Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28F9161A3C7E11F1975A16F3CE1D38B0.roa
File: 28F9161A3C7E11F1975A16F3CE1D38B0.roa (raw, json)
Hash identifier: 71kC7hgV8QbLoJt3m++dfXfTl4wHz/qGogs0q3pUMIQ=
Subject key identifier: 41:9C:5C:F9:1F:14:FE:AE:FD:D9:23:8D:43:08:F7:F5:82:21:6B:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01ADB4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28F9161A3C7E11F1975A16F3CE1D38B0.roa
Signing time: Mon 20 Apr 2026 05:59:58 +0000
ROA not before: Mon 20 Apr 2026 05:59:53 +0000
ROA not after: Fri 26 Mar 2027 05:59:53 +0000
asID: 4760
IP address blocks: 156.225.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 29 Apr 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110004 (0x1adb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 20 05:59:53 2026 GMT
Not After : Mar 26 05:59:53 2027 GMT
Subject: CN=69e5c0de-da37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bb:4c:bf:ad:b6:bf:fe:c3:57:41:51:bf:7a:
14:b8:eb:5a:70:e8:d7:65:cb:09:d7:bc:14:c7:00:
86:d9:c5:bc:bb:1d:b7:db:1f:f6:37:1c:99:7e:9e:
9e:95:24:12:b9:26:e2:65:aa:a6:0c:12:c5:c7:31:
46:f3:85:00:a7:5d:8e:af:8b:b3:37:3b:05:3d:8c:
0d:50:5f:24:d7:e4:33:ef:9a:67:bd:0b:06:c0:88:
66:00:f7:77:d0:8d:0c:4a:d0:88:0c:a8:6e:b3:d5:
da:9b:5d:8c:f9:78:dc:9a:aa:07:38:7b:88:5c:4f:
f2:5c:45:8c:96:33:62:92:a5:82:94:0f:c0:40:9f:
29:89:d7:d7:67:38:3e:1d:26:86:2d:01:4e:44:69:
85:bd:75:84:55:a8:6f:0e:19:df:72:c2:69:e4:0e:
9d:8e:09:06:a1:db:16:b3:13:d8:1a:75:25:e1:2b:
6d:05:5d:55:27:fa:ad:64:d1:da:69:4e:b0:41:00:
e9:e6:66:eb:9c:cf:e9:ed:29:63:13:51:c8:d2:c8:
7b:4d:63:56:f5:f7:7a:d9:4f:17:f2:3e:d2:70:d7:
2f:98:a1:32:26:4f:00:d0:a8:40:6c:ff:2b:5b:f0:
05:71:30:f8:93:fe:13:5a:86:7e:8d:2c:2e:7b:45:
82:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9C:5C:F9:1F:14:FE:AE:FD:D9:23:8D:43:08:F7:F5:82:21:6B:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28F9161A3C7E11F1975A16F3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.160.0/20
Signature Algorithm: sha256WithRSAEncryption
a1:23:9a:5b:84:92:ff:2d:01:7e:ed:1c:b9:25:0e:0e:e8:0b:
5c:62:e2:64:f8:88:b3:97:2c:be:15:7a:4a:62:6d:af:04:36:
14:d4:f1:94:95:0e:7c:87:68:97:9a:8f:03:5c:f1:a4:70:71:
88:18:17:37:e3:48:ed:e0:f3:44:cc:02:5a:dc:1a:22:2f:5c:
71:03:44:16:5c:ff:76:75:49:de:56:30:87:67:94:eb:85:fc:
ce:71:ef:8d:0f:80:0e:27:90:a9:26:a0:66:1d:97:60:18:15:
a9:bf:e7:9e:93:ad:d4:22:db:bb:9c:de:7f:fc:63:e9:ee:52:
d4:92:d6:24:af:35:67:53:a1:c3:01:ce:b8:42:10:4f:14:40:
0d:11:b4:9f:92:3f:c6:6a:99:d9:0b:b5:96:9a:06:6a:d1:1a:
55:27:b9:83:50:1f:41:55:91:c3:93:57:93:c0:94:71:89:10:
0b:ac:68:e6:99:01:63:52:ec:ab:87:78:6e:81:a9:d5:35:72:
ba:ec:15:18:52:61:c3:c2:57:66:0e:84:41:cd:66:fb:7f:25:
b8:11:78:b8:0e:ad:2a:29:62:8f:74:64:e7:4b:82:5f:22:32:
b2:1f:12:65:ce:69:34:b9:d0:f5:d4:1c:e2:44:71:df:9a:b0:
58:d5:ba:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAa20MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDIwMDU1OTUzWhcNMjcwMzI2MDU1OTUzWjAYMRYw
FAYDVQQDEw02OWU1YzBkZS1kYTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArbtMv622v/7DV0FRv3oUuOtacOjXZcsJ17wUxwCG2cW8ux232x/2NxyZ
fp6elSQSuSbiZaqmDBLFxzFG84UAp12Or4uzNzsFPYwNUF8k1+Qz75pnvQsGwIhm
APd30I0MStCIDKhus9Xam12M+XjcmqoHOHuIXE/yXEWMljNikqWClA/AQJ8pidfX
Zzg+HSaGLQFORGmFvXWEVahvDhnfcsJp5A6djgkGodsWsxPYGnUl4SttBV1VJ/qt
ZNHaaU6wQQDp5mbrnM/p7SljE1HI0sh7TWNW9fd62U8X8j7ScNcvmKEyJk8A0KhA
bP8rW/AFcTD4k/4TWoZ+jSwue0WCgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEGc
XPkfFP6u/dkjjUMI9/WCIWsbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOEY5MTYxQTNDN0UxMUYxOTc1QTE2RjNDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOGgMA0GCSqGSIb3DQEBCwUA
A4IBAQChI5pbhJL/LQF+7Ry5JQ4O6AtcYuJk+Iizlyy+FXpKYm2vBDYU1PGUlQ58
h2iXmo8DXPGkcHGIGBc340jt4PNEzAJa3BoiL1xxA0QWXP92dUneVjCHZ5TrhfzO
ce+ND4AOJ5CpJqBmHZdgGBWpv+eek63UItu7nN5//GPp7lLUktYkrzVnU6HDAc64
QhBPFEANEbSfkj/GapnZC7WWmgZq0RpVJ7mDUB9BVZHDk1eTwJRxiRALrGjmmQFj
Uuyrh3huganVNXK67BUYUmHDwldmDoRBzWb7fyW4EXi4Dq0qKWKPdGTnS4JfIjKy
HxJlzmk0udD11BziRHHfmrBY1bo0
-----END CERTIFICATE-----
Generated at Mon Apr 27 13:23:11 2026 by rpki-client