Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE80DBB8193A11F1AF5F289DDAE4EC9C.roa
File: AE80DBB8193A11F1AF5F289DDAE4EC9C.roa (raw, json)
Hash identifier: lF/3e7pFkNOOJeLdmMn+LYTPhjAGK7iz+enu7zggnho=
Subject key identifier: AD:68:E6:E1:86:5F:B2:13:F2:E2:72:F6:59:20:CD:C8:2A:12:BC:A4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A2E6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE80DBB8193A11F1AF5F289DDAE4EC9C.roa
Signing time: Fri 06 Mar 2026 08:58:46 +0000
ROA not before: Fri 06 Mar 2026 08:58:40 +0000
ROA not after: Tue 31 Mar 2026 08:58:40 +0000
asID: 141167
IP address blocks: 156.225.0.0/23 maxlen: 24
156.225.12.0/23 maxlen: 24
156.228.3.0/24 maxlen: 24
156.238.2.0/23 maxlen: 24
156.254.120.0/22 maxlen: 24
156.254.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107238 (0x1a2e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 6 08:58:40 2026 GMT
Not After : Mar 31 08:58:40 2026 GMT
Subject: CN=69aa9745-c24f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:19:70:64:3b:02:87:40:96:09:55:8c:fe:6c:
01:80:33:41:bd:2a:be:c7:b7:36:71:9f:4b:70:9a:
a2:d8:3b:90:a4:0a:d9:55:e7:c3:f7:71:17:54:73:
b1:ec:0f:b8:15:ea:9e:e0:10:ff:c6:1c:78:43:80:
84:60:07:ad:be:f8:74:dc:59:66:f1:0a:0f:6d:d4:
0a:62:20:d7:da:b1:18:22:70:54:21:ef:90:c0:54:
fc:cb:1c:12:87:1d:ec:25:5e:c7:90:0b:79:88:d8:
be:2a:66:0f:66:bb:60:18:9f:36:4d:4e:0a:8f:e6:
34:1e:a7:49:fc:c1:b0:08:69:cb:d6:05:29:7a:1d:
4f:fe:0d:21:c6:c0:27:fe:3c:66:d0:e8:ae:5f:a3:
57:47:e1:0a:74:a9:6b:2e:b8:8d:4f:5c:dc:13:29:
a3:4e:3e:27:5b:b2:b1:c6:dd:d7:1e:0a:cc:55:bc:
c2:b4:4b:2f:d1:93:c3:2a:40:08:23:e4:6d:4c:f5:
a0:f3:0f:4f:0f:55:b2:f0:b4:7d:46:72:a1:a4:15:
e7:f6:27:4a:36:e9:25:28:98:16:6a:e9:d9:9d:ba:
66:a3:8e:4d:fc:5e:2d:3d:5d:cf:b3:1f:2f:f3:fe:
a9:8a:78:e9:e1:b9:39:b1:bd:ef:47:85:0f:01:88:
e3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:68:E6:E1:86:5F:B2:13:F2:E2:72:F6:59:20:CD:C8:2A:12:BC:A4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE80DBB8193A11F1AF5F289DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.0.0/23
156.225.12.0/23
156.228.3.0/24
156.238.2.0/23
156.254.120.0-156.254.125.255
Signature Algorithm: sha256WithRSAEncryption
01:ca:f8:94:4d:87:00:f1:01:e0:53:11:d7:7a:7d:0e:79:41:
dc:d9:1f:91:50:f7:5f:d5:b6:d5:a0:66:79:97:cd:55:02:27:
40:c0:7e:98:1c:de:ae:40:c8:be:bd:3c:25:90:77:e1:a8:b1:
73:71:28:98:ee:10:aa:92:12:b8:1e:3b:ba:26:55:a3:47:a1:
3e:a7:b8:8c:6a:89:b2:68:64:8b:1a:2b:f0:e7:c7:d5:5c:3c:
41:e0:c1:c8:15:88:93:49:df:0f:bd:00:32:21:0d:7d:4e:11:
7f:b0:ac:d6:23:67:31:a8:66:5a:b4:b2:94:b8:d9:6e:7c:08:
9b:f8:c7:65:ac:28:3f:fe:e2:fa:e6:f4:5d:31:1a:11:18:13:
d5:87:03:b2:d3:57:70:51:09:85:85:13:13:7d:16:79:0a:30:
b5:d9:f4:07:24:47:35:a8:70:40:54:17:7f:0c:57:95:90:49:
db:59:40:7f:87:73:e1:48:d0:92:80:29:40:58:eb:13:da:f5:
c8:f7:01:d6:12:d5:c3:40:53:f7:cd:58:7b:54:1a:09:64:b6:
f3:6b:7c:9a:59:84:09:5c:67:5c:dc:45:8c:8f:b9:fd:dd:10:
3e:9b:2e:5b:ce:50:c9:c3:3e:39:ec:52:6f:4b:2d:19:d0:67:
41:dd:03:a8
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIDAaLmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzA2MDg1ODQwWhcNMjYwMzMxMDg1ODQwWjAYMRYw
FAYDVQQDEw02OWFhOTc0NS1jMjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyhlwZDsCh0CWCVWM/mwBgDNBvSq+x7c2cZ9LcJqi2DuQpArZVefD93EX
VHOx7A+4Feqe4BD/xhx4Q4CEYAetvvh03Flm8QoPbdQKYiDX2rEYInBUIe+QwFT8
yxwShx3sJV7HkAt5iNi+KmYPZrtgGJ82TU4Kj+Y0HqdJ/MGwCGnL1gUpeh1P/g0h
xsAn/jxm0OiuX6NXR+EKdKlrLriNT1zcEymjTj4nW7Kxxt3XHgrMVbzCtEsv0ZPD
KkAII+RtTPWg8w9PD1Wy8LR9RnKhpBXn9idKNuklKJgWaunZnbpmo45N/F4tPV3P
sx8v8/6pinjp4bk5sb3vR4UPAYjjmwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFK1o
5uGGX7IT8uJy9lkgzcgqErykMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRTgwREJCODE5M0ExMUYxQUY1RjI4OUREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBnOEAAwQBnOEMAwQAnOQDAwQB
nO4CMAwDBAOc/ngDBAGc/nwwDQYJKoZIhvcNAQELBQADggEBAAHK+JRNhwDxAeBT
Edd6fQ55QdzZH5FQ91/VttWgZnmXzVUCJ0DAfpgc3q5AyL69PCWQd+GosXNxKJju
EKqSErgeO7omVaNHoT6nuIxqibJoZIsaK/Dnx9VcPEHgwcgViJNJ3w+9ADIhDX1O
EX+wrNYjZzGoZlq0spS42W58CJv4x2WsKD/+4vrm9F0xGhEYE9WHA7LTV3BRCYWF
ExN9FnkKMLXZ9AckRzWocEBUF38MV5WQSdtZQH+Hc+FI0JKAKUBY6xPa9cj3AdYS
1cNAU/fNWHtUGglktvNrfJpZhAlcZ1zcRYyPuf3dED6bLlvOUMnDPjnsUm9LLRnQ
Z0HdA6g=
-----END CERTIFICATE-----
Generated at Wed Mar 25 05:33:41 2026 by rpki-client