Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EF417402ED611F19D08909ADAE4EC9C.roa
File: 8EF417402ED611F19D08909ADAE4EC9C.roa (raw, json)
Hash identifier: iqgvlAIwuF57WOHtTHjCEapjmn6wSpsfVLNKry1tWPY=
Subject key identifier: 11:40:6B:8B:47:C6:C4:5A:20:B0:24:C7:39:94:6E:93:E0:31:CF:17
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A97F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EF417402ED611F19D08909ADAE4EC9C.roa
Signing time: Thu 02 Apr 2026 20:57:28 +0000
ROA not before: Thu 02 Apr 2026 20:57:23 +0000
ROA not after: Thu 30 Apr 2026 20:57:23 +0000
asID: 17497
IP address blocks: 156.225.14.0/24 maxlen: 24
156.233.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108927 (0x1a97f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 2 20:57:23 2026 GMT
Not After : Apr 30 20:57:23 2026 GMT
Subject: CN=69ced838-b39d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:02:d2:00:64:df:c6:e4:45:73:15:6e:2a:74:
7d:80:45:b4:3d:e5:f7:77:3e:f5:aa:a7:39:e4:60:
ff:84:fd:91:3d:5e:10:57:b4:6c:84:ae:71:7c:cc:
d8:74:fc:57:d0:da:f7:80:6a:17:8b:97:06:a4:45:
f0:74:51:27:aa:a6:6c:40:11:ce:85:46:f8:61:fb:
07:51:82:34:c6:aa:cf:ef:ac:ee:d0:a6:76:c4:26:
45:9b:1b:30:1c:ac:46:4c:54:69:e4:56:a7:2e:6a:
e0:1c:f7:2f:e3:4a:7e:03:d1:1c:a7:64:37:65:30:
31:a0:92:15:ca:2a:dd:89:2c:59:15:79:83:5c:ac:
64:12:b6:77:8a:53:83:88:9c:f5:42:64:72:e5:21:
62:8c:ab:0f:67:dd:04:c3:d1:53:8c:0f:5b:7f:e0:
41:ac:e8:09:1c:59:29:33:9c:3d:16:ec:78:c0:3c:
c2:ae:98:fb:ca:fc:08:44:8d:22:f6:a7:62:4e:dc:
81:cb:77:bb:31:f8:3e:91:53:15:ca:64:97:73:d0:
a1:73:50:10:16:58:de:a7:db:51:9c:e8:19:7d:f5:
53:9d:a4:56:67:b1:00:43:ca:28:08:08:13:6c:76:
fe:11:5c:0d:ad:8b:65:b2:01:ae:f3:49:22:6c:26:
3f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:40:6B:8B:47:C6:C4:5A:20:B0:24:C7:39:94:6E:93:E0:31:CF:17
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EF417402ED611F19D08909ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.14.0/24
156.233.3.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:f2:04:e4:4a:2b:02:3d:2b:4e:4b:7c:e3:e1:1b:d0:09:3b:
b9:b1:e3:f9:d3:18:35:4d:25:54:20:4f:c2:4b:bf:10:66:22:
1e:10:ee:f1:d8:58:f5:e2:d6:7c:20:5e:ec:22:6d:12:7e:65:
b9:58:0f:90:8a:a8:56:4f:3f:5c:5f:5f:b7:f5:63:13:4b:a9:
9d:c6:ca:12:80:f3:48:8d:1a:49:ca:57:bc:38:94:f5:6c:6b:
9f:fb:4f:0a:0d:65:73:15:2e:41:b7:71:c5:a2:0e:3a:42:82:
7a:89:03:22:81:8d:cd:7d:57:b1:c3:41:8b:46:98:1b:ad:86:
16:c6:21:e5:83:b1:a0:2f:6a:75:a0:fa:83:63:50:67:44:76:
f4:db:0c:8b:6d:55:1a:31:fb:c8:84:0b:41:7a:09:9b:7e:87:
3e:d7:b1:cf:1c:98:0a:db:8b:47:6c:0a:eb:58:ce:d4:14:d9:
e2:b9:ac:87:1c:2d:e6:dd:59:62:c4:a7:90:ca:36:5a:40:e3:
bb:c8:37:a8:57:ea:19:05:d0:13:51:1e:d7:fe:2d:08:3b:32:
55:a0:4c:bf:eb:32:d5:03:e1:22:3a:2f:ca:24:95:f1:a8:97:
ea:22:52:02:01:4b:5d:f7:3d:d6:ab:f0:bf:4a:6a:b8:e8:a2:
31:67:aa:4c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAal/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDAyMjA1NzIzWhcNMjYwNDMwMjA1NzIzWjAYMRYw
FAYDVQQDEw02OWNlZDgzOC1iMzlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwALSAGTfxuRFcxVuKnR9gEW0PeX3dz71qqc55GD/hP2RPV4QV7RshK5x
fMzYdPxX0Nr3gGoXi5cGpEXwdFEnqqZsQBHOhUb4YfsHUYI0xqrP76zu0KZ2xCZF
mxswHKxGTFRp5FanLmrgHPcv40p+A9Ecp2Q3ZTAxoJIVyirdiSxZFXmDXKxkErZ3
ilODiJz1QmRy5SFijKsPZ90Ew9FTjA9bf+BBrOgJHFkpM5w9Fux4wDzCrpj7yvwI
RI0i9qdiTtyBy3e7Mfg+kVMVymSXc9Chc1AQFljep9tRnOgZffVTnaRWZ7EAQ8oo
CAgTbHb+EVwNrYtlsgGu80kibCY/wwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBFA
a4tHxsRaILAkxzmUbpPgMc8XMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RUY0MTc0MDJFRDYxMUYxOUQwODkwOUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOEOAwQAnOkDMA0GCSqGSIb3
DQEBCwUAA4IBAQCm8gTkSisCPStOS3zj4RvQCTu5seP50xg1TSVUIE/CS78QZiIe
EO7x2Fj14tZ8IF7sIm0SfmW5WA+QiqhWTz9cX1+39WMTS6mdxsoSgPNIjRpJyle8
OJT1bGuf+08KDWVzFS5Bt3HFog46QoJ6iQMigY3NfVexw0GLRpgbrYYWxiHlg7Gg
L2p1oPqDY1BnRHb02wyLbVUaMfvIhAtBegmbfoc+17HPHJgK24tHbArrWM7UFNni
uayHHC3m3VlixKeQyjZaQOO7yDeoV+oZBdATUR7X/i0IOzJVoEy/6zLVA+EiOi/K
JJXxqJfqIlICAUtd9z3Wq/C/Smq46KIxZ6pM
-----END CERTIFICATE-----
Generated at Sat Apr 18 14:29:54 2026 by rpki-client