Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/56559352157A11F19C06B585DAE4EC9C.roa
File: 56559352157A11F19C06B585DAE4EC9C.roa (raw, json)
Hash identifier: kAHTHHjMsFkj2YK7KDimFx7UwW7FmrpQAA5lXKFUE9c=
Subject key identifier: 27:34:41:9C:20:D2:01:A1:87:DA:A0:E7:4F:63:36:BD:AF:54:C6:36
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BC8E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/56559352157A11F19C06B585DAE4EC9C.roa
Signing time: Sun 01 Mar 2026 14:24:20 +0000
ROA not before: Sun 01 Mar 2026 14:24:17 +0000
ROA not after: Sun 05 Apr 2026 14:24:17 +0000
asID: 48031
IP address blocks: 154.222.213.0/24 maxlen: 24
154.222.214.0/24 maxlen: 24
154.222.223.0/24 maxlen: 24
154.222.240.0/24 maxlen: 24
154.222.241.0/24 maxlen: 24
154.222.243.0/24 maxlen: 24
154.222.244.0/24 maxlen: 24
154.222.245.0/24 maxlen: 24
154.222.246.0/24 maxlen: 24
154.222.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113806 (0x1bc8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 14:24:17 2026 GMT
Not After : Apr 5 14:24:17 2026 GMT
Subject: CN=69a44c14-471a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fc:21:f1:d1:14:49:93:36:d0:e3:7e:12:93:
91:63:36:94:8e:ee:6e:d1:fe:c5:17:c5:4c:31:33:
60:30:ed:78:39:63:0b:1f:9f:4d:b3:15:f0:14:ae:
60:fb:74:2f:5b:99:68:4f:37:69:32:1f:b7:35:66:
f8:25:4f:22:19:95:01:cb:5c:62:47:b3:12:5d:ed:
8b:ad:9b:23:41:3b:07:ac:c9:d0:8c:74:ba:5c:2d:
62:c8:ce:f1:c6:c3:46:1e:48:6e:89:fa:20:d9:6a:
4d:22:ba:58:fa:3a:9b:65:16:9c:98:17:b0:c5:f5:
87:96:3f:d0:ed:6b:e4:53:2e:e1:fb:1c:4c:34:40:
0e:bd:eb:e0:e8:e5:a7:46:8e:11:0a:40:04:03:80:
fc:f6:c2:e6:9b:e1:ed:a6:e9:bd:c9:39:81:36:c8:
9d:90:0e:de:8f:7f:2b:1b:40:1a:18:9e:5c:70:07:
e3:59:81:c6:60:f2:54:f7:62:d1:e1:0d:39:cd:d4:
a9:e9:f7:b9:64:cc:e0:cf:63:0e:13:c9:86:c9:f5:
49:50:10:bd:c1:dd:6c:94:74:cb:f7:59:5a:06:5c:
62:ef:80:cb:d4:3b:13:0a:79:b9:ff:6c:7b:91:1c:
a8:73:ef:6d:dd:16:63:9e:d3:22:06:68:44:51:91:
65:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:34:41:9C:20:D2:01:A1:87:DA:A0:E7:4F:63:36:BD:AF:54:C6:36
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/56559352157A11F19C06B585DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.213.0-154.222.214.255
154.222.223.0/24
154.222.240.0/23
154.222.243.0-154.222.247.255
Signature Algorithm: sha256WithRSAEncryption
3d:59:2e:df:b8:b7:c7:14:4c:68:90:54:4d:23:72:42:eb:fc:
54:e9:57:01:22:33:64:bf:a0:e0:b9:02:58:3e:0e:a7:07:9b:
05:e5:a1:69:51:09:65:e2:27:54:b3:a2:d3:e7:7d:5e:24:f2:
8f:c1:01:3c:83:67:57:0e:17:19:93:50:4d:7b:60:80:cb:34:
50:ca:76:46:5b:66:49:99:b3:46:ef:a3:d4:dc:c8:f9:0c:39:
12:b5:38:66:67:ec:08:7f:4a:ec:da:b2:03:bd:0b:18:37:ac:
f6:94:6c:b7:ef:23:4f:14:a2:8b:48:7f:c7:cd:75:2a:c2:d8:
89:cc:3c:34:03:88:7d:11:5a:b8:05:8e:b6:f1:7d:29:92:d2:
eb:cd:fb:6b:d1:c8:b3:96:b6:ac:22:50:39:43:22:3d:8a:7a:
c7:92:4f:5b:67:e9:50:19:45:7c:de:62:8d:55:11:99:5b:6d:
7c:f2:01:87:85:1c:69:3a:79:6d:38:1c:d7:f8:1f:09:b3:19:
bc:16:90:ee:c9:8d:88:44:af:5d:64:40:7e:e3:3d:b1:9a:8f:
1a:b2:26:d3:7d:a4:91:41:e2:59:5e:64:9f:48:9c:7a:18:87:
f0:9b:f5:f8:17:5e:1b:0d:8c:2f:e7:52:c6:ac:e5:14:3f:9a:
9b:03:5b:0c
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAbyOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzAxMTQyNDE3WhcNMjYwNDA1MTQyNDE3WjAYMRYw
FAYDVQQDEw02OWE0NGMxNC00NzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAovwh8dEUSZM20ON+EpORYzaUju5u0f7FF8VMMTNgMO14OWMLH59NsxXw
FK5g+3QvW5loTzdpMh+3NWb4JU8iGZUBy1xiR7MSXe2LrZsjQTsHrMnQjHS6XC1i
yM7xxsNGHkhuifog2WpNIrpY+jqbZRacmBewxfWHlj/Q7WvkUy7h+xxMNEAOvevg
6OWnRo4RCkAEA4D89sLmm+Htpum9yTmBNsidkA7ej38rG0AaGJ5ccAfjWYHGYPJU
92LR4Q05zdSp6fe5ZMzgz2MOE8mGyfVJUBC9wd1slHTL91laBlxi74DL1DsTCnm5
/2x7kRyoc+9t3RZjntMiBmhEUZFlzwIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFCc0
QZwg0gGhh9qg509jNr2vVMY2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NjU1OTM1MjE1N0ExMUYxOUMwNkI1ODVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBACa3tUDBACa3tYDBACa
3t8DBAGa3vAwDAMEAJre8wMEA5re8DANBgkqhkiG9w0BAQsFAAOCAQEAPVku37i3
xxRMaJBUTSNyQuv8VOlXASIzZL+g4LkCWD4OpwebBeWhaVEJZeInVLOi0+d9XiTy
j8EBPINnVw4XGZNQTXtggMs0UMp2RltmSZmzRu+j1NzI+Qw5ErU4ZmfsCH9K7Nqy
A70LGDes9pRst+8jTxSii0h/x811KsLYicw8NAOIfRFauAWOtvF9KZLS6837a9HI
s5a2rCJQOUMiPYp6x5JPW2fpUBlFfN5ijVURmVttfPIBh4UcaTp5bTgc1/gfCbMZ
vBaQ7smNiESvXWRAfuM9sZqPGrIm032kkUHiWV5kn0icehiH8Jv1+BdeGw2ML+dS
xqzlFD+amwNbDA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:19:29 2026 by rpki-client