Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F180BFC1D1311F1A4D56AD3DAE4EC9C.roa
File: 8F180BFC1D1311F1A4D56AD3DAE4EC9C.roa (raw, json)
Hash identifier: aANebUhvljLum6zW/ERhiyFd2hSRUD0HfvR0bK0OAXw=
Subject key identifier: 93:3E:6B:BA:1A:43:85:1A:61:14:76:52:86:53:17:BA:BB:89:83:8A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A3EC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F180BFC1D1311F1A4D56AD3DAE4EC9C.roa
Signing time: Wed 11 Mar 2026 06:28:47 +0000
ROA not before: Wed 11 Mar 2026 06:28:42 +0000
ROA not after: Wed 13 May 2026 06:28:42 +0000
asID: 139880
IP address blocks: 156.249.224.0/20 maxlen: 24
156.253.32.0/20 maxlen: 24
156.253.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 14 Mar 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107500 (0x1a3ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 11 06:28:42 2026 GMT
Not After : May 13 06:28:42 2026 GMT
Subject: CN=69b10b9f-9ba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:02:e2:a1:30:0e:0f:85:2b:82:2a:f1:84:0f:
7a:9d:cb:12:07:3e:39:fc:84:a8:79:74:6f:b4:53:
6b:e8:43:98:4d:af:ac:15:c0:84:f4:ea:79:1c:b3:
e9:b3:5c:95:ae:6f:c9:ea:05:4a:e5:0e:04:bf:de:
24:c3:62:5f:02:3b:48:76:9e:d0:1d:30:e5:ce:5c:
cd:71:26:7a:16:98:83:53:fb:ee:db:bc:73:9c:17:
29:61:fa:a2:7b:0f:f8:37:29:5a:65:ba:f1:6f:96:
e5:29:c8:6d:49:76:7a:47:fa:50:c1:d6:cb:8c:5a:
cc:41:00:be:2a:46:08:1c:9f:c6:e5:14:29:28:2a:
5b:bd:78:b2:89:48:15:19:50:1c:2c:e0:cb:8a:e7:
51:94:5b:0b:02:67:30:a7:69:7d:14:fa:ea:78:00:
d3:34:ea:33:70:22:dc:6b:af:db:74:4a:98:33:4b:
6f:f5:b2:7b:16:bd:23:c8:bf:b4:8c:55:71:bd:8e:
7c:f5:30:c3:9a:ec:bb:33:43:75:4c:fe:6d:f9:21:
0d:01:4b:63:66:55:1f:fd:fa:cd:31:c6:03:3f:1e:
f9:f1:b0:e5:9b:5e:c8:57:91:5d:95:1a:c8:2e:f5:
73:4d:2a:68:c8:b5:fa:87:a3:01:68:0b:ec:c7:86:
a3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:3E:6B:BA:1A:43:85:1A:61:14:76:52:86:53:17:BA:BB:89:83:8A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F180BFC1D1311F1A4D56AD3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.224.0/20
156.253.32.0/20
156.253.144.0/20
Signature Algorithm: sha256WithRSAEncryption
7d:b9:50:5b:7d:93:de:b3:fc:0a:60:b9:95:ca:40:55:e7:69:
4b:a3:a5:07:06:62:b7:7c:8c:eb:4d:4d:f4:a8:16:c7:93:67:
5e:e6:62:e2:25:4c:8c:2f:63:36:90:74:b3:eb:1f:08:02:fa:
c8:7a:b9:90:aa:1b:ba:2d:03:80:39:a0:a1:4f:79:0f:c0:80:
e5:a8:f4:a8:3c:28:d5:6f:74:79:62:ea:2f:fa:e8:4a:28:4c:
5f:cf:18:17:96:7c:f8:c5:ae:90:1a:2e:00:60:28:66:49:66:
01:19:cb:4c:6e:2e:45:60:27:7e:53:77:36:f0:42:aa:79:ce:
46:cd:48:76:84:5b:a2:16:67:c4:be:61:8b:33:c7:2d:85:46:
ab:b8:dd:78:47:35:b3:f4:ff:fc:cd:48:4c:6c:9e:11:93:1d:
4b:07:4f:8d:ad:cf:e3:ed:6f:f2:be:ef:e9:54:4b:bb:ba:dd:
e5:34:e1:3b:a4:ed:3f:7e:d1:a6:e5:52:35:3a:87:18:e3:49:
a9:ca:38:8b:28:6c:14:61:0b:42:15:38:c0:3e:66:c0:0c:37:
fb:2d:d0:47:ce:eb:b2:1a:01:0d:54:9b:e4:0f:5e:33:3c:8b:
28:f0:c2:fd:f2:75:c9:82:a5:b0:ec:2f:f7:86:57:83:4d:2b:
02:a0:63:f9
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAaPsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzExMDYyODQyWhcNMjYwNTEzMDYyODQyWjAYMRYw
FAYDVQQDEw02OWIxMGI5Zi05YmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqwLioTAOD4UrgirxhA96ncsSBz45/ISoeXRvtFNr6EOYTa+sFcCE9Op5
HLPps1yVrm/J6gVK5Q4Ev94kw2JfAjtIdp7QHTDlzlzNcSZ6FpiDU/vu27xznBcp
Yfqiew/4NylaZbrxb5blKchtSXZ6R/pQwdbLjFrMQQC+KkYIHJ/G5RQpKCpbvXiy
iUgVGVAcLODLiudRlFsLAmcwp2l9FPrqeADTNOozcCLca6/bdEqYM0tv9bJ7Fr0j
yL+0jFVxvY589TDDmuy7M0N1TP5t+SENAUtjZlUf/frNMcYDPx758bDlm17IV5Fd
lRrILvVzTSpoyLX6h6MBaAvsx4ajgQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFJM+
a7oaQ4UaYRR2UoZTF7q7iYOKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RjE4MEJGQzFEMTMxMUYxQTRENTZBRDNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEnPngAwQEnP0gAwQEnP2QMA0G
CSqGSIb3DQEBCwUAA4IBAQB9uVBbfZPes/wKYLmVykBV52lLo6UHBmK3fIzrTU30
qBbHk2de5mLiJUyML2M2kHSz6x8IAvrIermQqhu6LQOAOaChT3kPwIDlqPSoPCjV
b3R5Yuov+uhKKExfzxgXlnz4xa6QGi4AYChmSWYBGctMbi5FYCd+U3c28EKqec5G
zUh2hFuiFmfEvmGLM8cthUaruN14RzWz9P/8zUhMbJ4Rkx1LB0+Nrc/j7W/yvu/p
VEu7ut3lNOE7pO0/ftGm5VI1OocY40mpyjiLKGwUYQtCFTjAPmbADDf7LdBHzuuy
GgENVJvkD14zPIso8ML98nXJgqWw7C/3hleDTSsCoGP5
-----END CERTIFICATE-----
Generated at Fri Mar 13 01:26:31 2026 by rpki-client