Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAFA54D430E011F1912FB07EDAE4EC9C.roa
File: AAFA54D430E011F1912FB07EDAE4EC9C.roa (raw, json)
Hash identifier: w5iCzVCfqXidjEavIvOl9/c8w/KGAwRk9T+mBNGtc0Y=
Subject key identifier: A1:6C:42:87:E4:AF:9D:72:80:46:24:3D:24:E6:B3:B1:47:EA:47:75
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AA2C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAFA54D430E011F1912FB07EDAE4EC9C.roa
Signing time: Sun 05 Apr 2026 11:14:53 +0000
ROA not before: Sun 05 Apr 2026 11:14:47 +0000
ROA not after: Sun 17 May 2026 11:14:47 +0000
asID: 204160
IP address blocks: 156.229.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109100 (0x1aa2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 5 11:14:47 2026 GMT
Not After : May 17 11:14:47 2026 GMT
Subject: CN=69d2442d-5bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:06:79:ff:f7:0f:a0:d5:67:84:7a:b7:9a:dd:
2b:80:27:f3:53:3f:68:90:c6:07:b1:aa:26:00:37:
8b:45:22:34:c5:be:46:f8:ee:10:de:60:8a:95:ff:
f8:e1:74:19:9f:2b:5a:c3:c1:4a:a1:4f:80:33:16:
29:63:19:b5:a5:ee:d5:10:f1:09:79:f8:01:4f:b9:
23:91:54:9a:de:52:8a:c4:2f:8f:71:6f:d7:2f:8d:
38:bf:dc:d2:5e:44:c0:c0:f8:00:c2:54:1a:23:e9:
a5:fe:ce:6a:32:50:43:68:2a:0e:b2:8f:94:6c:ee:
23:25:68:50:44:ae:74:10:e5:db:41:3f:7f:b8:e5:
f1:88:bc:f8:de:72:aa:e6:87:6a:99:d8:07:13:b3:
c1:19:da:78:9a:36:20:99:01:da:ff:40:d2:b0:31:
ce:85:a9:9d:28:6f:be:ae:b4:b4:25:91:e9:4f:ef:
13:f9:7b:93:30:f6:18:85:2c:91:be:2e:43:6d:59:
9e:a9:55:0b:4c:98:44:f4:be:61:fd:5d:2d:02:97:
7d:25:89:db:38:c2:3d:3f:66:bf:5a:d7:2c:28:a3:
62:48:4b:2b:ac:9d:7c:33:c9:b0:66:02:51:cc:43:
07:8a:7e:0b:cf:7f:8e:d0:4c:40:28:70:c0:b6:7c:
de:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6C:42:87:E4:AF:9D:72:80:46:24:3D:24:E6:B3:B1:47:EA:47:75
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAFA54D430E011F1912FB07EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.118.0/24
Signature Algorithm: sha256WithRSAEncryption
09:6f:cb:68:da:ab:b8:b5:29:0c:8f:cf:7c:2e:99:62:62:05:
a4:5a:95:fa:ac:9f:34:ea:a1:b9:91:f6:3b:a4:bb:94:d5:a9:
db:6e:00:b6:27:93:d0:58:52:f2:e4:ce:14:c6:1a:80:0b:6f:
a8:55:6c:2d:62:44:a6:63:fd:87:0d:6f:ae:ed:31:8c:e4:c1:
34:84:7b:af:5b:f9:16:52:3c:aa:8f:fe:90:e0:22:db:49:f6:
ab:d3:05:f8:4f:15:73:6a:07:15:75:f9:b8:2c:42:d3:dd:40:
97:06:a5:d9:e8:79:64:b2:ca:a4:4b:05:e9:5e:61:e9:d6:1d:
5d:4b:74:e6:58:be:87:ee:66:f0:65:e7:e1:c5:bf:59:a8:97:
0e:b5:4a:8d:cd:dc:3c:6a:62:84:93:ec:c6:0c:fe:98:51:3a:
0f:9e:2d:08:50:fe:00:2e:64:e1:0b:ff:af:ae:94:aa:7e:b0:
3d:17:3c:f5:b2:19:8d:d6:7d:1b:13:1e:61:3d:6d:c9:79:66:
a3:08:27:3d:10:ea:de:e5:d6:b6:71:25:b0:99:14:26:5b:b9:
4c:5a:ee:f6:c9:5f:43:2e:c0:00:b9:04:ee:71:78:a9:ce:81:
e5:da:56:79:17:3e:ec:41:42:8e:64:1f:f3:00:2c:6d:db:9d:
d3:ad:d0:f4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaosMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDA1MTExNDQ3WhcNMjYwNTE3MTExNDQ3WjAYMRYw
FAYDVQQDEw02OWQyNDQyZC01YmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuwZ5//cPoNVnhHq3mt0rgCfzUz9okMYHsaomADeLRSI0xb5G+O4Q3mCK
lf/44XQZnytaw8FKoU+AMxYpYxm1pe7VEPEJefgBT7kjkVSa3lKKxC+PcW/XL404
v9zSXkTAwPgAwlQaI+ml/s5qMlBDaCoOso+UbO4jJWhQRK50EOXbQT9/uOXxiLz4
3nKq5odqmdgHE7PBGdp4mjYgmQHa/0DSsDHOhamdKG++rrS0JZHpT+8T+XuTMPYY
hSyRvi5DbVmeqVULTJhE9L5h/V0tApd9JYnbOMI9P2a/WtcsKKNiSEsrrJ18M8mw
ZgJRzEMHin4Lz3+O0ExAKHDAtnze5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKFs
Qofkr51ygEYkPSTms7FH6kd1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQUZBNTRENDMwRTAxMUYxOTEyRkIwN0VEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOV2MA0GCSqGSIb3DQEBCwUA
A4IBAQAJb8to2qu4tSkMj898LpliYgWkWpX6rJ806qG5kfY7pLuU1anbbgC2J5PQ
WFLy5M4UxhqAC2+oVWwtYkSmY/2HDW+u7TGM5ME0hHuvW/kWUjyqj/6Q4CLbSfar
0wX4TxVzagcVdfm4LELT3UCXBqXZ6HlkssqkSwXpXmHp1h1dS3TmWL6H7mbwZefh
xb9ZqJcOtUqNzdw8amKEk+zGDP6YUToPni0IUP4ALmThC/+vrpSqfrA9Fzz1shmN
1n0bEx5hPW3JeWajCCc9EOre5da2cSWwmRQmW7lMWu72yV9DLsAAuQTucXipzoHl
2lZ5Fz7sQUKOZB/zACxt253TrdD0
-----END CERTIFICATE-----
Generated at Sat Apr 18 14:30:40 2026 by rpki-client