Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDCD25CEFA9E11F0A5DBED84DAE4EC9C.roa
File: FDCD25CEFA9E11F0A5DBED84DAE4EC9C.roa (raw, json)
Hash identifier: E/HMZXzhj8XThTWYn2+guzduzp0zISvJePAC7Ewx3RE=
Subject key identifier: F4:ED:97:F6:B3:9B:2D:4A:E5:FA:73:63:45:F1:73:F1:81:C5:3F:EA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B6E1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDCD25CEFA9E11F0A5DBED84DAE4EC9C.roa
Signing time: Mon 26 Jan 2026 10:08:42 +0000
ROA not before: Mon 26 Jan 2026 10:08:37 +0000
ROA not after: Sat 07 Mar 2026 10:08:37 +0000
asID: 20326
IP address blocks: 154.193.130.0/24 maxlen: 24
154.193.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112353 (0x1b6e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 26 10:08:37 2026 GMT
Not After : Mar 7 10:08:37 2026 GMT
Subject: CN=69773d2a-8ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:11:53:b5:47:71:8f:70:34:fb:6a:15:bb:
86:e6:61:3c:d4:06:24:2f:bf:db:6b:cc:af:45:e5:
18:59:27:13:19:b8:5c:a5:c8:f9:31:60:43:fa:7d:
b7:02:2d:56:b1:3c:cc:6a:fc:20:3b:e0:0b:95:07:
39:55:47:3c:ce:c6:d9:35:c2:cd:5c:b9:17:58:71:
da:0a:eb:50:19:19:cf:12:c9:d6:0d:3e:aa:de:ce:
f0:ff:bc:5a:3c:3e:a1:65:e1:b0:4f:e4:5b:11:d3:
76:d1:16:d0:23:fc:32:b7:e2:68:0d:98:4d:e7:f4:
bd:67:00:1b:9c:fd:13:fb:db:1b:99:3a:42:62:5d:
22:fb:cb:b1:30:0d:c4:09:d7:47:92:ea:34:10:cd:
44:9e:4a:40:d3:d2:af:be:e1:23:6d:af:3d:87:98:
36:be:bd:56:98:4a:f9:1c:d5:04:9c:52:56:70:f4:
14:19:6f:02:8b:2f:8d:06:44:3e:56:f9:1a:d9:b5:
8e:83:44:6a:9c:59:7d:27:16:13:eb:32:c7:59:53:
94:6e:b4:a0:54:eb:98:9f:a3:58:99:5f:ad:24:24:
ff:ba:60:49:41:ce:b4:76:cf:b3:66:45:f5:73:79:
ff:91:89:74:0f:0a:af:af:67:2f:6a:6b:74:61:17:
a0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:ED:97:F6:B3:9B:2D:4A:E5:FA:73:63:45:F1:73:F1:81:C5:3F:EA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDCD25CEFA9E11F0A5DBED84DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.130.0/24
154.193.163.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:bb:9d:32:a4:94:cf:f2:80:48:e1:f5:58:cd:ee:b0:b1:1b:
11:1b:a7:58:82:da:e0:e1:52:85:75:7f:db:e2:2b:61:dd:c8:
a7:4f:dd:23:ec:eb:6d:f5:5e:0d:03:f2:fc:1e:29:27:b6:28:
9a:41:8a:d0:de:0f:a5:89:a9:0b:08:4b:49:09:83:1f:d0:7a:
0a:48:04:21:e5:89:41:8a:cf:28:eb:7f:1f:d4:0f:6d:65:cf:
ca:7a:1c:55:d3:95:94:63:82:34:1c:2a:6c:ba:9c:bf:6e:5f:
77:80:ab:7d:77:12:eb:4d:dc:66:3a:23:c7:e3:0b:c6:9b:6f:
9c:32:cd:65:0f:94:0d:82:d5:38:43:20:8d:23:90:f6:bb:84:
d5:06:19:5e:f3:9b:e5:ab:8c:cd:03:b9:bd:98:df:07:74:7a:
5b:07:fd:f8:9b:92:eb:e4:b7:d7:66:8f:ee:e8:8b:76:b3:5e:
30:63:5c:70:6d:00:ce:f7:09:19:17:99:41:71:e1:0f:77:57:
83:66:48:da:0d:cc:e9:1e:b0:0e:cd:9e:05:3d:5a:00:14:b1:
3f:ce:2b:66:ca:a0:d9:f0:5e:a1:89:2d:e4:5d:84:94:87:38:
4c:9f:9c:af:cb:c3:2f:44:b7:97:be:33:4a:3a:99:e1:c9:ee:
a0:09:89:5c
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAbbhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMTI2MTAwODM3WhcNMjYwMzA3MTAwODM3WjAYMRYw
FAYDVQQDEw02OTc3M2QyYS04ZWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQURU7VHcY9wNPtqFbuG5mE81AYkL7/ba8yvReUYWScTGbhcpcj5MWBD
+n23Ai1WsTzMavwgO+ALlQc5VUc8zsbZNcLNXLkXWHHaCutQGRnPEsnWDT6q3s7w
/7xaPD6hZeGwT+RbEdN20RbQI/wyt+JoDZhN5/S9ZwAbnP0T+9sbmTpCYl0i+8ux
MA3ECddHkuo0EM1EnkpA09KvvuEjba89h5g2vr1WmEr5HNUEnFJWcPQUGW8Ciy+N
BkQ+Vvka2bWOg0RqnFl9JxYT6zLHWVOUbrSgVOuYn6NYmV+tJCT/umBJQc60ds+z
ZkX1c3n/kYl0Dwqvr2cvamt0YReggQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFPTt
l/azmy1K5fpzY0Xxc/GBxT/qMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRENEMjVDRUZBOUUxMUYwQTVEQkVEODREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsGCAwQAmsGjMA0GCSqG
SIb3DQEBCwUAA4IBAQDIu50ypJTP8oBI4fVYze6wsRsRG6dYgtrg4VKFdX/b4ith
3cinT90j7Ott9V4NA/L8HikntiiaQYrQ3g+liakLCEtJCYMf0HoKSAQh5YlBis8o
638f1A9tZc/KehxV05WUY4I0HCpsupy/bl93gKt9dxLrTdxmOiPH4wvGm2+cMs1l
D5QNgtU4QyCNI5D2u4TVBhle85vlq4zNA7m9mN8HdHpbB/34m5Lr5LfXZo/u6It2
s14wY1xwbQDO9wkZF5lBceEPd1eDZkjaDczpHrAOzZ4FPVoAFLE/zitmyqDZ8F6h
iS3kXYSUhzhMn5yvy8MvRLeXvjNKOpnhye6gCYlc
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:05:48 2026 by rpki-client