Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4B7E682FE7711F0B0CA40ABDAE4EC9C.roa
File: E4B7E682FE7711F0B0CA40ABDAE4EC9C.roa (raw, json)
Hash identifier: G+eDhgm9y7abQQeqOCJyqqbqR/CveOLCbjJGrQxD1ew=
Subject key identifier: 90:CE:55:DD:3D:9C:2F:D4:D2:FD:1D:6E:59:B8:36:87:00:07:C5:70
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B7B4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4B7E682FE7711F0B0CA40ABDAE4EC9C.roa
Signing time: Sat 31 Jan 2026 07:38:54 +0000
ROA not before: Sat 31 Jan 2026 07:38:49 +0000
ROA not after: Sun 08 Mar 2026 07:38:49 +0000
asID: 49505
IP address blocks: 154.209.208.0/24 maxlen: 24
154.209.209.0/24 maxlen: 24
154.209.210.0/24 maxlen: 24
154.209.211.0/24 maxlen: 24
154.209.212.0/24 maxlen: 24
154.209.213.0/24 maxlen: 24
154.209.214.0/24 maxlen: 24
154.209.215.0/24 maxlen: 24
154.209.216.0/24 maxlen: 24
154.209.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112564 (0x1b7b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 31 07:38:49 2026 GMT
Not After : Mar 8 07:38:49 2026 GMT
Subject: CN=697db18e-b115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e5:94:35:47:1a:03:d7:b5:7a:ff:27:c1:0c:
00:34:b8:95:c1:6c:ee:65:3c:06:d1:25:a4:cb:c4:
ad:e3:d4:c5:f4:35:d6:e2:f2:a5:85:f7:80:5e:25:
83:3f:e2:7c:38:54:1d:f0:ae:f1:9c:de:12:10:f8:
ef:08:94:31:d8:67:ea:65:2c:f5:e8:71:2b:24:48:
86:db:c0:f9:14:b5:c6:ef:b8:32:7d:d9:89:cc:96:
2a:c0:61:33:18:3d:3b:1d:3e:24:4d:17:17:63:d7:
99:90:6d:f8:a0:02:09:73:94:8f:12:8e:b5:04:d1:
4d:1d:cf:3b:e1:98:a7:61:ce:ee:c4:ca:44:64:2e:
8b:3f:80:24:cf:25:95:00:0d:1f:50:f2:95:e9:1c:
e7:65:6c:c5:3d:df:5d:40:a5:2a:01:43:50:bc:ce:
d8:b0:bc:c7:78:b4:f2:d2:25:29:d2:af:46:c8:da:
1d:b1:a0:3a:6e:f1:d8:58:45:25:f4:1d:85:03:d5:
fe:a5:5e:df:20:c3:03:fd:79:3a:b2:de:e2:18:35:
ee:9e:21:b3:9b:25:05:a5:ef:a5:cb:b8:b3:84:d6:
aa:21:28:5b:c6:58:01:4c:2a:02:9a:8b:2f:08:f1:
6b:89:92:f5:5c:77:7c:ea:68:15:a3:b6:a7:e0:2f:
29:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CE:55:DD:3D:9C:2F:D4:D2:FD:1D:6E:59:B8:36:87:00:07:C5:70
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4B7E682FE7711F0B0CA40ABDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.208.0-154.209.217.255
Signature Algorithm: sha256WithRSAEncryption
c9:ed:66:d1:09:c8:e3:f6:c8:d3:a4:22:97:26:35:8b:9a:5b:
49:89:02:1b:78:48:62:a5:a3:f8:68:57:7e:14:d0:6c:8e:9a:
16:24:ae:4e:32:0a:ac:84:a8:03:74:dc:a6:de:33:2a:62:43:
9b:12:e0:7c:8f:97:ff:28:f4:28:02:1a:c6:4b:25:6a:b3:d1:
bc:18:f5:c4:53:da:e6:ce:18:a8:c4:8e:70:fb:d0:3b:b9:18:
7a:dc:72:78:9d:87:e3:d0:a5:34:3c:0e:a5:68:3e:6f:90:cf:
28:12:f4:05:9c:e6:4f:ff:73:62:e4:2d:b9:79:db:f4:d4:b7:
a6:9a:a7:90:02:c3:25:51:da:8c:1b:b9:ce:3f:75:a4:c4:de:
f9:08:de:5e:92:13:e2:d9:66:78:90:14:ae:63:9b:d6:4b:f0:
50:49:9b:14:c1:96:2d:75:0d:6c:5e:e5:bf:b9:ee:66:8f:19:
5b:bc:e0:10:f5:a9:e8:44:0e:6c:3d:98:3f:3e:9b:1e:41:f7:
36:27:71:dd:09:e6:4a:e1:af:54:1e:65:7f:46:30:6f:64:9b:
f7:77:b0:3c:2b:6e:bb:14:87:20:4b:d6:e4:c9:de:9c:1c:52:
34:6f:01:33:ce:60:64:ea:8d:f9:81:5a:bd:4b:fe:5b:e8:d3:
c7:a1:f6:3d
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAbe0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMTMxMDczODQ5WhcNMjYwMzA4MDczODQ5WjAYMRYw
FAYDVQQDEw02OTdkYjE4ZS1iMTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnOWUNUcaA9e1ev8nwQwANLiVwWzuZTwG0SWky8St49TF9DXW4vKlhfeA
XiWDP+J8OFQd8K7xnN4SEPjvCJQx2GfqZSz16HErJEiG28D5FLXG77gyfdmJzJYq
wGEzGD07HT4kTRcXY9eZkG34oAIJc5SPEo61BNFNHc874ZinYc7uxMpEZC6LP4Ak
zyWVAA0fUPKV6RznZWzFPd9dQKUqAUNQvM7YsLzHeLTy0iUp0q9GyNodsaA6bvHY
WEUl9B2FA9X+pV7fIMMD/Xk6st7iGDXuniGzmyUFpe+ly7izhNaqIShbxlgBTCoC
mosvCPFriZL1XHd86mgVo7an4C8pXQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJDO
Vd09nC/U0v0dblm4NocAB8VwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNEI3RTY4MkZFNzcxMUYwQjBDQTQwQUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASa0dADBAGa0dgwDQYJ
KoZIhvcNAQELBQADggEBAMntZtEJyOP2yNOkIpcmNYuaW0mJAht4SGKlo/hoV34U
0GyOmhYkrk4yCqyEqAN03KbeMypiQ5sS4HyPl/8o9CgCGsZLJWqz0bwY9cRT2ubO
GKjEjnD70Du5GHrccnidh+PQpTQ8DqVoPm+QzygS9AWc5k//c2LkLbl52/TUt6aa
p5ACwyVR2owbuc4/daTE3vkI3l6SE+LZZniQFK5jm9ZL8FBJmxTBli11DWxe5b+5
7maPGVu84BD1qehEDmw9mD8+mx5B9zYncd0J5krhr1QeZX9GMG9km/d3sDwrbrsU
hyBL1uTJ3pwcUjRvATPOYGTqjfmBWr1L/lvo08eh9j0=
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:39:54 2026 by rpki-client