Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362A252/78E7D528020111EDB680DB81F1222468/EE58E52E1D3511F1976FBC97DAE4EC9C.roa
File: EE58E52E1D3511F1976FBC97DAE4EC9C.roa (raw, json)
Hash identifier: 2zXpu+BjJJ/YZS6CragLKC0p/JQpfEL/6yBthdYOWUs=
Subject key identifier: 7D:F4:EF:83:16:B1:03:86:98:80:80:D6:D6:2E:56:B7:FF:94:1B:78
Certificate issuer: /CN=F362A252AF/serialNumber=5F91E37E17C4A58715A01AFF09298BB16F2382C6
Certificate serial: 0564
Authority key identifier: 5F:91:E3:7E:17:C4:A5:87:15:A0:1A:FF:09:29:8B:B1:6F:23:82:C6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/X5HjfhfEpYcVoBr_CSmLsW8jgsY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362A252/78E7D528020111EDB680DB81F1222468/EE58E52E1D3511F1976FBC97DAE4EC9C.roa
Signing time: Wed 11 Mar 2026 10:34:50 +0000
ROA not before: Wed 11 Mar 2026 10:34:43 +0000
ROA not after: Tue 11 Mar 2036 10:34:43 +0000
asID: 329082
IP address blocks: 102.215.52.0/22 maxlen: 24
2c0f:6080::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362A252/78E7D528020111EDB680DB81F1222468/X5HjfhfEpYcVoBr_CSmLsW8jgsY.crl
rsync://rpki.afrinic.net/repository/member_repository/F362A252/78E7D528020111EDB680DB81F1222468/X5HjfhfEpYcVoBr_CSmLsW8jgsY.mft
rsync://rpki.afrinic.net/repository/afrinic/X5HjfhfEpYcVoBr_CSmLsW8jgsY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1380 (0x564)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362A252AF, serialNumber=5F91E37E17C4A58715A01AFF09298BB16F2382C6
Validity
Not Before: Mar 11 10:34:43 2026 GMT
Not After : Mar 11 10:34:43 2036 GMT
Subject: CN=69b1454a-8b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:75:0d:f1:85:a2:bf:03:f8:de:96:18:8c:27:
e4:00:96:ae:18:c0:2e:d0:92:7d:51:a1:44:1d:b3:
34:c5:d5:6a:30:ae:a2:d2:31:56:db:fa:35:ec:d7:
c0:9e:c3:a3:ef:78:85:4f:f8:3e:e3:6a:ae:ea:6c:
06:5e:76:51:c2:10:7f:cc:63:11:2f:1b:c0:c3:78:
c8:6d:c0:a1:73:49:af:ca:b9:1b:cb:aa:96:11:38:
f1:13:50:ca:55:2e:f2:65:39:ac:17:6a:56:a1:0d:
cc:b8:b5:a6:bc:fc:95:73:77:9b:d2:4d:99:6d:1c:
2d:30:44:ab:09:b6:b1:3e:29:e7:ce:4b:7f:30:12:
06:5e:5d:03:3f:6b:67:4e:97:17:10:ea:eb:5a:58:
59:a3:19:f9:58:e4:8c:d5:93:d6:6d:26:e3:1e:81:
a7:c2:3f:af:d5:ab:2e:a9:2a:6f:60:31:19:c3:b5:
71:75:ef:5b:d8:27:d3:4b:13:41:1f:0e:01:81:eb:
0a:7b:d5:51:e5:9a:5b:f1:78:98:4c:6b:3d:0e:64:
2b:be:a1:1a:67:6d:3b:47:fb:fd:18:85:76:06:b1:
cd:e9:2b:92:82:55:5f:36:f6:d7:e0:31:5e:41:5f:
90:09:45:b6:4c:98:c1:10:5c:a6:76:60:87:92:08:
1b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F4:EF:83:16:B1:03:86:98:80:80:D6:D6:2E:56:B7:FF:94:1B:78
X509v3 Authority Key Identifier:
