Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/2B8216AA641211F199B71DEBCE1D38B0.roa
File: 2B8216AA641211F199B71DEBCE1D38B0.roa (raw, json)
Hash identifier: 67XVSVwAM0rw38m8H6ZJ73rRZkhg6g/leaBRu84O/SM=
Subject key identifier: C0:27:F9:95:40:64:BA:A3:3C:A7:AB:CE:91:CA:44:D8:34:D1:8E:52
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0E8B
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/2B8216AA641211F199B71DEBCE1D38B0.roa
Signing time: Tue 09 Jun 2026 14:47:43 +0000
ROA not before: Tue 09 Jun 2026 14:47:37 +0000
ROA not after: Mon 09 Jun 2036 14:47:37 +0000
asID: 198077
IP address blocks: 192.142.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 13 Jun 2026 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3723 (0xe8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR, serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Validity
Not Before: Jun 9 14:47:37 2026 GMT
Not After : Jun 9 14:47:37 2036 GMT
Subject: CN=6a28278f-a2f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:71:e5:17:43:05:92:0b:cc:2b:bd:ac:fc:e8:
b1:a1:a2:c5:90:55:33:69:71:80:4d:8f:13:fe:a2:
9a:f2:56:c8:b5:63:ae:db:3d:47:21:62:a2:ef:fd:
b5:76:f3:d9:b7:1e:4b:c4:99:5d:2e:e2:ce:33:56:
2a:a5:43:92:9a:61:e2:a8:2f:03:2f:3f:9b:36:24:
3f:bc:59:17:c8:93:52:bb:9d:3b:84:58:5f:cd:87:
9e:cd:68:32:92:a4:0e:a4:48:79:8a:79:a8:42:27:
0a:8c:26:c1:09:cd:0c:86:f0:0e:49:e8:88:aa:f7:
99:0f:0b:e9:79:01:73:db:09:93:bf:cc:cd:1c:a0:
2b:59:3f:a1:6d:ff:d3:34:84:81:bd:a9:e2:a5:23:
16:a3:0e:9a:5e:7b:67:b3:14:29:6f:c5:1e:1e:06:
a4:cc:a5:f2:80:d7:6e:04:62:3f:f4:a2:85:1d:24:
67:ca:b7:7d:5f:f6:73:2c:64:57:6f:bd:80:1b:f8:
a2:20:05:d9:ad:6d:7e:65:98:bc:c9:f8:ce:63:1e:
d2:41:a9:bd:87:00:e4:98:52:13:74:fb:5b:13:1f:
63:72:d6:9d:bb:8b:10:57:a9:75:ea:4a:4f:a4:d7:
92:56:37:7f:02:ec:d1:e1:90:c2:70:e4:18:71:21:
96:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:27:F9:95:40:64:BA:A3:3C:A7:AB:CE:91:CA:44:D8:34:D1:8E:52
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/2B8216AA641211F199B71DEBCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.21.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:2c:28:d4:2f:69:3e:11:18:8a:22:a5:09:8b:2b:36:94:e3:
61:6d:da:d0:97:1f:76:71:54:fa:84:48:54:57:a7:31:c2:ce:
0c:e6:04:43:df:be:72:57:cc:d4:ce:94:7b:d0:80:27:e8:de:
6c:f4:63:98:82:3a:1b:fc:8d:54:aa:c5:16:24:47:50:bb:a1:
55:36:2c:48:ef:00:20:75:34:ff:4b:30:81:76:fd:04:06:93:
7d:be:e3:d7:65:5c:5b:20:ca:bf:5f:a3:20:c2:b9:9c:d9:7c:
b5:4c:99:a4:b7:bd:e5:c2:8e:de:62:5e:4a:d3:aa:4a:fc:79:
82:cf:34:c5:69:99:17:78:d1:67:ca:e0:f6:21:fb:88:87:fa:
80:9a:60:ae:38:68:2b:a3:b4:61:c6:95:9b:b7:e5:71:d3:50:
51:09:59:9e:11:9e:e5:eb:4e:54:3a:d9:49:85:f1:0d:00:07:
72:bc:54:65:1a:e2:08:e3:6e:d9:b9:f6:03:2b:4c:13:8f:1f:
39:9f:b5:7a:70:90:17:60:2d:33:9e:8c:db:e2:8f:7f:f0:b1:
40:08:65:77:20:b1:16:77:87:b1:48:06:64:d8:61:09:12:49:
37:aa:2c:6b:50:e5:56:73:2d:28:e1:9d:54:29:df:ec:c0:eb:
d5:8c:39:63
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDoswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNjA2MDkxNDQ3MzdaFw0zNjA2MDkxNDQ3MzdaMBgxFjAU
BgNVBAMTDTZhMjgyNzhmLWEyZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCrceUXQwWSC8wrvaz86LGhosWQVTNpcYBNjxP+opryVsi1Y67bPUchYqLv
/bV289m3HkvEmV0u4s4zViqlQ5KaYeKoLwMvP5s2JD+8WRfIk1K7nTuEWF/Nh57N
aDKSpA6kSHmKeahCJwqMJsEJzQyG8A5J6Iiq95kPC+l5AXPbCZO/zM0coCtZP6Ft
/9M0hIG9qeKlIxajDppee2ezFClvxR4eBqTMpfKA124EYj/0ooUdJGfKt31f9nMs
ZFdvvYAb+KIgBdmtbX5lmLzJ+M5jHtJBqb2HAOSYUhN0+1sTH2Ny1p27ixBXqXXq
Sk+k15JWN38C7NHhkMJw5BhxIZb9AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUwCf5
lUBkuqM8p6vOkcpE2DTRjlIwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzJCODIxNkFBNjQxMjExRjE5OUI3MURFQkNFMUQzOEIwLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjhUwDQYJKoZIhvcNAQELBQAD
ggEBALksKNQvaT4RGIoipQmLKzaU42Ft2tCXH3ZxVPqESFRXpzHCzgzmBEPfvnJX
zNTOlHvQgCfo3mz0Y5iCOhv8jVSqxRYkR1C7oVU2LEjvACB1NP9LMIF2/QQGk32+
49dlXFsgyr9foyDCuZzZfLVMmaS3veXCjt5iXkrTqkr8eYLPNMVpmRd40WfK4PYh
+4iH+oCaYK44aCujtGHGlZu35XHTUFEJWZ4RnuXrTlQ62UmF8Q0AB3K8VGUa4gjj
btm59gMrTBOPHzmftXpwkBdgLTOejNvij3/wsUAIZXcgsRZ3h7FIBmTYYQkSSTeq
LGtQ5VZzLSjhnVQp3+zA69WMOWM=
-----END CERTIFICATE-----
Generated at Thu Jun 11 22:31:58 2026 by rpki-client