:BD:B0:23:61:2F:15:8F:5D:D5:09:34:EE:B7:18:32:B0:87:BD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BB6E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA0391E6118311F1B2DB98B4DAE4EC9C.roa
Signing time: Tue 24 Feb 2026 13:21:55 +0000
ROA not before: Tue 24 Feb 2026 13:21:51 +0000
ROA not after: Mon 30 Mar 2026 13:21:51 +0000
asID: 137899
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113518 (0x1bb6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 13:21:51 2026 GMT
Not After : Mar 30 13:21:51 2026 GMT
Subject: CN=699da5f3-0d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:46:bb:ae:44:6e:03:40:03:7d:d5:f6:f7:7c:
35:bd:6e:d0:3f:71:64:bd:87:75:f8:94:c8:1b:1f:
a3:6d:62:f6:b2:84:a2:33:c3:78:eb:9b:8b:ac:52:
11:0a:b8:69:24:47:8f:6e:d9:dd:fd:88:73:e2:59:
a8:b1:bb:2f:09:53:12:29:e6:6a:22:50:37:b5:a4:
35:87:c2:06:ab:87:ac:36:f2:7b:7f:aa:fe:e7:ba:
0e:8c:8e:49:5e:9e:b8:9a:2c:ea:c8:70:c2:90:5b:
52:4e:bd:3e:63:7c:7d:b3:a7:6a:a4:d2:10:7f:26:
e0:72:a6:74:43:57:4f:46:1f:cb:e0:2b:58:27:5a:
a7:99:8d:8e:89:6e:78:45:fa:48:eb:12:5e:0f:ed:
9d:48:a1:ea:0b:19:6c:06:a5:d7:96:86:6e:69:71:
47:a9:56:89:c4:85:44:58:55:75:a9:e5:62:4b:27:
20:2b:5f:2d:07:ca:62:a9:94:c2:5a:bf:54:2c:41:
8f:c6:8d:49:e2:04:a4:f1:aa:b0:8d:ef:b4:5f:9f:
2a:aa:06:dd:d9:ad:cf:61:a7:ca:80:f0:52:93:89:
79:40:e3:82:e7:b8:53:b3:3a:0b:21:2d:ce:8d:84:
71:b8:af:e4:5a:a7:5e:92:3a:31:70:37:54:c0:08:
f4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:33:BD:B0:23:61:2F:15:8F:5D:D5:09:34:EE:B7:18:32:B0:87:BD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA0391E6118311F1B2DB98B4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
18:cb:81:9c:b2:95:5e:41:38:7b:71:3b:e9:29:2b:96:eb:35:
83:a8:54:1f:19:95:51:0d:45:70:c5:6a:3c:3a:8f:0e:54:be:
fe:ef:8c:f5:70:88:ab:4c:38:00:32:5e:dd:82:f1:c5:8a:78:
b4:bd:d8:e2:48:d5:17:f1:91:58:2b:73:fe:1d:2c:6f:17:64:
de:69:0a:1c:da:ce:10:ec:87:87:98:02:fc:72:ff:d4:b2:27:
be:46:33:73:66:00:dc:42:b0:ea:82:f2:b5:c4:5d:94:26:67:
da:99:51:9f:a9:6a:6b:4f:54:42:76:da:7b:61:ba:90:42:6f:
5d:80:34:ea:6d:0b:9a:41:5f:ba:86:32:71:e3:88:64:27:e0:
d8:c3:b4:8e:24:7d:98:ee:7f:1e:f7:63:14:fc:27:45:24:2f:
67:bd:3c:87:ec:2b:e0:ee:93:70:70:eb:c0:38:0f:00:db:44:
7e:14:94:e2:b2:34:d0:36:0d:29:d5:b5:96:b8:b0:94:6c:96:
33:4c:d2:97:8e:e9:a2:dd:e2:94:56:b8:f0:05:eb:d9:86:59:
09:8d:09:9b:aa:e1:da:e3:63:0f:4f:e5:f4:8a:0a:a8:32:f1:
ca:c7:37:bb:b6:5e:6a:87:30:79:bb:9a:d8:ba:f2:c1:25:7a:
e2:49:a0:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbtuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI0MTMyMTUxWhcNMjYwMzMwMTMyMTUxWjAYMRYw
FAYDVQQDEw02OTlkYTVmMy0wZDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArka7rkRuA0ADfdX293w1vW7QP3FkvYd1+JTIGx+jbWL2soSiM8N465uL
rFIRCrhpJEePbtnd/Yhz4lmosbsvCVMSKeZqIlA3taQ1h8IGq4esNvJ7f6r+57oO
jI5JXp64mizqyHDCkFtSTr0+Y3x9s6dqpNIQfybgcqZ0Q1dPRh/L4CtYJ1qnmY2O
iW54RfpI6xJeD+2dSKHqCxlsBqXXloZuaXFHqVaJxIVEWFV1qeViSycgK18tB8pi
qZTCWr9ULEGPxo1J4gSk8aqwje+0X58qqgbd2a3PYafKgPBSk4l5QOOC57hTszoL
IS3OjYRxuK/kWqdekjoxcDdUwAj0tQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOYz
vbAjYS8Vj13VCTTutxgysIe9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQTAzOTFFNjExODMxMUYxQjJEQjk4QjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQAYy4GcspVeQTh7cTvpKSuW6zWDqFQfGZVRDUVwxWo8Oo8OVL7+74z1
cIirTDgAMl7dgvHFini0vdjiSNUX8ZFYK3P+HSxvF2TeaQoc2s4Q7IeHmAL8cv/U
sie+RjNzZgDcQrDqgvK1xF2UJmfamVGfqWprT1RCdtp7YbqQQm9dgDTqbQuaQV+6
hjJx44hkJ+DYw7SOJH2Y7n8e92MU/CdFJC9nvTyH7Cvg7pNwcOvAOA8A20R+FJTi
sjTQNg0p1bWWuLCUbJYzTNKXjumi3eKUVrjwBevZhlkJjQmbquHa42MPT+X0igqo
MvHKxze7tl5qhzB5u5rYuvLBJXriSaCF
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:16:41 2026 by rpki-client