Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D80627AC2ADA11F1AC5FEDA4DAE4EC9C.roa
File: D80627AC2ADA11F1AC5FEDA4DAE4EC9C.roa (raw, json)
Hash identifier: pcZbMLvCJni8cKiS0aBslmjhQ2obWvVnp9cMvo6gpQo=
Subject key identifier: 0A:2F:D7:AD:2C:17:DA:6D:17:11:54:40:33:D1:93:76:EF:93:10:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C17B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D80627AC2ADA11F1AC5FEDA4DAE4EC9C.roa
Signing time: Sat 28 Mar 2026 19:18:05 +0000
ROA not before: Sat 28 Mar 2026 19:17:59 +0000
ROA not after: Sat 16 May 2026 19:17:59 +0000
asID: 137899
IP address blocks: 154.222.16.0/20 maxlen: 24
154.222.16.0/21 maxlen: 24
154.222.16.0/22 maxlen: 24
154.222.20.0/22 maxlen: 24
154.222.24.0/21 maxlen: 24
154.222.24.0/22 maxlen: 24
154.222.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115067 (0x1c17b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 28 19:17:59 2026 GMT
Not After : May 16 19:17:59 2026 GMT
Subject: CN=69c8296c-b579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c8:09:2e:d5:28:99:82:d2:72:12:63:a6:bd:
1b:a6:07:9b:0f:c5:fc:0b:21:2a:f3:1b:05:0b:21:
a4:ad:24:2c:78:b1:3f:07:76:3b:47:9d:d0:a2:ad:
88:4d:c7:fb:dd:cd:53:08:7c:79:6e:3b:5a:e0:f8:
82:bb:da:25:fc:75:21:50:21:05:93:7e:06:05:f2:
4b:11:0d:d0:0d:05:46:1f:6b:4b:4b:b4:35:69:71:
a3:e3:14:46:f7:79:8f:05:bc:c4:59:85:67:64:e6:
27:5b:c4:16:da:73:db:71:e3:48:d5:2c:77:b0:1d:
20:32:99:b0:1d:90:34:a1:be:6b:94:65:df:f4:9c:
74:7f:f1:c5:7f:e4:00:6f:c3:17:a6:fb:7c:c9:da:
03:1f:1c:ce:21:5a:3b:0b:cd:0f:8a:ff:b1:6c:d7:
6c:38:a7:62:c6:5e:72:41:53:e2:d2:32:69:fd:e5:
72:28:e8:56:49:5d:1f:2f:48:69:d7:ce:3f:41:45:
31:82:56:4c:b5:4e:40:84:64:99:72:41:2f:a1:3b:
af:82:63:29:6a:6f:73:7e:b7:b0:6a:e1:a4:6e:cb:
d0:c5:98:41:0c:ce:7f:58:be:d3:c2:85:e3:06:93:
90:01:6a:92:fb:3d:40:e1:f4:cc:b6:aa:a3:06:96:
46:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2F:D7:AD:2C:17:DA:6D:17:11:54:40:33:D1:93:76:EF:93:10:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D80627AC2ADA11F1AC5FEDA4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:49:40:21:a0:5c:a9:33:aa:2f:03:b3:98:d9:9f:b2:92:2e:
e7:b5:89:8b:fd:3f:db:7b:cb:65:dc:1f:25:a9:70:61:b7:55:
56:c6:16:f9:e7:a4:81:3b:be:02:40:7a:a2:07:bb:6c:35:02:
64:db:db:8b:1b:63:82:d5:b8:10:63:50:16:48:9b:84:23:70:
82:b6:19:c0:eb:19:d6:0d:7e:1a:4d:dd:1e:ea:b8:43:f8:0f:
81:58:13:be:73:8e:5b:c9:bd:7f:00:4a:fa:68:e2:46:54:78:
9c:86:5a:b8:8e:fe:66:b4:fd:dc:b6:36:09:8f:54:06:a6:94:
ae:8b:84:c5:6e:5d:93:42:8a:e1:c1:bc:d3:8c:e1:14:13:a3:
5a:d4:41:6e:1b:52:1e:60:f9:5e:0f:29:00:95:c7:2a:93:78:
a2:e1:f5:81:51:9c:1e:8b:27:e8:88:37:66:3c:e1:4e:46:05:
82:ae:9d:84:a3:e6:9d:3d:0e:2b:4e:ab:04:ee:99:84:09:54:
be:b6:11:4b:cd:5f:45:f4:35:10:ca:7a:0c:be:1f:f9:82:c7:
f1:9d:d4:ee:b9:59:94:26:c4:31:4b:8d:a3:19:2e:fb:89:5f:
1e:e9:0d:1a:24:c6:c2:9c:60:a7:13:72:a4:9e:53:8d:00:10:
ad:23:56:fe
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcF7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzI4MTkxNzU5WhcNMjYwNTE2MTkxNzU5WjAYMRYw
FAYDVQQDEw02OWM4Mjk2Yy1iNTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo8gJLtUomYLSchJjpr0bpgebD8X8CyEq8xsFCyGkrSQseLE/B3Y7R53Q
oq2ITcf73c1TCHx5bjta4PiCu9ol/HUhUCEFk34GBfJLEQ3QDQVGH2tLS7Q1aXGj
4xRG93mPBbzEWYVnZOYnW8QW2nPbceNI1Sx3sB0gMpmwHZA0ob5rlGXf9Jx0f/HF
f+QAb8MXpvt8ydoDHxzOIVo7C80Piv+xbNdsOKdixl5yQVPi0jJp/eVyKOhWSV0f
L0hp184/QUUxglZMtU5AhGSZckEvoTuvgmMpam9zfrewauGkbsvQxZhBDM5/WL7T
woXjBpOQAWqS+z1A4fTMtqqjBpZGdQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAov
160sF9ptFxFUQDPRk3bvkxAcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EODA2MjdBQzJBREExMUYxQUM1RkVEQTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQAPSUAhoFypM6ovA7OY2Z+yki7ntYmL/T/be8tl3B8lqXBht1VWxhb5
56SBO74CQHqiB7tsNQJk29uLG2OC1bgQY1AWSJuEI3CCthnA6xnWDX4aTd0e6rhD
+A+BWBO+c45byb1/AEr6aOJGVHichlq4jv5mtP3ctjYJj1QGppSui4TFbl2TQorh
wbzTjOEUE6Na1EFuG1IeYPleDykAlccqk3ii4fWBUZweiyfoiDdmPOFORgWCrp2E
o+adPQ4rTqsE7pmECVS+thFLzV9F9DUQynoMvh/5gsfxndTuuVmUJsQxS42jGS77
iV8e6Q0aJMbCnGCnE3KknlONABCtI1b+
-----END CERTIFICATE-----
Generated at Sat Apr 18 10:23:34 2026 by rpki-client