Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/620870DE274F11F1AEB84A84DAE4EC9C.roa
File: 620870DE274F11F1AEB84A84DAE4EC9C.roa (raw, json)
Hash identifier: btqjDW9jfgdM9QFcu7qT+v68cSM6XnUgaUTSNoW0AhI=
Subject key identifier: 17:6A:7F:41:E2:5C:43:23:C8:87:3B:48:6F:FF:19:12:7E:93:22:85
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A6FA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/620870DE274F11F1AEB84A84DAE4EC9C.roa
Signing time: Tue 24 Mar 2026 07:02:13 +0000
ROA not before: Tue 24 Mar 2026 07:02:07 +0000
ROA not after: Fri 01 May 2026 07:02:07 +0000
asID: 200758
IP address blocks: 156.229.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 00:26:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108282 (0x1a6fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 24 07:02:07 2026 GMT
Not After : May 1 07:02:07 2026 GMT
Subject: CN=69c236f5-16cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:64:35:ac:7c:e6:7a:84:ec:dd:64:8d:6e:46:
8f:4b:03:b8:cf:31:13:60:42:fe:2b:4a:c0:c4:fa:
73:8b:e5:00:e0:f7:20:0c:ec:ee:57:27:28:60:68:
ea:63:a4:9a:6d:9a:c1:5a:0a:1c:61:3a:c3:8b:1a:
49:51:70:ce:bf:d3:8e:2f:b0:50:38:0c:74:69:14:
06:1b:b9:e2:9d:52:70:d9:1f:7d:e7:bd:f3:e9:de:
e1:a9:95:21:96:d6:0e:80:1c:4d:d6:f7:2f:84:f9:
2a:8e:8a:e6:1d:ad:e4:07:a2:43:29:98:d0:bd:db:
28:f5:f8:7e:94:17:9e:00:32:f3:b1:0a:09:e0:f6:
78:d5:30:3b:13:c4:6c:b1:5f:56:86:1c:36:04:f5:
59:c8:24:e1:10:2b:60:d0:e5:a3:87:16:49:22:a7:
e6:4b:e3:05:bc:a8:e9:1d:07:6d:c6:a9:2a:54:cb:
8d:1d:10:b6:9c:02:d7:8e:c5:2a:b2:70:a1:1d:43:
21:de:9d:fa:9e:71:d6:48:25:a4:94:3b:80:73:a9:
61:63:43:85:11:27:5b:26:a1:ca:25:05:eb:f7:76:
dd:2f:08:6d:18:c2:41:b8:f7:97:49:fd:c3:2b:87:
09:d7:cc:d6:90:ed:19:c6:70:d2:31:b6:96:47:95:
1c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6A:7F:41:E2:5C:43:23:C8:87:3B:48:6F:FF:19:12:7E:93:22:85
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/620870DE274F11F1AEB84A84DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.27.0/24
Signature Algorithm: sha256WithRSAEncryption
83:c0:98:be:42:8c:6d:68:5a:b8:9b:35:b5:d0:c4:94:b9:eb:
2f:ab:6d:9c:93:9f:35:09:8c:bb:9c:b7:c5:c3:f5:0d:ad:52:
c9:33:30:03:dc:89:b6:f3:0a:a0:49:47:e8:20:84:97:da:fb:
8f:f2:7a:53:92:dd:ff:36:b9:9d:10:1c:ad:27:89:59:c2:a0:
11:f3:1c:f5:28:f8:95:aa:a0:81:0b:78:0e:f4:ce:ba:ab:78:
98:58:3e:d0:0a:09:f3:29:99:da:bf:d1:8a:6d:db:3b:75:8a:
8a:ca:20:d1:a3:d9:44:33:4d:d7:93:41:62:49:d0:1f:3c:9e:
80:9f:2a:46:92:8a:65:ce:30:a8:75:1e:52:73:45:e1:51:46:
35:0d:a7:1b:0f:d9:49:d5:eb:8c:2e:23:bf:94:66:60:a2:55:
ff:16:c9:ef:b1:5b:31:8a:e7:ca:07:60:b0:ef:63:d6:e3:bb:
6f:2c:d8:7d:5b:58:6d:c2:98:f3:47:b8:5d:a8:09:91:74:0b:
43:63:06:76:f5:46:4a:3a:f9:da:2d:c9:0c:23:ac:a9:19:d9:
a2:23:03:e7:9a:a2:5f:5a:d1:0e:bd:06:37:3d:29:31:10:89:
c3:8d:92:16:97:8c:24:12:48:d3:f4:bf:d2:9b:e7:1f:ec:82:
63:3a:3a:51
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAab6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzI0MDcwMjA3WhcNMjYwNTAxMDcwMjA3WjAYMRYw
FAYDVQQDEw02OWMyMzZmNS0xNmNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtWQ1rHzmeoTs3WSNbkaPSwO4zzETYEL+K0rAxPpzi+UA4PcgDOzuVyco
YGjqY6SabZrBWgocYTrDixpJUXDOv9OOL7BQOAx0aRQGG7ninVJw2R99573z6d7h
qZUhltYOgBxN1vcvhPkqjormHa3kB6JDKZjQvdso9fh+lBeeADLzsQoJ4PZ41TA7
E8RssV9Whhw2BPVZyCThECtg0OWjhxZJIqfmS+MFvKjpHQdtxqkqVMuNHRC2nALX
jsUqsnChHUMh3p36nnHWSCWklDuAc6lhY0OFESdbJqHKJQXr93bdLwhtGMJBuPeX
Sf3DK4cJ18zWkO0ZxnDSMbaWR5UcbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBdq
f0HiXEMjyIc7SG//GRJ+kyKFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MjA4NzBERTI3NEYxMUYxQUVCODRBODREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOUbMA0GCSqGSIb3DQEBCwUA
A4IBAQCDwJi+QoxtaFq4mzW10MSUuesvq22ck581CYy7nLfFw/UNrVLJMzAD3Im2
8wqgSUfoIISX2vuP8npTkt3/NrmdEBytJ4lZwqAR8xz1KPiVqqCBC3gO9M66q3iY
WD7QCgnzKZnav9GKbds7dYqKyiDRo9lEM03Xk0FiSdAfPJ6AnypGkoplzjCodR5S
c0XhUUY1DacbD9lJ1euMLiO/lGZgolX/FsnvsVsxiufKB2Cw72PW47tvLNh9W1ht
wpjzR7hdqAmRdAtDYwZ29UZKOvnaLckMI6ypGdmiIwPnmqJfWtEOvQY3PSkxEInD
jZIWl4wkEkjT9L/Sm+cf7IJjOjpR
-----END CERTIFICATE-----
Generated at Tue Mar 24 18:53:55 2026 by rpki-client