Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52790B4C058511F189E91785DAE4EC9C.roa
File: 52790B4C058511F189E91785DAE4EC9C.roa (raw, json)
Hash identifier: vjai2q198iCCbunJj8E7ibjfnNnj005rvNZcb/cq8GM=
Subject key identifier: E1:F5:17:25:44:3B:4F:50:63:77:5E:58:8F:E1:A7:AB:9C:FE:BF:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01B8E8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52790B4C058511F189E91785DAE4EC9C.roa
Signing time: Mon 09 Feb 2026 07:02:44 +0000
ROA not before: Mon 09 Feb 2026 07:02:33 +0000
ROA not after: Tue 10 Mar 2026 07:02:33 +0000
asID: 142032
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112872 (0x1b8e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 9 07:02:33 2026 GMT
Not After : Mar 10 07:02:33 2026 GMT
Subject: CN=69898694-5318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4e:e7:3e:df:96:96:27:ff:ea:db:c9:67:c5:
d0:88:32:3f:d8:93:29:e5:4d:aa:16:b8:56:db:64:
42:3f:ce:3e:35:75:d6:93:66:4b:79:a4:40:1a:47:
25:f2:3e:3a:4f:e7:61:50:fd:8c:9f:2b:cc:99:b2:
96:d9:2e:a8:af:78:31:b0:80:db:53:93:77:45:92:
3d:1b:a8:d9:30:6b:2b:70:4c:3b:67:ca:98:82:0d:
6e:6b:01:34:57:d6:a1:65:c0:af:45:b4:a8:26:fd:
f3:ce:85:d9:41:e2:de:b4:e8:c8:27:69:31:86:0b:
c5:d5:b7:e1:7b:11:f2:58:e1:26:49:59:a9:c8:66:
92:c2:26:12:b9:6c:a9:5f:f8:cc:b7:ef:c1:e8:12:
b5:e9:4c:1b:e8:69:7a:60:a3:0c:9b:60:23:6b:4e:
19:7b:11:cd:fb:c7:23:c3:c4:d4:fb:8d:1d:7e:42:
3c:7c:6c:de:7b:6a:6f:d6:7e:83:b7:f3:0c:b0:1c:
92:02:f7:b0:77:c4:35:bb:de:80:b6:d4:30:59:5b:
37:42:1a:10:6f:5e:b8:22:b6:f0:c5:5b:b2:34:92:
06:37:80:15:af:46:d3:9e:7a:77:85:a4:7c:9c:61:
a3:74:11:07:0b:d6:83:14:6e:e7:e4:31:49:ae:d0:
6b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F5:17:25:44:3B:4F:50:63:77:5E:58:8F:E1:A7:AB:9C:FE:BF:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52790B4C058511F189E91785DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
c3:41:ab:5a:0b:aa:66:4a:22:72:8b:16:10:32:5e:b9:21:c5:
28:2c:60:07:ee:d9:f9:86:58:b6:c1:0a:1c:be:9c:f5:0b:77:
25:b7:02:5d:57:3b:f1:c9:c2:d2:ad:c7:f6:f6:a6:3d:1c:74:
b3:58:fd:44:6a:b8:00:26:5e:b9:2f:3a:ad:61:79:7c:3b:53:
7a:08:b0:eb:01:6d:2f:8f:e0:99:eb:4d:69:4d:53:fe:b2:6d:
8b:e6:ea:f5:ea:de:06:b4:b0:df:74:ff:e2:60:3b:db:b2:13:
52:bd:ca:ca:a2:84:e6:c1:2e:10:b0:0e:61:be:0b:e8:68:b6:
61:78:24:3a:37:66:43:96:13:b9:82:ce:b9:09:1b:bb:2b:e8:
d8:71:d8:64:23:58:1b:5f:fd:ce:99:72:0f:59:9d:3d:dc:60:
8f:64:57:62:84:d1:f5:5c:7a:cb:d3:4f:8c:74:9c:47:28:c2:
a6:fa:0b:5c:5b:92:b6:98:70:db:ab:bf:10:5b:e2:2a:72:eb:
7a:d7:73:0d:53:e9:79:b9:58:5b:41:a8:d5:66:d0:ae:76:7e:
c8:93:39:20:85:a5:97:99:6b:58:df:f1:b6:13:df:c1:9e:6c:
9c:72:bd:61:84:db:28:a2:dd:a4:0c:4f:a0:7a:0a:1f:89:85:
a0:45:23:a2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAbjoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjA5MDcwMjMzWhcNMjYwMzEwMDcwMjMzWjAYMRYw
FAYDVQQDEw02OTg5ODY5NC01MzE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyk7nPt+Wlif/6tvJZ8XQiDI/2JMp5U2qFrhW22RCP84+NXXWk2ZLeaRA
Gkcl8j46T+dhUP2MnyvMmbKW2S6or3gxsIDbU5N3RZI9G6jZMGsrcEw7Z8qYgg1u
awE0V9ahZcCvRbSoJv3zzoXZQeLetOjIJ2kxhgvF1bfhexHyWOEmSVmpyGaSwiYS
uWypX/jMt+/B6BK16Uwb6Gl6YKMMm2Aja04ZexHN+8cjw8TU+40dfkI8fGzee2pv
1n6Dt/MMsBySAvewd8Q1u96AttQwWVs3QhoQb164IrbwxVuyNJIGN4AVr0bTnnp3
haR8nGGjdBEHC9aDFG7n5DFJrtBrpwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOH1
FyVEO09QY3deWI/hp6uc/r+IMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81Mjc5MEI0QzA1ODUxMUYxODlFOTE3ODVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQDDQataC6pmSiJyixYQMl65IcUoLGAH7tn5hli2wQocvpz1C3cltwJd
VzvxycLSrcf29qY9HHSzWP1EargAJl65LzqtYXl8O1N6CLDrAW0vj+CZ601pTVP+
sm2L5ur16t4GtLDfdP/iYDvbshNSvcrKooTmwS4QsA5hvgvoaLZheCQ6N2ZDlhO5
gs65CRu7K+jYcdhkI1gbX/3OmXIPWZ093GCPZFdihNH1XHrL00+MdJxHKMKm+gtc
W5K2mHDbq78QW+Iqcut613MNU+l5uVhbQajVZtCudn7IkzkghaWXmWtY3/G2E9/B
nmyccr1hhNsoot2kDE+gegofiYWgRSOi
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:42:39 2026 by rpki-client