Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F8DF9BA2AA711F1AE49797DDAE4EC9C.roa
File: 3F8DF9BA2AA711F1AE49797DDAE4EC9C.roa (raw, json)
Hash identifier: P6WXbmHlvQKMM2F3wcmQucz3hut/609sIoRzBIwyhlQ=
Subject key identifier: CB:7D:A7:26:A2:EF:1E:F5:6E:02:18:ED:22:27:FF:2B:26:62:B9:05
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A7FB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F8DF9BA2AA711F1AE49797DDAE4EC9C.roa
Signing time: Sat 28 Mar 2026 13:08:44 +0000
ROA not before: Sat 28 Mar 2026 13:08:39 +0000
ROA not after: Fri 22 May 2026 13:08:39 +0000
asID: 137899
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108539 (0x1a7fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 28 13:08:39 2026 GMT
Not After : May 22 13:08:39 2026 GMT
Subject: CN=69c7d2dc-d35d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:37:9e:50:70:ff:da:61:18:28:69:7a:c6:e4:
27:56:7c:7a:7d:b7:d7:4c:5f:b2:49:e9:f3:c1:c5:
e1:93:14:2d:c5:f6:94:3a:ff:b5:55:2e:4b:51:04:
63:cf:1a:a9:71:d4:64:be:d0:4c:72:d0:ef:23:a4:
99:a3:b3:dc:e1:8b:95:7f:b1:a6:1f:bd:b0:98:df:
b2:bc:31:4b:68:ae:4e:d8:66:c8:f1:6a:29:f6:c2:
54:8f:73:0b:38:99:71:00:49:3f:d9:f6:b6:e0:45:
48:e8:5b:e4:d4:3b:99:4f:f2:97:5f:23:4a:fb:ed:
84:13:ae:d4:4c:ea:33:5b:1b:00:0d:98:2a:61:79:
cc:4a:af:13:58:f1:11:c7:97:80:89:12:4f:d4:e5:
6d:1a:b5:13:95:fa:0f:a9:d5:d2:b3:c5:b1:b4:e2:
2b:6a:e4:7b:18:c4:08:5d:f0:5a:5f:c9:23:34:78:
d8:e1:81:95:39:e7:45:31:ab:1a:d8:03:bb:7c:c6:
5f:3e:13:73:b8:2f:48:1d:45:95:4c:65:e8:e8:10:
4c:15:34:ed:2d:f2:ed:1b:7a:a5:0e:eb:8f:28:3b:
16:41:9e:89:58:4c:71:77:7a:86:ef:a7:ca:28:5f:
9f:35:ed:c1:23:a4:be:a2:4a:ec:85:6a:6f:fd:78:
6b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7D:A7:26:A2:EF:1E:F5:6E:02:18:ED:22:27:FF:2B:26:62:B9:05
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F8DF9BA2AA711F1AE49797DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
99:89:9e:80:9e:13:64:c1:a4:85:ed:b3:95:2d:fc:f8:0a:5c:
80:e5:cb:ec:e1:2e:cc:43:68:fa:5e:a8:26:28:92:c4:9e:a7:
c7:9b:2c:7f:12:f2:09:33:5c:52:6e:7c:f3:7a:4c:35:51:c8:
54:5a:5d:62:a7:c0:61:23:f2:62:ea:33:0c:a4:a0:f7:b7:3d:
19:de:64:d0:10:be:53:80:7b:f3:10:c3:1e:83:cc:85:73:7e:
d1:a9:a3:4f:45:bb:2b:0e:a2:7f:7b:de:fd:ea:bf:67:ff:99:
24:74:70:ad:1c:5a:41:a2:86:db:86:83:04:02:00:a5:1b:87:
78:b8:9c:79:61:22:c2:09:a9:4c:6e:2b:8e:a2:d0:98:5a:7d:
23:68:d9:30:07:f0:31:de:0f:ce:f3:c4:8e:e9:ef:06:35:5d:
85:42:d6:7d:fc:73:dd:12:98:bc:5e:c6:fd:41:de:a4:14:4a:
a8:b0:1c:ee:21:e4:72:99:96:b4:20:27:d8:25:c2:85:fe:e1:
6c:f7:8a:64:81:92:87:38:4c:38:0b:90:03:46:7c:49:3c:ad:
2c:7b:a0:26:05:7d:25:8f:dc:c0:48:02:ef:9f:e2:4f:a3:3a:
0a:e3:92:1b:1b:02:4e:00:a2:c6:38:cc:3c:ee:5d:b3:9e:ef:
03:cd:7f:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaf7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzI4MTMwODM5WhcNMjYwNTIyMTMwODM5WjAYMRYw
FAYDVQQDEw02OWM3ZDJkYy1kMzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmzeeUHD/2mEYKGl6xuQnVnx6fbfXTF+ySenzwcXhkxQtxfaUOv+1VS5L
UQRjzxqpcdRkvtBMctDvI6SZo7Pc4YuVf7GmH72wmN+yvDFLaK5O2GbI8Wop9sJU
j3MLOJlxAEk/2fa24EVI6Fvk1DuZT/KXXyNK++2EE67UTOozWxsADZgqYXnMSq8T
WPERx5eAiRJP1OVtGrUTlfoPqdXSs8WxtOIrauR7GMQIXfBaX8kjNHjY4YGVOedF
Masa2AO7fMZfPhNzuC9IHUWVTGXo6BBMFTTtLfLtG3qlDuuPKDsWQZ6JWExxd3qG
76fKKF+fNe3BI6S+okrshWpv/XhrdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMt9
pyai7x71bgIY7SIn/ysmYrkFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjhERjlCQTJBQTcxMUYxQUU0OTc5N0REQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQCZiZ6AnhNkwaSF7bOVLfz4ClyA5cvs4S7MQ2j6XqgmKJLEnqfHmyx/EvIJ
M1xSbnzzekw1UchUWl1ip8BhI/Ji6jMMpKD3tz0Z3mTQEL5TgHvzEMMeg8yFc37R
qaNPRbsrDqJ/e9796r9n/5kkdHCtHFpBoobbhoMEAgClG4d4uJx5YSLCCalMbiuO
otCYWn0jaNkwB/Ax3g/O88SO6e8GNV2FQtZ9/HPdEpi8Xsb9Qd6kFEqosBzuIeRy
mZa0ICfYJcKF/uFs94pkgZKHOEw4C5ADRnxJPK0se6AmBX0lj9zASALvn+JPozoK
45IbGwJOAKLGOMw87l2znu8DzX/a
-----END CERTIFICATE-----
Generated at Sat Apr 18 14:28:40 2026 by rpki-client