Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD1C4748032B11F1A4406695DAE4EC9C.roa
File: DD1C4748032B11F1A4406695DAE4EC9C.roa (raw, json)
Hash identifier: zJnsNPTD6Kox72A9UjyIdDJwl3uixc0TiXy4KTPzLno=
Subject key identifier: 68:34:5B:7A:F4:D9:AE:A2:B6:77:60:1F:FA:86:FA:A6:5D:25:F2:91
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B8AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD1C4748032B11F1A4406695DAE4EC9C.roa
Signing time: Fri 06 Feb 2026 07:17:16 +0000
ROA not before: Fri 06 Feb 2026 07:17:09 +0000
ROA not after: Wed 11 Mar 2026 07:17:09 +0000
asID: 401664
IP address blocks: 154.81.8.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112814 (0x1b8ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 6 07:17:09 2026 GMT
Not After : Mar 11 07:17:09 2026 GMT
Subject: CN=6985957c-3eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:36:ef:2c:f4:58:c3:7f:f9:8b:82:88:3d:0b:
94:bc:ca:ce:4b:93:2a:c1:d0:2b:07:78:ea:d8:bc:
e6:af:a5:7e:0d:af:d0:32:f1:0e:07:3d:d4:dc:dc:
0a:a7:f4:d9:c7:c5:24:48:9d:6c:9e:06:08:ef:db:
9e:4b:f7:80:61:3c:91:22:90:16:dc:23:2d:0b:60:
ea:fc:65:3c:7f:90:50:27:fc:96:af:98:d0:d4:07:
bb:4d:76:0b:ff:69:21:9b:8f:7d:46:cf:c3:d4:2c:
40:90:6c:a1:ea:65:4e:99:36:c2:d4:66:e0:87:f0:
0d:ca:62:ef:f3:bf:36:d2:8e:aa:e9:8a:aa:ce:7c:
bf:23:72:c9:3a:af:67:20:0e:0a:4b:b7:0c:cd:63:
36:26:c4:0a:2a:81:46:64:0a:86:c4:76:63:00:80:
27:d9:c1:bc:f5:90:e8:89:65:31:29:d8:6b:75:1b:
39:9b:10:35:34:e0:36:68:88:00:6c:11:83:00:34:
b7:1f:f2:39:07:4a:e6:89:45:f3:39:45:ca:ac:d4:
71:90:40:7b:52:a4:86:eb:71:fb:64:49:c6:0a:e6:
e4:b7:53:a2:6e:9c:be:e4:e7:c7:0c:d0:0a:a6:e3:
50:cf:7d:e4:16:dd:cf:1f:9e:12:16:72:be:34:39:
3a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:34:5B:7A:F4:D9:AE:A2:B6:77:60:1F:FA:86:FA:A6:5D:25:F2:91
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD1C4748032B11F1A4406695DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.8.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:33:7b:d8:1b:dd:f6:02:9e:22:b1:1c:75:ad:92:d3:9e:98:
9c:2b:e5:45:22:08:d7:26:6c:1a:40:5d:a6:5b:78:b2:52:8a:
fb:10:2d:30:68:d9:87:16:46:b2:6f:fe:0b:db:1e:d2:b2:e3:
ed:13:81:c4:21:08:bb:72:79:78:62:bd:a0:3a:7c:f8:a1:b0:
46:05:9e:bd:5c:9c:15:48:59:90:80:99:77:62:62:21:8b:8a:
d8:d9:14:02:02:22:59:f9:cc:1e:40:34:44:a3:2a:d1:83:0b:
01:07:e7:4f:27:10:d4:b6:54:1a:8c:f8:16:b3:d4:5c:13:a0:
5c:2a:d7:9b:b2:68:b3:3d:9b:9a:7f:c2:3f:b6:00:97:11:99:
bb:e4:04:e0:a1:18:ae:1c:f1:07:89:25:ae:75:06:91:ba:0e:
33:5b:46:46:a5:a2:13:0b:b0:5a:6a:5d:4b:aa:a3:d5:85:5d:
99:d0:74:b3:c0:2a:2b:e5:f9:20:c8:4d:0d:61:b8:d2:e2:02:
ce:13:ce:4a:aa:94:64:14:65:fc:2d:3d:1b:35:e8:0a:a5:6e:
02:26:20:42:e9:bd:72:90:45:da:8f:34:f7:ea:3f:be:9f:14:
c7:cd:0d:0c:2d:b8:6c:d1:60:e0:47:9b:85:d4:d2:32:5f:49:
30:56:d4:95
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbiuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjA2MDcxNzA5WhcNMjYwMzExMDcxNzA5WjAYMRYw
FAYDVQQDEw02OTg1OTU3Yy0zZWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxzbvLPRYw3/5i4KIPQuUvMrOS5MqwdArB3jq2Lzmr6V+Da/QMvEOBz3U
3NwKp/TZx8UkSJ1sngYI79ueS/eAYTyRIpAW3CMtC2Dq/GU8f5BQJ/yWr5jQ1Ae7
TXYL/2khm499Rs/D1CxAkGyh6mVOmTbC1Gbgh/ANymLv87820o6q6Yqqzny/I3LJ
Oq9nIA4KS7cMzWM2JsQKKoFGZAqGxHZjAIAn2cG89ZDoiWUxKdhrdRs5mxA1NOA2
aIgAbBGDADS3H/I5B0rmiUXzOUXKrNRxkEB7UqSG63H7ZEnGCubkt1Oibpy+5OfH
DNAKpuNQz33kFt3PH54SFnK+NDk6fQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGg0
W3r02a6itndgH/qG+qZdJfKRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERDFDNDc0ODAzMkIxMUYxQTQ0MDY2OTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlEIMA0GCSqGSIb3DQEB
CwUAA4IBAQAvM3vYG932Ap4isRx1rZLTnpicK+VFIgjXJmwaQF2mW3iyUor7EC0w
aNmHFkayb/4L2x7SsuPtE4HEIQi7cnl4Yr2gOnz4obBGBZ69XJwVSFmQgJl3YmIh
i4rY2RQCAiJZ+cweQDREoyrRgwsBB+dPJxDUtlQajPgWs9RcE6BcKtebsmizPZua
f8I/tgCXEZm75ATgoRiuHPEHiSWudQaRug4zW0ZGpaITC7Baal1LqqPVhV2Z0HSz
wCor5fkgyE0NYbjS4gLOE85KqpRkFGX8LT0bNegKpW4CJiBC6b1ykEXajzT36j++
nxTHzQ0MLbhs0WDgR5uF1NIyX0kwVtSV
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:19:35 2026 by rpki-client