Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5DFA9D2115611F1B1CACDA6DAE4EC9C.roa
File: D5DFA9D2115611F1B1CACDA6DAE4EC9C.roa (raw, json)
Hash identifier: MmDSt8/EAkoQmiCJMPalyg5NRXpAhlT53OZBMiwWO2E=
Subject key identifier: 56:E4:B8:1A:93:58:C8:EE:F4:F1:CC:17:75:A5:1D:8A:11:C3:2F:5B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BB26
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5DFA9D2115611F1B1CACDA6DAE4EC9C.roa
Signing time: Tue 24 Feb 2026 08:00:08 +0000
ROA not before: Tue 24 Feb 2026 08:00:01 +0000
ROA not after: Mon 30 Mar 2026 08:00:01 +0000
asID: 18013
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113446 (0x1bb26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 08:00:01 2026 GMT
Not After : Mar 30 08:00:01 2026 GMT
Subject: CN=699d5a88-2935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fc:f3:4e:3a:6f:d3:e6:1f:ad:fb:68:1b:9f:
5d:d3:28:95:d9:ba:0e:10:e9:1a:71:00:38:48:b0:
3b:b9:8a:41:46:1d:a7:b2:8c:f0:62:16:bf:78:de:
8e:a8:a9:dd:30:ef:2f:d9:fe:6e:d2:b8:f5:be:37:
1b:27:b4:72:12:2f:15:db:5f:5d:4f:28:5a:99:73:
96:52:e3:c2:b9:96:ce:44:25:83:ff:29:7b:6f:99:
0e:70:c5:80:08:7a:d8:91:12:3a:ce:ef:b5:1d:04:
10:ec:eb:5c:2d:1e:7a:f7:cf:5c:5f:4c:8b:b1:29:
ee:be:8c:21:5e:80:a2:e3:aa:85:c6:23:f2:9a:de:
f4:8b:94:47:5e:be:46:18:61:10:12:9a:08:23:78:
7b:97:d9:70:25:3c:e9:21:77:fc:fc:f5:e6:69:37:
c8:51:e2:ee:a4:de:a0:1f:08:4e:7b:20:22:95:b3:
89:ba:67:fb:02:cb:18:31:6a:23:17:e6:47:22:46:
14:7a:93:3e:e1:d1:a8:e3:e6:39:08:46:35:fd:2a:
a9:71:a6:d7:8a:97:d9:9d:fc:19:9d:ab:09:7c:ee:
b9:40:53:3f:ee:04:e7:91:07:62:8f:e8:40:0e:c7:
f4:53:ab:ef:1e:ab:76:43:88:8e:c2:1d:48:79:c7:
77:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E4:B8:1A:93:58:C8:EE:F4:F1:CC:17:75:A5:1D:8A:11:C3:2F:5B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5DFA9D2115611F1B1CACDA6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
c7:2d:85:9f:00:cc:eb:ab:0b:e7:00:d5:62:d8:a5:ad:ab:e5:
c3:f5:4a:b5:98:d6:a7:13:df:9a:67:28:05:e1:0d:15:1d:dd:
ef:59:8c:14:d6:85:5b:92:f2:32:6b:f4:5e:e2:27:a5:30:eb:
35:a3:72:df:ad:96:8f:d3:c5:94:bb:f3:7d:cf:0b:57:e9:4f:
04:f0:8b:3e:82:0d:22:e1:df:08:e0:5d:0c:74:93:0e:4d:24:
79:80:86:7a:c8:30:bd:02:09:86:af:16:4d:32:02:af:9f:9f:
f0:c5:b2:c5:b3:0e:70:0c:f7:e1:3f:aa:28:bc:71:48:ab:ae:
b8:6c:84:69:2a:39:c9:6d:f0:2c:79:42:31:92:a4:0d:95:38:
9f:2d:1d:da:9c:b1:e5:89:5c:51:eb:6a:f7:5a:0a:09:ed:e7:
d2:f3:9c:53:89:c0:3a:be:ab:73:96:5b:c9:5f:15:a7:a0:25:
13:78:85:5e:9c:04:86:f5:6b:26:41:0f:89:60:58:40:fe:07:
b2:03:0f:31:d5:9a:f4:e0:e6:2f:2e:73:01:99:cd:b0:20:69:
ce:67:5e:fc:5e:e0:ad:b1:cf:a1:70:05:5e:f6:f7:f6:5a:b8:
3c:f1:d5:da:e4:0d:90:fa:3d:b5:e9:09:09:64:ee:8b:18:de:
68:5e:b0:cc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbsmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI0MDgwMDAxWhcNMjYwMzMwMDgwMDAxWjAYMRYw
FAYDVQQDEw02OTlkNWE4OC0yOTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt/zzTjpv0+YfrftoG59d0yiV2boOEOkacQA4SLA7uYpBRh2nsozwYha/
eN6OqKndMO8v2f5u0rj1vjcbJ7RyEi8V219dTyhamXOWUuPCuZbORCWD/yl7b5kO
cMWACHrYkRI6zu+1HQQQ7OtcLR56989cX0yLsSnuvowhXoCi46qFxiPymt70i5RH
Xr5GGGEQEpoII3h7l9lwJTzpIXf8/PXmaTfIUeLupN6gHwhOeyAilbOJumf7AssY
MWojF+ZHIkYUepM+4dGo4+Y5CEY1/SqpcabXipfZnfwZnasJfO65QFM/7gTnkQdi
j+hADsf0U6vvHqt2Q4iOwh1Iecd3qQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFbk
uBqTWMju9PHMF3WlHYoRwy9bMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENURGQTlEMjExNTYxMUYxQjFDQUNEQTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQDHLYWfAMzrqwvnANVi2KWtq+XD9Uq1mNanE9+aZygF4Q0VHd3vWYwU
1oVbkvIya/Re4ielMOs1o3LfrZaP08WUu/N9zwtX6U8E8Is+gg0i4d8I4F0MdJMO
TSR5gIZ6yDC9AgmGrxZNMgKvn5/wxbLFsw5wDPfhP6oovHFIq664bIRpKjnJbfAs
eUIxkqQNlTifLR3anLHliVxR62r3WgoJ7efS85xTicA6vqtzllvJXxWnoCUTeIVe
nASG9WsmQQ+JYFhA/geyAw8x1Zr04OYvLnMBmc2wIGnOZ178XuCtsc+hcAVe9vf2
Wrg88dXa5A2Q+j216QkJZO6LGN5oXrDM
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:17:12 2026 by rpki-client