Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E2DADA9612F311F1A71B4C8BDAE4EC9C.roa
File: E2DADA9612F311F1A71B4C8BDAE4EC9C.roa (raw, json)
Hash identifier: BjMiQ9KVlklw9cJobZt5qWZ0YqU/u62aSbNnlBP4Bh8=
Subject key identifier: B2:71:30:48:07:FF:FD:68:ED:CA:CA:C0:4E:F7:AC:14:01:3F:8B:70
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BC03
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E2DADA9612F311F1A71B4C8BDAE4EC9C.roa
Signing time: Thu 26 Feb 2026 09:16:52 +0000
ROA not before: Thu 26 Feb 2026 09:16:48 +0000
ROA not after: Mon 30 Mar 2026 09:16:48 +0000
asID: 401783
IP address blocks: 154.200.131.0/24 maxlen: 24
154.200.160.0/24 maxlen: 24
154.200.161.0/24 maxlen: 24
154.200.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113667 (0x1bc03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 26 09:16:48 2026 GMT
Not After : Mar 30 09:16:48 2026 GMT
Subject: CN=69a00f84-21ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:95:14:a4:bb:9d:19:00:12:c1:97:a2:80:d8:
fc:3d:fa:f5:90:13:92:b3:73:43:65:cb:08:e5:76:
48:72:b5:d5:5e:25:b6:d8:e6:8e:36:97:7a:38:25:
92:cc:b3:75:1d:97:d8:26:ca:df:f2:5e:ab:89:97:
55:0c:41:00:7b:3c:c1:f8:14:b5:c5:ab:e9:fd:3c:
e6:cd:ed:cc:94:92:ca:d4:23:5f:7f:4b:de:08:ae:
3c:5a:42:42:7b:6e:57:89:b1:b4:5c:c6:3e:b9:99:
00:0b:1f:28:44:73:d0:50:d3:52:fc:69:96:69:83:
37:24:af:63:cd:86:fa:79:03:dc:86:c6:a3:44:27:
ac:dd:32:d2:c9:46:60:be:e8:77:04:b7:c8:64:a5:
5f:19:e8:f0:b2:30:48:7b:cb:cc:46:86:81:39:5d:
01:6d:ac:52:0c:a8:a1:e3:45:1d:7d:c7:5a:9c:7e:
00:92:d4:f2:21:fd:4b:71:f4:df:6e:56:d3:66:b4:
6d:2d:e7:8c:5a:ba:bf:d2:01:39:7b:d0:99:be:55:
8d:77:f9:21:2f:2f:3f:1f:06:ec:4b:05:f1:7e:b7:
c8:bb:38:78:ad:17:27:f1:27:22:7d:22:f5:96:1b:
94:8c:95:71:98:74:04:21:34:5e:5f:c0:d1:01:e0:
c9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:71:30:48:07:FF:FD:68:ED:CA:CA:C0:4E:F7:AC:14:01:3F:8B:70
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E2DADA9612F311F1A71B4C8BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.131.0/24
154.200.160.0-154.200.162.255
Signature Algorithm: sha256WithRSAEncryption
61:46:1c:94:4e:dd:99:38:9c:25:61:fe:0c:c3:ae:38:dc:89:
1c:e6:b7:f7:16:30:15:0e:88:6d:ee:06:93:ef:0a:6e:2d:d5:
9e:33:8a:22:2c:42:00:c4:56:c7:d0:57:65:06:aa:5e:b4:a8:
c6:bc:b0:f4:40:a8:63:4e:c5:c7:f2:ea:d6:12:19:b3:e0:0c:
1c:b1:8a:9a:70:66:90:51:af:3a:1a:c6:9e:60:33:cd:db:88:
cb:30:8a:3d:a7:31:a1:5b:f2:bc:a0:85:44:4a:19:27:eb:68:
e1:e4:13:ce:39:94:f0:28:f6:30:94:4b:16:36:40:b9:10:02:
cc:f2:50:c8:c6:94:9c:15:d8:cc:aa:66:4a:ef:cb:4a:43:81:
1f:83:0a:21:c8:9d:31:06:e5:40:07:09:ab:e8:70:0c:67:d6:
0f:8a:71:9e:02:a6:4b:73:c3:43:8e:94:f9:65:5b:ba:2c:0d:
4b:44:87:4e:93:2c:28:1b:61:db:24:8d:47:5e:e7:32:28:b2:
e7:3a:43:11:7b:c3:39:b3:4d:08:a3:4b:34:44:ba:0c:d1:3c:
65:1a:70:f3:96:d2:6a:ea:51:a8:e5:a4:76:11:be:33:a7:2e:
a7:16:d1:06:98:92:19:bb:7f:ef:0e:1b:a7:e2:93:2c:d0:f6:
b5:8f:37:4d
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAbwDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjI2MDkxNjQ4WhcNMjYwMzMwMDkxNjQ4WjAYMRYw
FAYDVQQDEw02OWEwMGY4NC0yMWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwpUUpLudGQASwZeigNj8Pfr1kBOSs3NDZcsI5XZIcrXVXiW22OaONpd6
OCWSzLN1HZfYJsrf8l6riZdVDEEAezzB+BS1xavp/Tzmze3MlJLK1CNff0veCK48
WkJCe25XibG0XMY+uZkACx8oRHPQUNNS/GmWaYM3JK9jzYb6eQPchsajRCes3TLS
yUZgvuh3BLfIZKVfGejwsjBIe8vMRoaBOV0BbaxSDKih40UdfcdanH4AktTyIf1L
cfTfblbTZrRtLeeMWrq/0gE5e9CZvlWNd/khLy8/HwbsSwXxfrfIuzh4rRcn8Sci
fSL1lhuUjJVxmHQEITReX8DRAeDJlwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFLJx
MEgH//1o7crKwE73rBQBP4twMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMkRBREE5NjEyRjMxMUYxQTcxQjRDOEJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAmsiDMAwDBAWayKADBACa
yKIwDQYJKoZIhvcNAQELBQADggEBAGFGHJRO3Zk4nCVh/gzDrjjciRzmt/cWMBUO
iG3uBpPvCm4t1Z4ziiIsQgDEVsfQV2UGql60qMa8sPRAqGNOxcfy6tYSGbPgDByx
ippwZpBRrzoaxp5gM83biMswij2nMaFb8ryghURKGSfraOHkE845lPAo9jCUSxY2
QLkQAszyUMjGlJwV2MyqZkrvy0pDgR+DCiHInTEG5UAHCavocAxn1g+KcZ4Cpktz
w0OOlPllW7osDUtEh06TLCgbYdskjUde5zIosuc6QxF7wzmzTQijSzREugzRPGUa
cPOW0mrqUajlpHYRvjOnLqcW0QaYkhm7f+8OG6fikyzQ9rWPN00=
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:16:59 2026 by rpki-client