Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/DB5FF4881C5611F18A871384DAE4EC9C.roa
File: DB5FF4881C5611F18A871384DAE4EC9C.roa (raw, json)
Hash identifier: kkOMtAohgLfz+qkesL09UxzK9jTRPmNkDxZd658iCYs=
Subject key identifier: 73:4D:AE:44:F2:E7:E2:8A:BF:2C:22:B3:A5:98:31:54:2A:2F:96:66
Certificate issuer: /CN=F362C7E9AR/serialNumber=B97DC46099CD50FCF299DA5E82B005646984C4F3
Certificate serial: 0973
Authority key identifier: B9:7D:C4:60:99:CD:50:FC:F2:99:DA:5E:82:B0:05:64:69:84:C4:F3
Authority info access: rsync://rpki.afrinic.net/repository/arin/uX3EYJnNUPzymdpegrAFZGmExPM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/DB5FF4881C5611F18A871384DAE4EC9C.roa
Signing time: Tue 10 Mar 2026 07:58:00 +0000
ROA not before: Tue 10 Mar 2026 07:57:55 +0000
ROA not after: Sun 31 Mar 2030 07:57:55 +0000
asID: 206283
IP address blocks: 66.18.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/uX3EYJnNUPzymdpegrAFZGmExPM.crl
rsync://rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/uX3EYJnNUPzymdpegrAFZGmExPM.mft
rsync://rpki.afrinic.net/repository/arin/uX3EYJnNUPzymdpegrAFZGmExPM.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 15 Mar 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2419 (0x973)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362C7E9AR, serialNumber=B97DC46099CD50FCF299DA5E82B005646984C4F3
Validity
Not Before: Mar 10 07:57:55 2026 GMT
Not After : Mar 31 07:57:55 2030 GMT
Subject: CN=69afcf08-3697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7c:3e:80:ed:a5:a4:f8:1c:8a:bc:d6:14:5c:
eb:95:01:05:80:6a:74:1b:0d:9d:3a:22:99:19:54:
9b:2e:c6:20:b5:dc:2f:8f:d1:9a:5c:60:9b:87:8c:
6e:00:4f:ae:31:e8:27:1e:9e:5b:74:91:61:27:8e:
3f:19:27:32:7d:4e:cb:a6:95:92:9e:07:6e:ae:2a:
c8:b1:44:75:0b:94:e3:26:38:9f:89:bb:39:c2:9e:
70:ff:a6:9d:29:f0:aa:e4:ae:ce:e5:19:86:e1:21:
68:31:0e:68:ae:f5:3d:07:65:bd:41:da:a1:c5:e6:
fc:ca:a1:52:98:79:4e:d3:59:83:32:f4:d9:67:33:
71:82:e6:97:5c:95:78:55:7c:b6:85:85:ab:65:56:
11:7c:12:a7:1f:e3:2c:30:7a:09:21:50:da:9c:41:
59:96:88:02:6f:81:f9:e7:d9:59:62:98:44:d2:e8:
a8:3c:3a:03:d4:11:be:3a:cf:c4:72:51:f3:24:61:
f8:ad:68:b0:20:74:a0:8c:92:7b:6b:63:4e:9b:72:
61:0a:ff:a5:55:c8:29:2e:95:47:db:a3:f1:70:56:
62:57:1d:12:db:4f:cd:0a:63:3e:3e:24:f6:fc:05:
1d:12:f7:8a:dd:3c:9a:b1:81:e5:7d:52:22:6b:47:
c6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:4D:AE:44:F2:E7:E2:8A:BF:2C:22:B3:A5:98:31:54:2A:2F:96:66
X509v3 Authority Key Identifier:
keyid:B9:7D:C4:60:99:CD:50:FC:F2:99:DA:5E:82:B0:05:64:69:84:C4:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/uX3EYJnNUPzymdpegrAFZGmExPM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uX3EYJnNUPzymdpegrAFZGmExPM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362C7E9/08F07C14E8D911E98515C740F8AEA228/DB5FF4881C5611F18A871384DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
