Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6CF84DC3FB111F198C0681DCF1D38B0.roa
File: D6CF84DC3FB111F198C0681DCF1D38B0.roa (raw, json)
Hash identifier: i8lv/zZOwNUB01Eh/LLx+Y6fGpctx3h+rAnpFomOFgk=
Subject key identifier: 47:AE:D4:2A:53:AD:DD:91:CF:E7:42:58:C0:EA:AC:FF:27:15:77:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AED0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6CF84DC3FB111F198C0681DCF1D38B0.roa
Signing time: Fri 24 Apr 2026 07:47:27 +0000
ROA not before: Fri 24 Apr 2026 07:47:23 +0000
ROA not after: Mon 04 May 2026 07:47:23 +0000
asID: 139880
IP address blocks: 156.254.32.0/19 maxlen: 24
156.254.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 29 Apr 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110288 (0x1aed0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 24 07:47:23 2026 GMT
Not After : May 4 07:47:23 2026 GMT
Subject: CN=69eb200f-1c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:57:40:5c:ee:1d:bf:56:70:4a:bc:56:5b:32:
08:03:d0:57:7e:f2:ac:bb:67:b6:0f:bf:1e:e4:98:
18:49:45:6d:9a:57:e5:38:63:ae:d0:93:c5:f4:59:
0b:48:25:31:0d:eb:2c:84:e6:ce:94:d3:53:1d:cf:
60:56:e2:38:aa:d0:46:b8:2e:22:e3:df:3c:03:99:
fe:28:89:b7:6c:33:0f:0a:c2:5a:c0:9a:d4:4b:bd:
72:74:74:96:2c:5d:82:4b:84:71:55:3a:2c:3b:86:
e9:d6:d4:cb:2c:fd:e0:8e:3d:30:2a:8f:bf:c7:c3:
11:34:8b:5f:ac:59:29:0b:63:5c:d2:00:15:91:2d:
4d:a5:9f:31:97:9a:f9:df:c6:70:b6:a6:a6:5c:bb:
9f:6f:6e:a0:22:82:27:d1:cd:93:8e:70:3b:17:6f:
75:72:49:3b:27:b6:4d:5d:06:9f:8c:bb:50:40:06:
30:3c:79:97:0f:8f:f3:8a:a6:ce:41:8f:37:1c:b7:
55:11:63:be:65:15:15:c8:a9:ec:2a:5f:58:c8:03:
a2:f5:e8:92:1b:eb:b1:ec:60:f6:21:f9:19:8c:f8:
18:90:55:cd:80:ac:43:01:02:79:98:d5:e2:74:f8:
0b:77:7c:97:a8:18:ea:d5:30:60:03:b2:97:87:d7:
98:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AE:D4:2A:53:AD:DD:91:CF:E7:42:58:C0:EA:AC:FF:27:15:77:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6CF84DC3FB111F198C0681DCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.32.0-156.254.95.255
Signature Algorithm: sha256WithRSAEncryption
a6:a1:b8:0e:d6:74:8a:f1:2d:5a:c8:af:df:28:0e:96:da:76:
e9:04:41:d1:d6:ef:0b:c4:00:4d:6a:6e:5e:e0:e5:28:d7:d3:
54:36:97:d6:a1:49:d9:e3:5b:41:3e:23:a4:82:94:17:51:2b:
ca:30:23:a3:fd:c2:ca:d5:c5:56:22:11:52:69:1c:74:67:7e:
0d:92:ef:69:d7:d1:60:b1:46:dc:9b:eb:17:2f:fe:26:0c:0d:
0d:de:64:4a:3e:ce:88:11:07:65:b2:c3:be:6d:58:f7:67:d4:
a5:50:6d:ec:ce:3e:61:fe:03:01:25:22:aa:11:6c:6d:24:96:
41:67:3d:c7:e3:6e:50:3e:e8:cd:15:1e:fa:d8:fd:ed:7d:83:
0a:65:7d:86:31:0b:3d:83:4b:a1:8c:3b:81:96:17:ec:0a:74:
c7:56:46:d7:78:98:f9:ea:e6:a2:2d:d7:7e:40:78:c8:7d:f2:
5b:5e:51:8b:43:5f:af:65:61:aa:0c:3a:e1:7d:1f:df:e9:84:
8d:8c:80:36:a4:ab:d7:50:6c:13:8e:bb:23:86:59:bf:e8:17:
3a:9a:01:63:7c:5e:fd:9d:39:91:51:f1:4d:48:c5:bb:96:62:
1e:44:1f:55:d2:c3:9e:11:c2:66:c7:4e:0a:ec:f9:55:3f:fa:
07:a2:a3:fd
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAa7QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDI0MDc0NzIzWhcNMjYwNTA0MDc0NzIzWjAYMRYw
FAYDVQQDEw02OWViMjAwZi0xYzhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy1dAXO4dv1ZwSrxWWzIIA9BXfvKsu2e2D78e5JgYSUVtmlflOGOu0JPF
9FkLSCUxDesshObOlNNTHc9gVuI4qtBGuC4i4988A5n+KIm3bDMPCsJawJrUS71y
dHSWLF2CS4RxVTosO4bp1tTLLP3gjj0wKo+/x8MRNItfrFkpC2Nc0gAVkS1NpZ8x
l5r538ZwtqamXLufb26gIoIn0c2TjnA7F291ckk7J7ZNXQafjLtQQAYwPHmXD4/z
iqbOQY83HLdVEWO+ZRUVyKnsKl9YyAOi9eiSG+ux7GD2IfkZjPgYkFXNgKxDAQJ5
mNXidPgLd3yXqBjq1TBgA7KXh9eYgQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEeu
1CpTrd2Rz+dCWMDqrP8nFXfeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENkNGODREQzNGQjExMUYxOThDMDY4MURDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWc/iADBAWc/kAwDQYJKoZI
hvcNAQELBQADggEBAKahuA7WdIrxLVrIr98oDpbadukEQdHW7wvEAE1qbl7g5SjX
01Q2l9ahSdnjW0E+I6SClBdRK8owI6P9wsrVxVYiEVJpHHRnfg2S72nX0WCxRtyb
6xcv/iYMDQ3eZEo+zogRB2Wyw75tWPdn1KVQbezOPmH+AwElIqoRbG0klkFnPcfj
blA+6M0VHvrY/e19gwplfYYxCz2DS6GMO4GWF+wKdMdWRtd4mPnq5qIt135AeMh9
8lteUYtDX69lYaoMOuF9H9/phI2MgDakq9dQbBOOuyOGWb/oFzqaAWN8Xv2dOZFR
8U1IxbuWYh5EH1XSw54RwmbHTgrs+VU/+geio/0=
-----END CERTIFICATE-----
Generated at Mon Apr 27 13:33:44 2026 by rpki-client