keyid:5F:91:E3:7E:17:C4:A5:87:15:A0:1A:FF:09:29:8B:B1:6F:23:82:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362A252/78E7D528020111EDB680DB81F1222468/X5HjfhfEpYcVoBr_CSmLsW8jgsY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/X5HjfhfEpYcVoBr_CSmLsW8jgsY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362A252/78E7D528020111EDB680DB81F1222468/EE58E52E1D3511F1976FBC97DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.215.52.0/22
IPv6:
2c0f:6080::/32
Signature Algorithm: sha256WithRSAEncryption
63:f3:79:bf:90:66:c4:29:30:b5:8f:e5:64:cd:e5:55:8c:dd:
ba:30:06:7e:7b:c3:ad:c8:31:e8:a7:4d:29:1d:2c:d6:a0:ce:
6e:13:a4:50:75:1e:49:73:c9:11:ee:a2:31:1c:ae:11:48:2b:
9e:29:0a:27:84:66:6d:02:3e:3b:1e:50:fb:9c:e7:37:c6:ab:
41:a1:18:9d:49:61:5b:dc:f2:88:f4:c5:b2:84:ca:a5:1b:e4:
63:f4:a5:e7:4b:02:b3:d9:0e:d5:e3:eb:ae:2b:f4:b9:2e:61:
36:46:1b:58:45:28:b2:25:23:90:c1:14:59:1d:91:18:e1:79:
93:c5:22:17:f6:91:c6:d4:3b:50:55:c9:93:5e:fe:4d:bb:bf:
ec:24:c1:72:f5:e4:80:e9:30:c3:5a:f0:0a:0a:cd:db:d3:a5:
59:a9:d2:e6:0b:9b:d4:14:14:12:e1:e2:d9:89:6a:5e:5c:9a:
27:96:08:9b:03:7b:07:11:34:24:85:cc:6b:72:4d:01:26:2f:
ab:54:8e:cf:f5:cd:1a:65:0a:33:67:64:a3:ea:2b:88:a8:09:
34:90:2c:54:5e:64:46:21:80:61:1a:37:8a:f4:46:d0:1a:3c:
64:d2:0b:e8:d3:16:1e:12:dd:74:97:e9:cd:20:0f:7e:54:c7:
a8:82:17:16
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBWQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkEyNTJBRjExMC8GA1UEBRMoNUY5MUUzN0UxN0M0QTU4NzE1QTAxQUZGMDkyOThC
QjE2RjIzODJDNjAeFw0yNjAzMTExMDM0NDNaFw0zNjAzMTExMDM0NDNaMBgxFjAU
BgNVBAMTDTY5YjE0NTRhLThiNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3dQ3xhaK/A/jelhiMJ+QAlq4YwC7Qkn1RoUQdszTF1WowrqLSMVbb+jXs
18Cew6PveIVP+D7jaq7qbAZedlHCEH/MYxEvG8DDeMhtwKFzSa/KuRvLqpYROPET
UMpVLvJlOawXalahDcy4taa8/JVzd5vSTZltHC0wRKsJtrE+KefOS38wEgZeXQM/
a2dOlxcQ6utaWFmjGflY5IzVk9ZtJuMegafCP6/Vqy6pKm9gMRnDtXF171vYJ9NL
E0EfDgGB6wp71VHlmlvxeJhMaz0OZCu+oRpnbTtH+/0YhXYGsc3pK5KCVV829tfg
MV5BX5AJRbZMmMEQXKZ2YIeSCBttAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUffTv
gxaxA4aYgIDW1i5Wt/+UG3gwHwYDVR0jBBgwFoAUX5HjfhfEpYcVoBr/CSmLsW8j
gsYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJBMjUyLzc4RTdENTI4MDIwMTExRURCNjgwREI4MUYxMjIyNDY4L1g1SGpm
aGZFcFljVm9Ccl9DU21Mc1c4amdzWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1g1SGpmaGZFcFljVm9Ccl9DU21Mc1c4amdzWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJBMjUyLzc4RTdENTI4MDIwMTExRURCNjgwREI4MUYx
MjIyNDY4L0VFNThFNTJFMUQzNTExRjE5NzZGQkM5N0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm1zQwDQQCAAIwBwMFACwP
YIAwDQYJKoZIhvcNAQELBQADggEBAGPzeb+QZsQpMLWP5WTN5VWM3bowBn57w63I
MeinTSkdLNagzm4TpFB1HklzyRHuojEcrhFIK54pCieEZm0CPjseUPuc5zfGq0Gh
GJ1JYVvc8oj0xbKEyqUb5GP0pedLArPZDtXj664r9LkuYTZGG1hFKLIlI5DBFFkd
kRjheZPFIhf2kcbUO1BVyZNe/k27v+wkwXL15IDpMMNa8AoKzdvTpVmp0uYLm9QU
FBLh4tmJal5cmieWCJsDewcRNCSFzGtyTQEmL6tUjs/1zRplCjNnZKPqK4ioCTSQ
LFReZEYhgGEaN4r0RtAaPGTSC+jTFh4S3XSX6c0gD35Ux6iCFxY=
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:11:31 2026 by rpki-client