Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD11EC160F0C11F1AFBD8C9ADAE4EC9C.roa
File: DD11EC160F0C11F1AFBD8C9ADAE4EC9C.roa (raw, json)
Hash identifier: UmmbNGlI8dSvvRFxyAH6MPMUxhETzq6GkfJD8RPcDXU=
Subject key identifier: A1:00:83:70:DE:2C:1C:41:42:4A:97:D3:2D:57:A8:27:29:85:FA:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 019F5D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD11EC160F0C11F1AFBD8C9ADAE4EC9C.roa
Signing time: Sat 21 Feb 2026 10:05:35 +0000
ROA not before: Sat 21 Feb 2026 10:05:31 +0000
ROA not after: Tue 24 Mar 2026 10:05:31 +0000
asID: 134365
IP address blocks: 156.239.52.0/23 maxlen: 24
156.239.52.0/24 maxlen: 24
156.239.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106333 (0x19f5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 21 10:05:31 2026 GMT
Not After : Mar 24 10:05:31 2026 GMT
Subject: CN=6999836f-356c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5d:29:ec:b7:3b:2f:2a:b6:35:c2:1d:cb:73:
d0:33:d9:db:9e:84:86:44:45:15:b5:b5:b0:cb:66:
74:bc:0b:5a:ae:c1:70:89:f3:90:85:84:af:4c:16:
b8:61:85:26:b2:b3:5f:51:64:e2:15:6b:f9:5d:ab:
03:85:66:98:0d:e3:dc:82:33:e9:68:d8:8f:30:23:
46:b0:6f:77:34:37:2d:a2:c0:e6:7f:cc:ff:1d:0b:
bf:be:f3:ca:2b:6a:2f:3f:28:0b:2a:71:16:59:b0:
95:c2:14:bc:88:65:d2:69:ff:d5:8e:eb:54:12:ba:
09:f5:e2:b8:d0:a1:9f:3b:9d:9d:07:71:18:80:4f:
01:83:56:2a:b4:81:4b:89:fb:31:8f:a2:9d:dc:2a:
f4:98:e1:b5:e1:d9:b1:61:b5:f1:6d:96:04:11:19:
cc:17:ee:bc:07:a1:97:85:63:00:f0:aa:e4:2a:3c:
b3:7c:f3:83:59:2b:f3:84:16:76:2a:ec:40:89:b0:
33:7c:0d:3b:89:40:12:1e:e5:e8:61:ab:15:f6:50:
fb:16:83:37:5b:c5:55:0a:5d:19:82:81:7e:d4:92:
38:8f:c9:74:15:0e:82:cc:92:0f:c7:ad:1d:23:86:
d5:eb:6d:3a:34:3f:ab:cb:8b:83:46:bf:9e:7a:f3:
49:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:00:83:70:DE:2C:1C:41:42:4A:97:D3:2D:57:A8:27:29:85:FA:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD11EC160F0C11F1AFBD8C9ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.52.0/23
Signature Algorithm: sha256WithRSAEncryption
05:9e:f2:e9:db:21:60:14:35:7b:6e:0a:b0:62:61:07:aa:17:
d1:18:ce:15:f5:ca:8a:c7:a9:b1:f4:9a:53:be:32:72:69:44:
52:03:03:e8:6b:bf:46:52:79:e1:b7:52:07:5a:f5:76:01:bf:
4e:2d:40:c4:29:ec:38:8c:8c:77:cc:73:88:71:dd:67:e8:a5:
e8:43:eb:9d:75:44:ea:8c:84:f0:1d:74:0e:2b:5e:da:72:b0:
5c:d6:5f:02:f8:06:0e:27:19:50:bb:b5:ba:9c:c4:ff:70:ce:
18:18:34:c3:bb:5d:47:a7:c1:01:ee:e6:14:bc:2f:c7:bd:93:
24:af:56:14:23:de:20:52:97:7e:3b:4b:a1:78:24:54:1a:39:
58:67:07:ba:b9:af:67:13:1a:f8:e5:ac:fe:47:9b:cd:a5:b8:
99:b5:09:30:aa:a5:aa:8d:ba:82:2c:a1:62:74:f5:11:e9:c4:
00:89:85:ea:f4:bf:92:ec:6f:fe:60:cc:12:ea:20:ce:8e:fb:
5a:76:a7:f3:11:1d:01:3d:72:66:33:3c:1d:93:a0:b1:2d:c0:
52:fb:23:97:aa:1a:06:95:be:c7:b2:93:69:27:f3:74:43:d2:
a3:64:23:b4:a1:63:ef:f5:54:78:a1:28:26:af:ca:f0:99:b6:
fc:9b:72:d4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAZ9dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjIxMTAwNTMxWhcNMjYwMzI0MTAwNTMxWjAYMRYw
FAYDVQQDEw02OTk5ODM2Zi0zNTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq10p7Lc7Lyq2NcIdy3PQM9nbnoSGREUVtbWwy2Z0vAtarsFwifOQhYSv
TBa4YYUmsrNfUWTiFWv5XasDhWaYDePcgjPpaNiPMCNGsG93NDctosDmf8z/HQu/
vvPKK2ovPygLKnEWWbCVwhS8iGXSaf/VjutUEroJ9eK40KGfO52dB3EYgE8Bg1Yq
tIFLifsxj6Kd3Cr0mOG14dmxYbXxbZYEERnMF+68B6GXhWMA8KrkKjyzfPODWSvz
hBZ2KuxAibAzfA07iUASHuXoYasV9lD7FoM3W8VVCl0ZgoF+1JI4j8l0FQ6CzJIP
x60dI4bV6206ND+ry4uDRr+eevNJTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKEA
g3DeLBxBQkqX0y1XqCcphfrTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERDExRUMxNjBGMEMxMUYxQUZCRDhDOUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO80MA0GCSqGSIb3DQEBCwUA
A4IBAQAFnvLp2yFgFDV7bgqwYmEHqhfRGM4V9cqKx6mx9JpTvjJyaURSAwPoa79G
Unnht1IHWvV2Ab9OLUDEKew4jIx3zHOIcd1n6KXoQ+uddUTqjITwHXQOK17acrBc
1l8C+AYOJxlQu7W6nMT/cM4YGDTDu11Hp8EB7uYUvC/HvZMkr1YUI94gUpd+O0uh
eCRUGjlYZwe6ua9nExr45az+R5vNpbiZtQkwqqWqjbqCLKFidPUR6cQAiYXq9L+S
7G/+YMwS6iDOjvtadqfzER0BPXJmMzwdk6CxLcBS+yOXqhoGlb7HspNpJ/N0Q9Kj
ZCO0oWPv9VR4oSgmr8rwmbb8m3LU
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:38:29 2026 by rpki-client