Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D68438000FCE11F1A8F759C2DAE4EC9C.roa
File: D68438000FCE11F1A8F759C2DAE4EC9C.roa (raw, json)
Hash identifier: TcAD4eYELiG2cUfdl5rmxtg5yakBQx01OU8f2w8AJa4=
Subject key identifier: C5:F6:9F:3E:88:E5:D7:79:C7:20:DB:22:BE:42:CA:9D:66:64:95:D7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BB02
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D68438000FCE11F1A8F759C2DAE4EC9C.roa
Signing time: Sun 22 Feb 2026 09:14:06 +0000
ROA not before: Sun 22 Feb 2026 09:14:00 +0000
ROA not after: Wed 04 Mar 2026 09:14:00 +0000
asID: 151352
IP address blocks: 154.82.136.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113410 (0x1bb02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 22 09:14:00 2026 GMT
Not After : Mar 4 09:14:00 2026 GMT
Subject: CN=699ac8de-7312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b4:14:8c:b0:5d:c4:66:bf:cb:ed:6e:64:8a:
c5:2c:bb:8d:6c:62:01:ff:d9:8c:76:3b:f1:9b:ec:
e2:38:ae:ff:4b:ab:58:cc:34:00:fa:61:29:c9:bc:
50:d1:bc:88:3b:a8:ec:22:c4:d2:86:c5:05:ef:a7:
6f:34:c9:7c:d4:60:a3:3e:d9:0e:04:21:7f:e8:31:
1e:3f:1d:69:58:50:a4:f8:5e:7d:82:38:f5:e8:e7:
13:d7:f9:4e:f8:8e:85:78:f7:b1:56:4a:d3:9c:4f:
62:f0:9b:82:54:60:bd:f7:9d:f1:13:97:c0:54:90:
b4:0a:19:4b:11:fc:6a:d3:d4:57:9a:50:7f:c4:df:
6f:9c:1f:9b:91:00:99:ef:81:f2:7c:c6:f3:c5:46:
46:fa:10:03:47:5e:18:1a:95:06:30:c4:92:15:d5:
d5:a4:ac:66:da:d2:09:8b:ed:a2:36:1c:c7:1a:73:
93:9b:95:2b:75:11:0d:ab:64:b4:b8:56:c2:7c:1f:
20:49:e7:0a:6d:a0:0b:03:f4:b3:63:07:05:c1:4d:
72:8a:9e:2f:4e:b0:0a:e0:c5:1b:d2:aa:2d:ea:c0:
be:7d:f4:15:c0:a6:96:f1:01:7f:79:e1:86:8f:18:
d4:7b:9b:7a:76:97:1f:5f:44:32:b5:65:92:a4:37:
bb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F6:9F:3E:88:E5:D7:79:C7:20:DB:22:BE:42:CA:9D:66:64:95:D7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D68438000FCE11F1A8F759C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.136.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:47:44:56:34:5e:aa:29:53:24:8e:3e:59:cc:6e:68:5d:db:
ac:d9:77:4c:09:80:21:a5:5c:08:3f:5b:14:9b:f3:0f:69:01:
78:56:b0:ab:b2:5e:c1:d6:cc:0e:cf:cc:77:52:bc:db:10:1d:
71:89:b6:5f:16:18:ea:85:63:02:b7:bb:70:89:3d:0f:6f:be:
26:3d:b9:52:61:ef:6f:a9:b5:d8:29:2e:26:89:32:a9:4b:20:
e7:85:34:9a:8a:f0:f7:00:20:54:80:7d:47:bc:5d:43:ac:1b:
ff:8c:d0:01:04:1b:c2:4c:c2:78:4b:bf:11:4e:13:d3:ad:22:
83:9a:3c:27:e1:5f:04:20:94:a6:48:7d:53:f2:b1:f9:b1:e0:
e6:40:61:1c:44:d8:17:06:02:65:ea:2e:d0:d0:d2:be:e9:5b:
b0:a8:ba:05:ae:7b:17:8e:ee:03:43:b9:e5:40:1e:97:72:46:
5c:8c:cf:74:b3:d9:a7:fa:24:f1:3f:6b:90:e4:61:43:f9:91:
07:5f:e1:45:5c:4c:0f:df:b2:b9:a0:d6:5f:25:c1:9b:cb:17:
33:51:e0:45:3d:be:7d:fd:78:0a:ab:ed:7b:e4:60:ba:c1:51:
66:9c:8d:b6:27:e2:19:d9:61:dc:05:9c:ed:a9:7a:a6:de:3a:
dc:77:2c:8b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbsCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjIyMDkxNDAwWhcNMjYwMzA0MDkxNDAwWjAYMRYw
FAYDVQQDEw02OTlhYzhkZS03MzEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqbQUjLBdxGa/y+1uZIrFLLuNbGIB/9mMdjvxm+ziOK7/S6tYzDQA+mEp
ybxQ0byIO6jsIsTShsUF76dvNMl81GCjPtkOBCF/6DEePx1pWFCk+F59gjj16OcT
1/lO+I6FePexVkrTnE9i8JuCVGC9953xE5fAVJC0ChlLEfxq09RXmlB/xN9vnB+b
kQCZ74HyfMbzxUZG+hADR14YGpUGMMSSFdXVpKxm2tIJi+2iNhzHGnOTm5UrdREN
q2S0uFbCfB8gSecKbaALA/SzYwcFwU1yip4vTrAK4MUb0qot6sC+ffQVwKaW8QF/
eeGGjxjUe5t6dpcfX0QytWWSpDe70QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMX2
nz6I5dd5xyDbIr5Cyp1mZJXXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENjg0MzgwMDBGQ0UxMUYxQThGNzU5QzJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlKIMA0GCSqGSIb3DQEB
CwUAA4IBAQA7R0RWNF6qKVMkjj5ZzG5oXdus2XdMCYAhpVwIP1sUm/MPaQF4VrCr
sl7B1swOz8x3UrzbEB1xibZfFhjqhWMCt7twiT0Pb74mPblSYe9vqbXYKS4miTKp
SyDnhTSaivD3ACBUgH1HvF1DrBv/jNABBBvCTMJ4S78RThPTrSKDmjwn4V8EIJSm
SH1T8rH5seDmQGEcRNgXBgJl6i7Q0NK+6VuwqLoFrnsXju4DQ7nlQB6XckZcjM90
s9mn+iTxP2uQ5GFD+ZEHX+FFXEwP37K5oNZfJcGbyxczUeBFPb59/XgKq+175GC6
wVFmnI22J+IZ2WHcBZztqXqm3jrcdyyL
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:50:52 2026 by rpki-client