Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF097CAE161E11F194DC137EDAE4EC9C.roa
File: EF097CAE161E11F194DC137EDAE4EC9C.roa (raw, json)
Hash identifier: FVbGSBYCM+SgHqCEf795ryEMRnBvnJpk59qZ+mbEdmg=
Subject key identifier: 4D:33:D2:33:6E:8E:5F:17:56:B8:25:8D:FC:14:34:B6:9B:5F:53:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A1C4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF097CAE161E11F194DC137EDAE4EC9C.roa
Signing time: Mon 02 Mar 2026 10:02:34 +0000
ROA not before: Mon 02 Mar 2026 10:02:30 +0000
ROA not after: Sat 04 Apr 2026 10:02:30 +0000
asID: 18013
IP address blocks: 156.234.0.0/24 maxlen: 32
156.234.7.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Mar 2026 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106948 (0x1a1c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 2 10:02:30 2026 GMT
Not After : Apr 4 10:02:30 2026 GMT
Subject: CN=69a5603a-0cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e6:93:c8:1e:bc:2a:d7:fa:b2:a7:d1:75:b0:
da:cd:4e:40:37:79:55:91:ca:f4:5c:3a:19:c1:14:
6c:ea:9a:8d:39:22:2a:ba:2e:2f:a2:48:78:58:de:
3b:3e:ba:f7:2f:79:5f:61:2a:26:a2:1a:af:10:62:
6c:1d:c6:1f:fc:f6:5e:8f:f1:3f:54:fc:74:49:35:
e7:a3:96:c8:bc:1a:ba:df:33:ff:18:85:94:cd:50:
53:ce:63:c2:24:b1:f2:75:c2:be:b6:49:33:a0:4e:
e5:fe:88:36:37:50:ae:a9:25:05:9b:77:8d:73:86:
99:a4:8a:8e:b1:1e:5e:2d:17:4c:33:4e:a3:d2:48:
19:a9:e6:d3:fd:93:ff:b1:51:6e:ad:a4:04:8e:c1:
4d:6d:27:12:b1:ac:f7:54:89:a1:2d:76:fb:d0:55:
1f:49:63:50:ba:5f:93:5e:5c:99:52:ad:b6:45:a6:
f2:a8:d9:b6:ae:53:a6:af:47:b0:9e:43:fc:44:c4:
da:c4:82:ba:8c:cb:67:3a:19:f7:6e:60:38:77:cb:
be:b9:29:3b:71:f1:ae:01:02:c3:37:1e:31:9b:d0:
75:12:02:ed:e0:70:ce:47:49:c0:d1:1b:0c:85:69:
3b:70:d8:63:11:07:78:68:fb:45:d6:2d:22:7b:89:
30:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:33:D2:33:6E:8E:5F:17:56:B8:25:8D:FC:14:34:B6:9B:5F:53:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF097CAE161E11F194DC137EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/24
156.234.7.0/24
Signature Algorithm: sha256WithRSAEncryption
54:68:71:1d:ef:43:9c:86:88:95:e9:cf:e4:56:03:b2:de:0a:
de:18:89:67:4c:5a:70:e8:37:e1:a0:f0:9f:5f:7d:b4:dc:e7:
46:5f:46:34:8d:35:88:19:02:70:c7:b5:87:55:78:a2:09:dc:
ba:e1:a1:ba:e1:96:8c:b0:b0:52:47:14:d6:c2:15:d6:91:0d:
87:46:99:21:17:65:4c:1d:bf:46:8b:31:a2:25:f8:e4:37:7e:
35:a9:89:77:72:f0:0a:30:51:a3:df:44:a9:12:17:92:7b:89:
ee:d0:a1:7e:e2:e8:76:05:18:ba:6c:d6:0a:86:0e:61:4a:ce:
62:7b:6c:76:ce:65:98:e5:45:be:03:f7:b5:f6:c5:51:be:3b:
df:5d:4f:7d:5f:0b:f3:41:56:1f:6c:c0:1e:28:76:28:1c:d0:
ea:3a:26:e6:9e:2d:6d:9a:7a:1f:1d:31:4f:f1:da:2c:18:2d:
55:17:56:aa:f4:00:49:5c:c2:79:5b:5c:66:db:81:ab:a2:d5:
19:ff:e1:96:44:6a:90:4b:32:7c:29:66:f7:5d:e7:9d:ec:09:
a1:1b:f5:2b:f8:9d:74:5b:52:06:f4:6e:f1:c0:46:f2:13:13:
70:89:1d:16:c2:d5:6b:5f:38:6a:99:f1:08:7d:5f:52:0f:65:
da:7e:0e:96
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAaHEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzAyMTAwMjMwWhcNMjYwNDA0MTAwMjMwWjAYMRYw
FAYDVQQDEw02OWE1NjAzYS0wY2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx+aTyB68Ktf6sqfRdbDazU5AN3lVkcr0XDoZwRRs6pqNOSIqui4vokh4
WN47Prr3L3lfYSomohqvEGJsHcYf/PZej/E/VPx0STXno5bIvBq63zP/GIWUzVBT
zmPCJLHydcK+tkkzoE7l/og2N1CuqSUFm3eNc4aZpIqOsR5eLRdMM06j0kgZqebT
/ZP/sVFuraQEjsFNbScSsaz3VImhLXb70FUfSWNQul+TXlyZUq22RabyqNm2rlOm
r0ewnkP8RMTaxIK6jMtnOhn3bmA4d8u+uSk7cfGuAQLDNx4xm9B1EgLt4HDOR0nA
0RsMhWk7cNhjEQd4aPtF1i0ie4kwCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE0z
0jNujl8XVrgljfwUNLabX1M/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRjA5N0NBRTE2MUUxMUYxOTREQzEzN0VEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOoAAwQAnOoHMA0GCSqGSIb3
DQEBCwUAA4IBAQBUaHEd70OchoiV6c/kVgOy3greGIlnTFpw6DfhoPCfX3203OdG
X0Y0jTWIGQJwx7WHVXiiCdy64aG64ZaMsLBSRxTWwhXWkQ2HRpkhF2VMHb9GizGi
JfjkN341qYl3cvAKMFGj30SpEheSe4nu0KF+4uh2BRi6bNYKhg5hSs5ie2x2zmWY
5UW+A/e19sVRvjvfXU99XwvzQVYfbMAeKHYoHNDqOibmni1tmnofHTFP8dosGC1V
F1aq9ABJXMJ5W1xm24GrotUZ/+GWRGqQSzJ8KWb3Xeed7AmhG/Ur+J10W1IG9G7x
wEbyExNwiR0WwtVrXzhqmfEIfV9SD2Xafg6W
-----END CERTIFICATE-----
Generated at Wed Mar 4 11:16:34 2026 by rpki-client