Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E3AC1CA18BA11F19EB4107CDAE4EC9C.roa
File: 1E3AC1CA18BA11F19EB4107CDAE4EC9C.roa (raw, json)
Hash identifier: /Lbdn2SITjvjA/uuHstrqSp1JPfjX1JWW2cLKN7UU3o=
Subject key identifier: 88:4B:EE:EC:A9:7A:9F:03:F8:0E:A9:F5:4B:F2:57:AA:C2:B6:D0:69
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A2BB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E3AC1CA18BA11F19EB4107CDAE4EC9C.roa
Signing time: Thu 05 Mar 2026 17:38:27 +0000
ROA not before: Thu 05 Mar 2026 17:38:23 +0000
ROA not after: Wed 22 Apr 2026 17:38:23 +0000
asID: 8796
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Mar 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107195 (0x1a2bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 5 17:38:23 2026 GMT
Not After : Apr 22 17:38:23 2026 GMT
Subject: CN=69a9bf93-6bd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:56:16:35:de:1a:2f:3c:ff:ca:f2:a3:20:90:
00:a7:08:86:fb:2c:7f:f8:88:47:c5:bf:05:ac:41:
4f:22:3d:7e:d1:12:22:f1:e2:6c:05:61:96:89:5d:
fa:52:1a:9b:88:81:a1:04:8b:54:db:39:1f:a1:28:
b5:0c:1d:ad:76:f3:e7:24:94:55:92:ca:5b:dd:24:
3f:06:2f:e7:99:e1:65:75:78:e2:99:74:3f:b1:36:
66:11:19:17:eb:b4:fb:01:5d:18:24:09:11:6e:f9:
96:36:7a:c8:4d:8d:10:e1:42:11:48:ab:40:1f:37:
c1:b9:a0:0a:99:3c:1d:94:ec:5c:85:cf:79:d1:d3:
f9:a1:3a:cf:d2:39:5f:4f:63:18:63:55:56:31:22:
02:e1:c9:c2:d1:8c:5b:f3:25:01:a2:72:a4:d0:44:
7e:ff:dd:2a:63:1e:b0:6a:75:63:d4:60:43:3f:19:
c8:f3:cf:00:95:9b:24:ce:3d:d9:80:f0:89:5c:fc:
26:2d:be:de:f6:a0:ac:4c:bd:68:3a:ed:d2:75:d7:
49:c5:0b:23:10:b6:a7:ea:8c:36:04:55:3d:50:af:
40:89:da:65:6b:74:d4:04:3c:6b:ff:96:9d:4c:cc:
5c:b5:de:ba:29:8d:36:18:c5:82:1d:08:26:ca:92:
5c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4B:EE:EC:A9:7A:9F:03:F8:0E:A9:F5:4B:F2:57:AA:C2:B6:D0:69
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E3AC1CA18BA11F19EB4107CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
87:cd:76:77:b5:d0:5e:86:58:3e:ad:7a:94:87:29:81:e2:6b:
b7:25:aa:0d:e5:2c:2b:01:07:b0:62:37:40:bf:8b:b1:b2:a3:
8d:27:23:43:26:8e:c4:6c:51:5f:b0:bf:c4:25:3e:7b:9c:3f:
fd:eb:37:fd:81:75:b1:01:95:a2:9b:23:5e:89:17:1c:93:38:
54:8e:22:05:27:7b:ab:12:89:fd:d4:14:e7:b3:c8:da:20:d2:
cd:e4:8b:a0:c4:02:64:e2:84:a9:51:37:7d:a2:65:6e:7b:ff:
06:3d:e2:28:42:51:50:51:89:47:5a:5e:ab:c4:31:47:fe:00:
73:84:ee:16:1b:fb:2f:20:a3:26:64:5e:d2:87:1a:b5:ec:85:
d9:56:22:fb:b3:3d:9e:1a:d9:bb:11:12:44:97:84:4b:1f:54:
69:e5:82:f8:71:2f:92:42:13:76:99:b1:16:94:0e:e7:4d:f7:
26:62:3b:fb:54:3d:31:18:ad:1a:55:ca:1c:d3:d7:e0:cd:b0:
a3:1d:63:70:bd:57:84:2e:5d:da:1f:63:75:70:74:de:54:c1:
0b:a7:a8:97:38:01:25:66:31:db:0a:02:24:b3:b1:d7:8e:ed:
27:a1:f5:9e:00:b4:db:fa:ad:89:b0:53:f2:08:81:a0:1f:da:
11:78:34:a5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaK7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzA1MTczODIzWhcNMjYwNDIyMTczODIzWjAYMRYw
FAYDVQQDEw02OWE5YmY5My02YmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv1YWNd4aLzz/yvKjIJAApwiG+yx/+IhHxb8FrEFPIj1+0RIi8eJsBWGW
iV36UhqbiIGhBItU2zkfoSi1DB2tdvPnJJRVkspb3SQ/Bi/nmeFldXjimXQ/sTZm
ERkX67T7AV0YJAkRbvmWNnrITY0Q4UIRSKtAHzfBuaAKmTwdlOxchc950dP5oTrP
0jlfT2MYY1VWMSIC4cnC0Yxb8yUBonKk0ER+/90qYx6wanVj1GBDPxnI888AlZsk
zj3ZgPCJXPwmLb7e9qCsTL1oOu3SdddJxQsjELan6ow2BFU9UK9Aidpla3TUBDxr
/5adTMxctd66KY02GMWCHQgmypJc7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIhL
7uypep8D+A6p9UvyV6rCttBpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRTNBQzFDQTE4QkExMUYxOUVCNDEwN0NEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQCHzXZ3tdBehlg+rXqUhymB4mu3JaoN5SwrAQewYjdAv4uxsqONJyNDJo7E
bFFfsL/EJT57nD/96zf9gXWxAZWimyNeiRcckzhUjiIFJ3urEon91BTns8jaINLN
5IugxAJk4oSpUTd9omVue/8GPeIoQlFQUYlHWl6rxDFH/gBzhO4WG/svIKMmZF7S
hxq17IXZViL7sz2eGtm7ERJEl4RLH1Rp5YL4cS+SQhN2mbEWlA7nTfcmYjv7VD0x
GK0aVcoc09fgzbCjHWNwvVeELl3aH2N1cHTeVMELp6iXOAElZjHbCgIks7HXju0n
ofWeALTb+q2JsFPyCIGgH9oReDSl
-----END CERTIFICATE-----
Generated at Sat Mar 7 11:07:05 2026 by rpki-client