Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43648E3E331F11F1B8A761CECE1D38B0.roa
File: 43648E3E331F11F1B8A761CECE1D38B0.roa (raw, json)
Hash identifier: etKh97e7T/CnYNCzwdV1sa5FdjWr4ZCFg5s+Sv3Buww=
Subject key identifier: 33:49:CF:07:9F:D2:87:0E:DA:28:97:DB:6A:91:79:EC:C7:0B:70:44
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AAE9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43648E3E331F11F1B8A761CECE1D38B0.roa
Signing time: Wed 08 Apr 2026 07:48:00 +0000
ROA not before: Wed 08 Apr 2026 07:47:31 +0000
ROA not after: Fri 08 May 2026 07:47:31 +0000
asID: 274065
IP address blocks: 156.238.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109289 (0x1aae9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 8 07:47:31 2026 GMT
Not After : May 8 07:47:31 2026 GMT
Subject: CN=69d60830-91c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bc:9e:0b:78:05:86:4b:9f:19:2a:3e:7e:0d:
92:a7:bc:de:48:86:34:63:37:31:7f:a8:b4:28:6e:
c7:28:2c:20:d8:2f:06:69:e6:5b:c1:f3:06:3a:3c:
ab:8b:de:43:ee:8f:36:d3:42:8e:ab:3b:92:48:ed:
3d:39:b1:e0:9e:e2:4f:40:88:ac:17:fd:c1:8b:21:
b5:26:8b:82:04:9e:be:62:ca:de:88:76:5f:25:d8:
27:59:75:47:6d:c8:ff:f3:68:30:ec:33:9b:bf:45:
c6:f4:37:f5:3e:29:11:74:63:00:89:d4:bc:62:84:
ad:58:56:9b:42:94:8c:ae:7e:79:99:67:6d:4c:20:
41:44:10:b3:08:45:02:49:d1:81:02:b7:8a:61:35:
23:a6:85:17:10:61:a5:af:33:1d:06:ee:44:28:a7:
05:de:98:c1:17:bf:25:76:53:d8:23:f7:9a:63:46:
cc:12:cf:f8:fa:52:42:14:0b:ca:21:d1:e2:ec:6b:
f2:6c:0c:5d:8e:13:16:11:a5:17:02:a1:6d:7a:07:
fe:44:71:43:b1:64:2f:9e:5c:81:e6:05:a3:63:77:
15:85:b7:41:2d:42:de:69:a7:99:57:22:8f:ec:58:
90:73:58:13:14:f0:7c:a2:40:df:c9:76:07:6c:5b:
d6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:49:CF:07:9F:D2:87:0E:DA:28:97:DB:6A:91:79:EC:C7:0B:70:44
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43648E3E331F11F1B8A761CECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.81.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:79:0a:83:7d:23:eb:a6:56:7f:f0:64:29:5d:cc:cf:fc:6b:
87:d4:5c:cc:f1:43:22:7b:5d:b4:5f:28:b5:71:7e:42:16:a2:
bc:e4:e0:5e:90:bd:51:fe:9e:d4:5b:ca:90:bb:a2:9f:4f:bc:
f1:43:0b:87:dd:5c:3f:e1:52:4c:87:b2:1e:cb:90:22:3c:b4:
ee:c7:50:73:54:35:22:bc:a6:d3:86:65:9b:18:24:79:c5:dc:
4d:6d:1f:5d:44:2e:4b:70:27:7a:fa:af:fd:e6:27:f2:9a:b2:
ba:97:6d:fd:26:1d:b4:6b:41:d6:5e:8f:4f:cd:31:bd:f2:78:
24:31:18:81:45:ab:64:c5:06:64:a8:ca:6c:6f:77:6b:44:9c:
eb:f6:a6:06:ba:f7:1e:e8:ac:4e:1d:75:26:78:8a:bd:7c:4d:
52:c4:67:99:ba:12:63:a6:b2:89:0b:a7:f1:4b:1f:10:7f:11:
8c:94:da:94:63:1b:a9:dc:89:7d:1e:a6:34:47:d7:78:40:8c:
92:de:ba:ab:df:c6:9f:39:1e:35:53:ca:54:50:39:60:bf:f8:
00:eb:c5:3b:40:0c:c9:a9:90:c2:80:ef:d0:dd:1b:8b:67:ee:
7c:a3:4e:c0:15:77:36:33:ab:f5:a8:ef:cc:64:e8:7b:17:1b:
f6:e1:83:f6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAarpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDA4MDc0NzMxWhcNMjYwNTA4MDc0NzMxWjAYMRYw
FAYDVQQDEw02OWQ2MDgzMC05MWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlbyeC3gFhkufGSo+fg2Sp7zeSIY0Yzcxf6i0KG7HKCwg2C8GaeZbwfMG
Ojyri95D7o8200KOqzuSSO09ObHgnuJPQIisF/3BiyG1JouCBJ6+YsreiHZfJdgn
WXVHbcj/82gw7DObv0XG9Df1PikRdGMAidS8YoStWFabQpSMrn55mWdtTCBBRBCz
CEUCSdGBAreKYTUjpoUXEGGlrzMdBu5EKKcF3pjBF78ldlPYI/eaY0bMEs/4+lJC
FAvKIdHi7GvybAxdjhMWEaUXAqFtegf+RHFDsWQvnlyB5gWjY3cVhbdBLULeaaeZ
VyKP7FiQc1gTFPB8okDfyXYHbFvWswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDNJ
zwef0ocO2iiX22qReezHC3BEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MzY0OEUzRTMzMUYxMUYxQjhBNzYxQ0VDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5RMA0GCSqGSIb3DQEBCwUA
A4IBAQCueQqDfSPrplZ/8GQpXczP/GuH1FzM8UMie120Xyi1cX5CFqK85OBekL1R
/p7UW8qQu6KfT7zxQwuH3Vw/4VJMh7Iey5AiPLTux1BzVDUivKbThmWbGCR5xdxN
bR9dRC5LcCd6+q/95ifymrK6l239Jh20a0HWXo9PzTG98ngkMRiBRatkxQZkqMps
b3drRJzr9qYGuvce6KxOHXUmeIq9fE1SxGeZuhJjprKJC6fxSx8QfxGMlNqUYxup
3Il9HqY0R9d4QIyS3rqr38afOR41U8pUUDlgv/gA68U7QAzJqZDCgO/Q3RuLZ+58
o07AFXc2M6v1qO/MZOh7Fxv24YP2
-----END CERTIFICATE-----
Generated at Sat Apr 18 14:29:33 2026 by rpki-client