Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCF9F6A60BD611F1B70E10D9DAE4EC9C.roa
File: FCF9F6A60BD611F1B70E10D9DAE4EC9C.roa (raw, json)
Hash identifier: idnPpq470Ql7kUfIdbVl3d+LR2j6dqscc3RgOsTk9As=
Subject key identifier: A0:31:B5:FC:46:F7:DE:58:06:07:97:63:8B:0E:D2:D1:55:71:DF:EA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B9EF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCF9F6A60BD611F1B70E10D9DAE4EC9C.roa
Signing time: Tue 17 Feb 2026 08:02:22 +0000
ROA not before: Tue 17 Feb 2026 08:02:18 +0000
ROA not after: Tue 24 Mar 2026 08:02:18 +0000
asID: 400619
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113135 (0x1b9ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 17 08:02:18 2026 GMT
Not After : Mar 24 08:02:18 2026 GMT
Subject: CN=6994208e-8405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:2d:d6:b5:b0:7d:88:26:ee:bc:6a:0d:fa:d3:
8c:4a:fa:09:1b:d5:5d:b6:f8:f9:d2:b5:40:a2:ae:
04:50:7c:99:b2:7c:aa:68:02:91:e7:bf:a5:4a:92:
b4:84:dc:61:13:fe:24:b1:1b:ff:63:80:1e:d7:16:
96:c5:99:50:61:f6:98:47:db:2d:7a:18:28:59:a4:
c7:4d:1b:d3:b1:f1:2f:85:46:12:d0:32:11:89:70:
94:ad:c2:16:ce:47:ef:fd:85:27:16:3c:df:a7:31:
e4:6f:b9:ae:fa:3b:83:7b:19:f1:df:42:aa:07:2b:
9b:f5:92:88:d6:2f:56:d5:ef:14:86:8c:ca:32:de:
8b:68:81:cb:af:ec:77:a4:71:e7:c3:6b:9e:da:cd:
58:ba:39:04:1a:1d:2c:ef:8c:2e:31:86:3e:56:e2:
f3:e4:2c:30:a6:a5:f5:64:1f:8c:11:6d:de:20:f3:
de:14:6b:1f:cf:a6:6b:94:73:fb:1a:c1:b0:92:ab:
48:58:19:38:b9:e2:9e:15:f1:1e:89:43:dc:81:05:
e0:7b:69:00:dd:66:35:33:14:1c:19:5b:9f:99:39:
0c:86:4d:71:78:99:68:31:69:50:91:ca:82:7b:e1:
93:3d:bb:e2:3c:c9:f3:23:70:45:b2:ff:82:07:07:
23:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:31:B5:FC:46:F7:DE:58:06:07:97:63:8B:0E:D2:D1:55:71:DF:EA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCF9F6A60BD611F1B70E10D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
Signature Algorithm: sha256WithRSAEncryption
cb:93:7d:60:45:36:d7:94:7b:08:aa:03:78:32:d0:e8:20:ae:
af:a6:a4:a2:f5:bd:80:a2:9c:f5:5b:3e:08:55:9b:8f:f0:a9:
00:96:8d:a8:ac:9a:3a:1d:1b:d4:22:fa:5c:eb:9a:a0:eb:95:
87:76:0c:52:cc:52:10:7c:ab:49:73:3b:82:b5:30:d1:74:92:
dc:81:09:e2:3f:d3:00:e6:8d:93:98:b4:da:10:ba:40:ef:ad:
fa:78:00:93:b3:8d:b2:41:1f:be:15:7a:87:fb:2e:7c:a6:96:
43:6b:aa:79:ff:05:41:e5:96:57:8d:01:0c:09:b1:b3:30:47:
3e:0b:9a:5b:6d:8a:f2:c0:36:92:7a:f5:ff:14:ae:4a:bc:a1:
1b:de:01:ef:5d:28:4d:14:46:0c:a8:5b:27:a7:87:cb:89:10:
9d:07:c9:19:4c:ca:11:d8:91:99:13:58:8a:8c:89:84:93:15:
b4:99:fd:ce:82:cb:e6:c5:18:65:fe:98:f1:cb:4d:0f:b9:77:
c5:89:ee:05:c3:ac:68:77:20:1f:ae:8e:30:e7:be:0c:c1:45:
39:0a:99:38:79:4e:70:52:e2:26:2f:c0:af:cb:ea:bf:17:92:
4a:62:3e:33:a8:53:37:6c:4a:dc:03:ec:b5:9b:15:41:31:bb:
db:18:90:72
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAbnvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjE3MDgwMjE4WhcNMjYwMzI0MDgwMjE4WjAYMRYw
FAYDVQQDEw02OTk0MjA4ZS04NDA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8i3WtbB9iCbuvGoN+tOMSvoJG9Vdtvj50rVAoq4EUHyZsnyqaAKR57+l
SpK0hNxhE/4ksRv/Y4Ae1xaWxZlQYfaYR9stehgoWaTHTRvTsfEvhUYS0DIRiXCU
rcIWzkfv/YUnFjzfpzHkb7mu+juDexnx30KqByub9ZKI1i9W1e8UhozKMt6LaIHL
r+x3pHHnw2ue2s1YujkEGh0s74wuMYY+VuLz5CwwpqX1ZB+MEW3eIPPeFGsfz6Zr
lHP7GsGwkqtIWBk4ueKeFfEeiUPcgQXge2kA3WY1MxQcGVufmTkMhk1xeJloMWlQ
kcqCe+GTPbviPMnzI3BFsv+CBwcjcQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKAx
tfxG995YBgeXY4sO0tFVcd/qMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQ0Y5RjZBNjBCRDYxMUYxQjcwRTEwRDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASaWZADBASaWcAwDQYJ
KoZIhvcNAQELBQADggEBAMuTfWBFNteUewiqA3gy0Oggrq+mpKL1vYCinPVbPghV
m4/wqQCWjaismjodG9Qi+lzrmqDrlYd2DFLMUhB8q0lzO4K1MNF0ktyBCeI/0wDm
jZOYtNoQukDvrfp4AJOzjbJBH74Veof7LnymlkNrqnn/BUHllleNAQwJsbMwRz4L
mlttivLANpJ69f8Urkq8oRveAe9dKE0URgyoWyenh8uJEJ0HyRlMyhHYkZkTWIqM
iYSTFbSZ/c6Cy+bFGGX+mPHLTQ+5d8WJ7gXDrGh3IB+ujjDnvgzBRTkKmTh5TnBS
4iYvwK/L6r8XkkpiPjOoUzdsStwD7LWbFUExu9sYkHI=
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:18:39 2026 by rpki-client