Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DD7C1221E4E11F1AF3874F4DAE4EC9C.roa
File: 5DD7C1221E4E11F1AF3874F4DAE4EC9C.roa (raw, json)
Hash identifier: mc+nyqA2Iqx4GGEOKWXzeHZNgGcrSp0pBJOpdcmLMyU=
Subject key identifier: 95:13:9E:A2:33:C3:96:FC:25:27:C5:5B:25:99:68:66:CB:77:D2:04
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BF2E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DD7C1221E4E11F1AF3874F4DAE4EC9C.roa
Signing time: Thu 12 Mar 2026 20:02:16 +0000
ROA not before: Thu 12 Mar 2026 20:02:11 +0000
ROA not after: Fri 17 Apr 2026 20:02:11 +0000
asID: 22773
IP address blocks: 154.94.52.0/23 maxlen: 24
154.94.56.0/24 maxlen: 24
154.94.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 08:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114478 (0x1bf2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 12 20:02:11 2026 GMT
Not After : Apr 17 20:02:11 2026 GMT
Subject: CN=69b31bc8-ba47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:56:28:ec:48:b9:ed:b0:d2:9b:d6:a1:65:fa:
f6:c0:59:4a:a3:dc:8d:4e:69:0d:26:41:9a:91:ee:
df:16:2e:e0:7d:b0:4b:c2:1f:6e:f5:8f:99:ce:8f:
31:94:53:a4:c1:fe:bc:6c:5d:f3:16:cd:7c:43:49:
1a:f0:93:3c:56:00:9a:1b:5c:df:a5:11:0e:1f:ea:
81:b3:4b:92:ce:b0:f6:23:00:2d:c1:33:ac:24:2d:
fb:90:d8:3c:de:25:7e:6f:b8:6a:55:16:17:ef:72:
af:d6:b6:35:a3:d0:8c:90:27:bd:72:c5:9d:fd:05:
02:af:8b:35:5f:d8:a0:9d:c7:17:d5:79:6e:29:a1:
44:0c:5b:b4:30:a3:42:df:c8:40:f3:dc:68:1a:1c:
e8:c2:94:87:b9:5d:42:eb:15:15:d8:5b:10:dd:1d:
d9:85:a3:42:c4:62:80:7f:ac:0d:9c:9d:d0:b5:ec:
18:a7:f2:32:20:ab:15:ca:e1:bc:d9:35:11:ef:4f:
d6:80:ab:f0:98:c6:e6:da:90:53:f3:c0:a8:3a:ef:
89:f3:7e:6f:b8:ef:93:3e:07:ea:ac:a7:a3:95:61:
d2:eb:ab:51:50:98:ce:52:8b:85:bd:e2:f8:70:e3:
e5:d7:13:77:9b:98:9a:3b:5b:9c:a9:9c:82:e9:6d:
da:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:13:9E:A2:33:C3:96:FC:25:27:C5:5B:25:99:68:66:CB:77:D2:04
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DD7C1221E4E11F1AF3874F4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.52.0/23
154.94.56.0/24
154.94.59.0/24
Signature Algorithm: sha256WithRSAEncryption
55:6f:57:e6:54:d7:42:4f:7a:1c:c6:10:a0:e1:3e:96:1f:29:
33:d6:48:ff:6a:d6:55:7a:26:32:42:77:42:6c:02:c2:c6:4c:
db:6c:a1:e3:29:86:f0:f2:92:15:51:6b:6e:22:11:c9:55:a6:
e4:d0:7f:da:04:3c:e1:03:55:d7:55:64:96:fa:f9:a8:95:bf:
1e:75:20:10:e1:2c:e1:64:4d:d5:81:26:07:d7:56:20:16:1a:
8a:47:83:06:4b:e3:6f:97:9d:15:f0:2c:ac:69:23:43:c6:c0:
24:a2:fa:bb:6a:61:8e:a6:6c:d9:62:11:ae:e8:4b:87:8b:a4:
d0:44:b5:96:30:9b:24:3f:67:fd:da:b0:49:86:e5:47:39:a9:
d0:6e:20:ea:2a:47:8b:35:7a:3d:80:67:17:47:e9:98:67:6f:
19:9f:8d:ca:9b:40:e8:f0:fe:6c:53:1a:62:48:8a:8d:8d:ce:
e0:be:cf:c3:07:54:54:a1:dd:fe:f4:47:a2:6c:12:e8:20:98:
75:26:0c:17:a8:2b:7d:61:27:62:aa:08:1f:6b:0d:cd:0c:50:
04:4f:f4:37:9c:20:e2:2b:58:83:61:aa:fa:5c:df:c4:50:62:
7a:c5:aa:1a:33:cc:a2:4b:56:a8:dc:7c:08:1c:27:96:91:a9:
8c:30:58:ff
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAb8uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzEyMjAwMjExWhcNMjYwNDE3MjAwMjExWjAYMRYw
FAYDVQQDEw02OWIzMWJjOC1iYTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy1Yo7Ei57bDSm9ahZfr2wFlKo9yNTmkNJkGake7fFi7gfbBLwh9u9Y+Z
zo8xlFOkwf68bF3zFs18Q0ka8JM8VgCaG1zfpREOH+qBs0uSzrD2IwAtwTOsJC37
kNg83iV+b7hqVRYX73Kv1rY1o9CMkCe9csWd/QUCr4s1X9ignccX1XluKaFEDFu0
MKNC38hA89xoGhzowpSHuV1C6xUV2FsQ3R3ZhaNCxGKAf6wNnJ3QtewYp/IyIKsV
yuG82TUR70/WgKvwmMbm2pBT88CoOu+J835vuO+TPgfqrKejlWHS66tRUJjOUouF
veL4cOPl1xN3m5iaO1ucqZyC6W3aDwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFJUT
nqIzw5b8JSfFWyWZaGbLd9IEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81REQ3QzEyMjFFNEUxMUYxQUYzODc0RjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBml40AwQAml44AwQAml47
MA0GCSqGSIb3DQEBCwUAA4IBAQBVb1fmVNdCT3ocxhCg4T6WHykz1kj/atZVeiYy
QndCbALCxkzbbKHjKYbw8pIVUWtuIhHJVabk0H/aBDzhA1XXVWSW+vmolb8edSAQ
4SzhZE3VgSYH11YgFhqKR4MGS+Nvl50V8CysaSNDxsAkovq7amGOpmzZYhGu6EuH
i6TQRLWWMJskP2f92rBJhuVHOanQbiDqKkeLNXo9gGcXR+mYZ28Zn43Km0Do8P5s
UxpiSIqNjc7gvs/DB1RUod3+9EeibBLoIJh1JgwXqCt9YSdiqggfaw3NDFAET/Q3
nCDiK1iDYar6XN/EUGJ6xaoaM8yiS1ao3HwIHCeWkamMMFj/
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:14:22 2026 by rpki-client