66.18.95.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:90:46:b4:ae:22:2e:c5:51:9a:ca:31:09:84:9d:7e:28:99:
ab:2b:65:99:25:7d:bf:5e:54:f7:da:c8:77:d8:d7:64:ed:b2:
02:34:6d:8f:3b:26:6b:8e:b8:30:f5:00:75:88:4a:22:78:b4:
fe:e8:5e:55:25:f8:f4:f9:7c:aa:f6:f1:75:bd:88:be:68:42:
ef:cf:65:eb:91:ff:23:0c:16:3b:f2:33:63:69:5f:4b:33:f6:
f0:34:55:0a:41:38:18:48:37:b5:9e:5b:10:4d:1d:ee:b3:99:
27:03:69:e1:40:1e:a8:0c:59:33:95:c6:68:4c:bb:39:12:95:
50:6a:6f:9e:f9:b5:a3:06:0c:3f:82:14:7c:84:3e:52:98:a2:
4f:6c:e0:b4:e3:a0:c3:fb:c3:3c:4b:6f:ed:56:3f:df:aa:b0:
22:f3:ff:6f:f6:9f:e4:17:1d:f4:a6:1a:64:ce:00:70:2d:8a:
4d:a9:62:09:cd:1e:31:f7:6b:f4:4f:4a:2c:9f:ee:2a:2f:cf:
d0:74:2c:7a:e2:28:4d:e8:04:15:43:0b:2d:12:62:dc:13:c1:
7a:cf:5c:69:78:a9:33:88:39:2e:4e:22:9a:e9:5c:14:2a:5a:
cf:93:ca:f1:5d:c5:32:bc:de:25:89:63:b3:ef:ae:76:e0:56:
89:ef:7e:25
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCXMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkM3RTlBUjExMC8GA1UEBRMoQjk3REM0NjA5OUNENTBGQ0YyOTlEQTVFODJCMDA1
NjQ2OTg0QzRGMzAeFw0yNjAzMTAwNzU3NTVaFw0zMDAzMzEwNzU3NTVaMBgxFjAU
BgNVBAMTDTY5YWZjZjA4LTM2OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8fD6A7aWk+ByKvNYUXOuVAQWAanQbDZ06IpkZVJsuxiC13C+P0ZpcYJuH
jG4AT64x6Ccenlt0kWEnjj8ZJzJ9TsumlZKeB26uKsixRHULlOMmOJ+JuznCnnD/
pp0p8Krkrs7lGYbhIWgxDmiu9T0HZb1B2qHF5vzKoVKYeU7TWYMy9NlnM3GC5pdc
lXhVfLaFhatlVhF8Eqcf4ywwegkhUNqcQVmWiAJvgfnn2VlimETS6Kg8OgPUEb46
z8RyUfMkYfitaLAgdKCMkntrY06bcmEK/6VVyCkulUfbo/FwVmJXHRLbT80KYz4+
JPb8BR0S94rdPJqxgeV9UiJrR8a9AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUc02u
RPLn4oq/LCKzpZgxVCovlmYwHwYDVR0jBBgwFoAUuX3EYJnNUPzymdpegrAFZGmE
xPMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJDN0U5LzA4RjA3QzE0RThEOTExRTk4NTE1Qzc0MEY4QUVBMjI4L3VYM0VZ
Sm5OVVB6eW1kcGVnckFGWkdtRXhQTS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VYM0VZSm5OVVB6eW1kcGVnckFGWkdtRXhQTS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjJDN0U5LzA4RjA3QzE0RThEOTExRTk4NTE1Qzc0MEY4QUVB
MjI4L0RCNUZGNDg4MUM1NjExRjE4QTg3MTM4NERBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABCEl8wDQYJKoZIhvcNAQELBQAD
ggEBAIyQRrSuIi7FUZrKMQmEnX4omasrZZklfb9eVPfayHfY12TtsgI0bY87JmuO
uDD1AHWISiJ4tP7oXlUl+PT5fKr28XW9iL5oQu/PZeuR/yMMFjvyM2NpX0sz9vA0
VQpBOBhIN7WeWxBNHe6zmScDaeFAHqgMWTOVxmhMuzkSlVBqb575taMGDD+CFHyE
PlKYok9s4LTjoMP7wzxLb+1WP9+qsCLz/2/2n+QXHfSmGmTOAHAtik2pYgnNHjH3
a/RPSiyf7iovz9B0LHriKE3oBBVDCy0SYtwTwXrPXGl4qTOIOS5OIprpXBQqWs+T
yvFdxTK83iWJY7PvrnbgVonvfiU=
-----END CERTIFICATE-----
Generated at Fri Mar 13 18:19:53 2026 by rpki-client