Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E84059C20CAC11F19C0CCF79DAE4EC9C.roa
File: E84059C20CAC11F19C0CCF79DAE4EC9C.roa (raw, json)
Hash identifier: 0nw6VbYykPD6dDU2OaymvB7OC0PpJxU8piQIyOJAq3w=
Subject key identifier: B9:33:76:54:0B:E3:A2:C5:68:6D:7F:DD:43:63:8D:DA:57:B8:B0:3C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 019EA1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E84059C20CAC11F19C0CCF79DAE4EC9C.roa
Signing time: Wed 18 Feb 2026 09:33:40 +0000
ROA not before: Wed 18 Feb 2026 09:33:35 +0000
ROA not after: Sat 05 Sep 2026 09:33:35 +0000
asID: 21859
IP address blocks: 156.229.120.0/24 maxlen: 24
156.229.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 24 Feb 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106145 (0x19ea1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 18 09:33:35 2026 GMT
Not After : Sep 5 09:33:35 2026 GMT
Subject: CN=69958774-65c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0c:3b:92:2c:3d:77:31:14:f9:df:b2:28:54:
b2:5d:cb:6a:a8:a6:66:c2:21:ff:2a:ce:e7:20:91:
49:a4:93:19:3e:e0:7f:0c:4b:81:37:95:27:d1:32:
f3:08:b9:df:b9:60:17:3a:b8:9c:b6:01:bb:de:cb:
9a:c8:ab:23:35:af:58:2b:45:53:92:33:29:20:a1:
71:7a:8f:88:93:3a:fe:53:26:18:af:f6:31:df:77:
df:a2:4e:bb:87:43:cf:2a:25:38:b4:98:42:93:e0:
2f:4c:b8:3f:59:13:1d:41:53:d8:db:f5:d4:c0:8e:
c5:b4:9a:58:17:96:ba:fe:4a:d3:d5:88:f8:25:95:
7f:bd:fd:92:bd:64:78:dd:2a:00:60:bc:3f:eb:85:
08:98:3b:ca:e2:ef:37:f3:19:35:9c:3d:5b:ae:fc:
78:e5:98:47:da:53:d3:cf:73:85:79:de:7a:28:9d:
d3:c4:f9:d8:67:d6:6e:39:bf:17:4a:06:1d:d4:7b:
76:ac:2d:1b:ae:f3:75:58:44:5c:c5:10:15:32:5b:
98:81:3b:28:cc:ca:38:6f:6f:91:95:82:f3:c8:c9:
d1:2d:57:f7:37:f0:b1:af:42:c6:d7:16:3a:25:b3:
fd:3f:62:6a:f6:ee:64:83:86:c5:72:cb:37:5f:67:
bf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:33:76:54:0B:E3:A2:C5:68:6D:7F:DD:43:63:8D:DA:57:B8:B0:3C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E84059C20CAC11F19C0CCF79DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.120.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:88:95:2e:af:d7:a1:93:f5:3f:8d:31:df:d7:80:ce:5f:ea:
7a:33:4d:17:64:4f:1b:df:04:39:97:fd:97:46:8d:24:c6:a0:
06:6d:37:55:4b:38:1d:29:e1:82:13:f9:95:f1:86:c7:e5:6b:
c3:d0:a3:29:e6:8e:32:98:e8:08:f0:54:01:a1:99:68:94:da:
58:27:81:37:16:cd:00:fb:1c:9c:bf:5b:92:e6:4f:94:ba:39:
8b:07:40:9c:a6:4b:ce:cf:41:be:10:05:da:bc:f8:da:7f:69:
9a:0a:f6:1c:ce:95:fe:37:c8:fc:25:34:64:41:29:12:db:88:
26:38:2d:59:2d:a4:ed:d8:a9:da:3c:de:c5:a6:bf:e3:2e:55:
d6:a5:86:f8:32:86:ab:2c:e9:6c:9f:d3:77:66:27:19:eb:56:
d0:b5:2d:e5:c1:73:91:94:74:19:97:f8:3a:7c:55:8e:2f:be:
50:50:3a:37:70:39:79:74:78:90:11:aa:56:c7:96:64:0f:2c:
20:4d:4f:eb:5c:2b:d1:db:82:27:9c:9b:41:a3:73:1c:51:0d:
49:c4:60:fb:75:ca:e7:52:2b:a4:56:46:03:ce:32:82:be:ba:
7b:6c:13:70:b5:9c:3f:83:67:f9:2c:0f:13:41:15:58:37:a5:
15:85:fd:e8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAZ6hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjE4MDkzMzM1WhcNMjYwOTA1MDkzMzM1WjAYMRYw
FAYDVQQDEw02OTk1ODc3NC02NWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvAw7kiw9dzEU+d+yKFSyXctqqKZmwiH/Ks7nIJFJpJMZPuB/DEuBN5Un
0TLzCLnfuWAXOrictgG73suayKsjNa9YK0VTkjMpIKFxeo+Ikzr+UyYYr/Yx33ff
ok67h0PPKiU4tJhCk+AvTLg/WRMdQVPY2/XUwI7FtJpYF5a6/krT1Yj4JZV/vf2S
vWR43SoAYLw/64UImDvK4u838xk1nD1brvx45ZhH2lPTz3OFed56KJ3TxPnYZ9Zu
Ob8XSgYd1Ht2rC0brvN1WERcxRAVMluYgTsozMo4b2+RlYLzyMnRLVf3N/Cxr0LG
1xY6JbP9P2Jq9u5kg4bFcss3X2e/JwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLkz
dlQL46LFaG1/3UNjjdpXuLA8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FODQwNTlDMjBDQUMxMUYxOUMwQ0NGNzlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOV4MA0GCSqGSIb3DQEBCwUA
A4IBAQALiJUur9ehk/U/jTHf14DOX+p6M00XZE8b3wQ5l/2XRo0kxqAGbTdVSzgd
KeGCE/mV8YbH5WvD0KMp5o4ymOgI8FQBoZlolNpYJ4E3Fs0A+xycv1uS5k+UujmL
B0CcpkvOz0G+EAXavPjaf2maCvYczpX+N8j8JTRkQSkS24gmOC1ZLaTt2KnaPN7F
pr/jLlXWpYb4MoarLOlsn9N3ZicZ61bQtS3lwXORlHQZl/g6fFWOL75QUDo3cDl5
dHiQEapWx5ZkDywgTU/rXCvR24InnJtBo3McUQ1JxGD7dcrnUiukVkYDzjKCvrp7
bBNwtZw/g2f5LA8TQRVYN6UVhf3o
-----END CERTIFICATE-----
Generated at Sun Feb 22 22:01:00 2026 by rpki-client