Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1214FD0033FB11F18E56D604CF1D38B0.roa
File: 1214FD0033FB11F18E56D604CF1D38B0.roa (raw, json)
Hash identifier: /wbkBrSi0Wum3VMQ8gRK8NynSIxc3qhxyDNxPvJcShg=
Subject key identifier: 7D:58:B0:91:84:5F:CE:7C:4C:68:77:F7:69:43:36:73:8E:5C:1B:68
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AB38
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1214FD0033FB11F18E56D604CF1D38B0.roa
Signing time: Thu 09 Apr 2026 10:01:26 +0000
ROA not before: Thu 09 Apr 2026 10:01:21 +0000
ROA not after: Sun 19 Apr 2026 10:01:21 +0000
asID: 3257
IP address blocks: 156.228.7.0/24 maxlen: 24
156.228.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 10:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109368 (0x1ab38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 9 10:01:21 2026 GMT
Not After : Apr 19 10:01:21 2026 GMT
Subject: CN=69d778f6-b43e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:03:cc:74:e2:3c:a8:fa:e1:4e:d5:9f:e3:63:
87:75:07:40:32:db:0d:73:c4:3e:b2:f0:52:bd:71:
34:e6:5f:f5:61:87:d1:7c:aa:c7:ba:bb:f6:2c:54:
05:c0:92:70:82:ec:bd:a9:f4:41:30:b1:9c:78:29:
6b:ab:7d:85:cc:06:73:7f:d4:ad:dd:31:d6:17:8b:
50:d2:96:6c:3b:a0:29:6c:a9:6c:4b:be:7e:cd:ac:
b0:68:08:2f:90:b4:02:39:38:41:49:96:af:1a:18:
b6:80:ea:c7:c9:7f:2c:b2:39:29:8b:92:a8:16:f8:
e6:f8:a5:05:a1:dc:80:fb:40:0c:67:66:86:a1:7a:
63:c3:5e:fb:d1:5b:83:1f:1f:ad:d2:6f:b2:f9:81:
bb:90:e9:4b:13:b3:93:16:55:5a:58:b6:6f:8a:73:
ca:63:bf:72:1e:5a:6a:df:a5:45:31:23:fb:ba:c0:
91:f1:93:07:2f:0a:84:68:f7:da:f0:1d:34:31:cb:
0f:ff:1c:f9:ff:e2:0b:81:1b:c4:03:b2:76:39:12:
6e:34:42:6f:83:34:0e:db:54:41:90:5b:9a:d9:97:
e9:9f:ed:73:c0:88:5f:65:3c:d4:46:27:31:62:c4:
34:ad:8a:bf:07:4e:e5:f4:e2:f6:00:c3:ca:9b:56:
b6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:58:B0:91:84:5F:CE:7C:4C:68:77:F7:69:43:36:73:8E:5C:1B:68
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1214FD0033FB11F18E56D604CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.7.0/24
156.228.9.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:a0:39:3a:19:03:98:b9:d9:69:3c:49:7e:fd:a4:3f:73:af:
c4:5a:e1:7c:52:9c:0f:a7:25:48:ef:55:a1:d4:d8:82:76:5d:
71:bd:ed:fa:f5:d1:78:21:81:d9:7b:69:58:4d:e9:ad:65:d8:
5d:22:83:20:28:cf:b4:74:b9:3c:3a:28:21:f3:8f:1b:44:02:
c9:72:d6:91:69:f1:6d:68:7a:00:71:b2:93:e0:f1:87:ed:cc:
09:51:ff:50:8a:dd:ed:62:51:e4:04:b2:a7:55:53:5a:81:6e:
8d:27:cd:82:e6:7b:18:83:8f:33:71:39:d4:70:a3:5b:04:a3:
1c:1b:dc:5a:ff:1e:04:64:38:98:b6:1d:5f:ca:b8:00:da:1f:
58:42:94:55:ab:8d:84:ac:a4:f7:af:2e:3a:d2:ee:06:d2:bc:
cb:93:68:4a:83:8f:dc:7e:6b:d8:ee:70:31:1b:0f:b4:f7:05:
6e:a5:0e:83:77:39:81:af:23:09:9b:44:12:32:77:44:cd:6a:
1f:f8:1b:30:e8:6b:b5:5c:b8:90:83:41:90:6c:44:a9:d7:c8:
dc:96:49:52:3f:c5:e4:80:6d:f7:99:87:f9:cc:e2:65:98:44:
06:65:d1:69:e9:49:d2:6a:14:ae:81:f1:02:7b:9e:4a:bb:69:
b2:67:f4:0e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAas4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDA5MTAwMTIxWhcNMjYwNDE5MTAwMTIxWjAYMRYw
FAYDVQQDEw02OWQ3NzhmNi1iNDNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvAPMdOI8qPrhTtWf42OHdQdAMtsNc8Q+svBSvXE05l/1YYfRfKrHurv2
LFQFwJJwguy9qfRBMLGceClrq32FzAZzf9St3THWF4tQ0pZsO6ApbKlsS75+zayw
aAgvkLQCOThBSZavGhi2gOrHyX8ssjkpi5KoFvjm+KUFodyA+0AMZ2aGoXpjw177
0VuDHx+t0m+y+YG7kOlLE7OTFlVaWLZvinPKY79yHlpq36VFMSP7usCR8ZMHLwqE
aPfa8B00McsP/xz5/+ILgRvEA7J2ORJuNEJvgzQO21RBkFua2Zfpn+1zwIhfZTzU
RicxYsQ0rYq/B07l9OL2AMPKm1a2qwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH1Y
sJGEX858TGh392lDNnOOXBtoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMjE0RkQwMDMzRkIxMUYxOEU1NkQ2MDRDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOQHAwQAnOQJMA0GCSqGSIb3
DQEBCwUAA4IBAQAPoDk6GQOYudlpPEl+/aQ/c6/EWuF8UpwPpyVI71Wh1NiCdl1x
ve369dF4IYHZe2lYTemtZdhdIoMgKM+0dLk8Oigh848bRALJctaRafFtaHoAcbKT
4PGH7cwJUf9Qit3tYlHkBLKnVVNagW6NJ82C5nsYg48zcTnUcKNbBKMcG9xa/x4E
ZDiYth1fyrgA2h9YQpRVq42ErKT3ry460u4G0rzLk2hKg4/cfmvY7nAxGw+09wVu
pQ6DdzmBryMJm0QSMndEzWof+Bsw6Gu1XLiQg0GQbESp18jclklSP8XkgG33mYf5
zOJlmEQGZdFp6UnSahSugfECe55Ku2myZ/QO
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:47:47 2026 by rpki-client