Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54C2C56451C511F1BC7DF61BCF1D38B0.roa
File: 54C2C56451C511F1BC7DF61BCF1D38B0.roa (raw, json)
Hash identifier: Qxz4I2Z7esetUuPVM5nQdj54K5s6ZnGwekUMCt61ZvY=
Subject key identifier: 90:65:7F:C5:32:6B:24:3E:C0:C3:43:00:42:55:C6:7F:7C:33:43:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01CC1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54C2C56451C511F1BC7DF61BCF1D38B0.roa
Signing time: Sun 17 May 2026 07:52:20 +0000
ROA not before: Sun 17 May 2026 07:52:14 +0000
ROA not after: Wed 24 Jun 2026 07:52:14 +0000
asID: 402169
IP address blocks: 154.202.117.0/24 maxlen: 24
154.202.120.0/21 maxlen: 24
154.217.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117788 (0x1cc1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 17 07:52:14 2026 GMT
Not After : Jun 24 07:52:14 2026 GMT
Subject: CN=6a0973b4-0432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:88:e2:0c:78:f2:18:6c:e4:ff:0a:e2:7f:40:
91:d3:3f:e7:f1:29:20:ca:bd:88:a0:bc:23:83:f4:
d3:19:3b:ea:ef:e8:c6:48:52:f3:c4:48:3d:64:ac:
b2:4e:98:9f:b3:9f:44:a9:38:7b:d6:97:04:59:28:
f4:de:25:a2:31:81:22:90:00:75:cf:7e:07:f0:73:
24:92:3f:38:85:f3:f3:4f:1e:4b:a1:a1:f0:f9:ef:
9a:74:35:fd:1e:04:6b:66:e1:e8:75:5e:e8:84:e6:
15:c4:fc:84:bf:86:56:19:b5:d7:0c:1f:c1:77:10:
67:f0:29:44:ea:a8:f6:f3:2b:67:65:d5:da:a4:0b:
0b:ae:84:c6:6a:52:cb:b5:7f:2a:00:31:53:7b:8e:
f3:ca:de:d2:c1:5d:21:23:24:2a:c7:94:8a:22:14:
c7:a8:9a:f1:ab:85:b8:ab:ac:be:92:93:37:60:b1:
11:cb:ff:6a:ed:f0:ec:8b:9d:5b:35:38:e4:a7:7d:
5d:db:c3:4b:0e:c0:39:88:22:b1:28:2d:6d:f3:d7:
7c:8d:31:c8:bf:6a:a1:f7:e4:68:82:30:1e:62:b5:
07:0b:15:8c:4f:71:a3:4a:71:55:73:0b:e3:25:26:
8f:6a:00:78:0c:bc:03:09:15:66:1d:c1:d2:c3:d7:
a0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:65:7F:C5:32:6B:24:3E:C0:C3:43:00:42:55:C6:7F:7C:33:43:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54C2C56451C511F1BC7DF61BCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
154.202.120.0/21
154.217.234.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:27:94:3f:93:43:38:a9:f4:9c:4a:da:bd:97:f9:e6:19:55:
0e:5b:3e:b6:7a:93:f3:53:be:13:a3:93:38:ab:ba:bf:2b:e0:
aa:ec:27:5d:bd:af:8c:37:19:c7:75:3f:00:da:d7:34:26:23:
e3:e4:58:eb:1a:c7:b1:18:f9:d9:74:44:1f:53:8a:8d:bf:bb:
a9:b1:95:52:a1:9c:f5:f9:a1:60:26:a9:f4:54:df:e7:e2:bd:
c3:d5:6d:53:42:1e:6d:d5:75:f5:3c:28:23:5c:8a:78:36:8e:
4b:f6:41:b2:ee:40:91:1d:ca:38:d8:ee:3d:6c:3d:a7:0d:9f:
ae:e1:8f:e1:c9:1b:06:bb:e3:bd:47:48:2c:e9:cb:4e:ae:fe:
2e:13:a4:36:63:e4:a6:9c:c8:c0:75:24:f4:9a:b2:46:c9:0b:
55:35:a1:91:71:87:80:18:c0:52:e0:45:4f:e3:28:ab:cb:39:
28:68:2a:45:0b:9b:76:f5:0f:8f:05:5d:72:2a:3a:74:7a:41:
1e:5f:c3:b5:1e:69:8a:69:57:ba:55:29:0b:8a:e2:66:bd:a2:
7a:ba:0b:24:1a:ff:d2:92:1d:6d:73:d2:1e:c9:f8:4f:a6:b9:
7e:ba:e3:1e:ce:3d:85:c9:04:93:d9:68:78:04:1d:f8:fb:62:
7e:5c:54:67
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAcwcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTE3MDc1MjE0WhcNMjYwNjI0MDc1MjE0WjAYMRYw
FAYDVQQDEw02YTA5NzNiNC0wNDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs4jiDHjyGGzk/wrif0CR0z/n8Skgyr2IoLwjg/TTGTvq7+jGSFLzxEg9
ZKyyTpifs59EqTh71pcEWSj03iWiMYEikAB1z34H8HMkkj84hfPzTx5LoaHw+e+a
dDX9HgRrZuHodV7ohOYVxPyEv4ZWGbXXDB/BdxBn8ClE6qj28ytnZdXapAsLroTG
alLLtX8qADFTe47zyt7SwV0hIyQqx5SKIhTHqJrxq4W4q6y+kpM3YLERy/9q7fDs
i51bNTjkp31d28NLDsA5iCKxKC1t89d8jTHIv2qh9+RogjAeYrUHCxWMT3GjSnFV
cwvjJSaPagB4DLwDCRVmHcHSw9egjwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFJBl
f8UyayQ+wMNDAEJVxn98M0O1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NEMyQzU2NDUxQzUxMUYxQkM3REY2MUJDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmsp1AwQDmsp4AwQBmtnq
MA0GCSqGSIb3DQEBCwUAA4IBAQCeJ5Q/k0M4qfScStq9l/nmGVUOWz62epPzU74T
o5M4q7q/K+Cq7Cddva+MNxnHdT8A2tc0JiPj5FjrGsexGPnZdEQfU4qNv7upsZVS
oZz1+aFgJqn0VN/n4r3D1W1TQh5t1XX1PCgjXIp4No5L9kGy7kCRHco42O49bD2n
DZ+u4Y/hyRsGu+O9R0gs6ctOrv4uE6Q2Y+SmnMjAdST0mrJGyQtVNaGRcYeAGMBS
4EVP4yiryzkoaCpFC5t29Q+PBV1yKjp0ekEeX8O1HmmKaVe6VSkLiuJmvaJ6ugsk
Gv/Skh1tc9IeyfhPprl+uuMezj2FyQST2Wh4BB34+2J+XFRn
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:28:30 2026 by rpki-client