Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15B2C44A2EB211F1B89E0DC7DAE4EC9C.roa
File: 15B2C44A2EB211F1B89E0DC7DAE4EC9C.roa (raw, json)
Hash identifier: 2C9LaN5bRCsslYe37Fst2FcMIwUr4rgmB2V1/KNxB44=
Subject key identifier: 12:0A:E9:26:93:E8:3C:BC:0E:69:E2:2B:4A:6B:1D:C0:F2:CF:B8:E3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A96B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15B2C44A2EB211F1B89E0DC7DAE4EC9C.roa
Signing time: Thu 02 Apr 2026 16:36:23 +0000
ROA not before: Thu 02 Apr 2026 16:36:18 +0000
ROA not after: Thu 30 Apr 2026 16:36:18 +0000
asID: 17497
IP address blocks: 156.225.14.0/24 maxlen: 24
156.233.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108907 (0x1a96b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 2 16:36:18 2026 GMT
Not After : Apr 30 16:36:18 2026 GMT
Subject: CN=69ce9b07-a45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:53:5e:dc:36:7b:07:9d:45:eb:90:8e:ce:3c:
00:e5:35:dd:21:26:64:74:41:ca:fb:14:65:d0:52:
50:11:6a:64:f4:7b:5b:ba:c2:a9:aa:c6:6b:be:bf:
03:02:40:2a:61:ae:99:25:3e:9b:4f:ae:23:e2:d1:
60:6a:56:62:af:59:e1:58:4a:c1:79:41:9c:0b:8f:
e8:42:23:97:17:25:1a:f0:91:2f:c8:61:14:90:51:
1e:53:a7:c4:4c:38:35:c4:85:d1:75:51:31:f5:b7:
af:e8:90:e9:a4:35:c9:cf:bd:76:8c:f1:9e:94:41:
fd:d7:e2:4a:9d:2a:cf:2b:d1:3e:a2:e0:f1:d3:39:
88:0e:fc:a7:09:e9:51:73:f3:ca:fb:37:30:65:82:
12:7e:b8:10:db:a3:76:6d:39:66:5f:03:b2:36:86:
45:02:d3:b7:a0:fe:02:a6:4b:1c:1b:a2:b0:c4:39:
3b:36:37:e9:a2:0f:32:1b:b0:fd:5c:9f:9b:e9:99:
46:53:11:e9:26:5a:1e:c1:1d:1a:0d:87:3b:7c:e4:
96:b6:05:08:2d:9d:48:ab:48:4f:03:38:5d:e5:6d:
72:d9:14:0b:28:aa:7c:59:e6:37:f8:77:6b:b5:a0:
c9:23:de:b8:43:a3:00:a7:f4:5c:e0:ff:ef:6d:68:
dc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0A:E9:26:93:E8:3C:BC:0E:69:E2:2B:4A:6B:1D:C0:F2:CF:B8:E3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15B2C44A2EB211F1B89E0DC7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.14.0/24
156.233.3.0/24
Signature Algorithm: sha256WithRSAEncryption
58:28:20:34:16:f7:2e:b6:2c:58:a2:b4:6f:c5:a1:1a:35:7f:
c4:5b:72:82:85:8d:7f:dd:03:6c:b5:a3:7d:6c:d4:c8:75:8b:
21:c0:11:f5:03:d6:d5:ee:03:0b:36:9e:a7:1b:4d:df:f2:13:
47:18:01:f1:5c:e9:3a:a6:e8:e7:6f:a3:26:8b:a1:b1:c1:df:
43:27:2c:e4:b6:b4:3e:56:a7:c1:af:da:8e:f0:87:a6:55:f2:
25:b4:3c:72:03:94:84:57:1e:dc:74:1c:a5:94:6d:14:2a:8a:
8b:b9:9f:9d:ed:9b:bd:34:db:10:13:42:39:3b:5c:81:3b:81:
72:83:fc:ab:28:f1:0a:0d:de:41:ea:4b:35:51:2c:fa:7d:c0:
42:a8:a3:d0:4d:0e:cc:1e:5c:90:30:3f:98:de:d1:e3:97:ac:
76:c7:43:6a:43:30:e8:77:95:d4:bd:b7:1e:8a:2b:11:7e:12:
7f:d1:02:ce:9a:25:a4:ad:38:fa:ff:95:6d:b9:69:67:19:e6:
69:9a:54:2c:55:fb:2e:bd:ee:6f:27:5d:8e:69:d9:92:1b:9d:
d5:c1:80:65:c5:9b:03:30:ae:aa:ad:59:6b:19:29:d2:ab:ed:
47:08:86:f0:24:ad:ea:63:5e:7b:62:67:3d:9a:43:df:63:fa:
20:7b:06:8b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAalrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDAyMTYzNjE4WhcNMjYwNDMwMTYzNjE4WjAYMRYw
FAYDVQQDEw02OWNlOWIwNy1hNDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlFNe3DZ7B51F65COzjwA5TXdISZkdEHK+xRl0FJQEWpk9HtbusKpqsZr
vr8DAkAqYa6ZJT6bT64j4tFgalZir1nhWErBeUGcC4/oQiOXFyUa8JEvyGEUkFEe
U6fETDg1xIXRdVEx9bev6JDppDXJz712jPGelEH91+JKnSrPK9E+ouDx0zmIDvyn
CelRc/PK+zcwZYISfrgQ26N2bTlmXwOyNoZFAtO3oP4CpkscG6KwxDk7Njfpog8y
G7D9XJ+b6ZlGUxHpJloewR0aDYc7fOSWtgUILZ1Iq0hPAzhd5W1y2RQLKKp8WeY3
+HdrtaDJI964Q6MAp/Rc4P/vbWjcIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBIK
6SaT6Dy8DmniK0prHcDyz7jjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNUIyQzQ0QTJFQjIxMUYxQjg5RTBEQzdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOEOAwQAnOkDMA0GCSqGSIb3
DQEBCwUAA4IBAQBYKCA0FvcutixYorRvxaEaNX/EW3KChY1/3QNstaN9bNTIdYsh
wBH1A9bV7gMLNp6nG03f8hNHGAHxXOk6pujnb6Mmi6Gxwd9DJyzktrQ+VqfBr9qO
8IemVfIltDxyA5SEVx7cdByllG0UKoqLuZ+d7Zu9NNsQE0I5O1yBO4Fyg/yrKPEK
Dd5B6ks1USz6fcBCqKPQTQ7MHlyQMD+Y3tHjl6x2x0NqQzDod5XUvbceiisRfhJ/
0QLOmiWkrTj6/5VtuWlnGeZpmlQsVfsuve5vJ12OadmSG53VwYBlxZsDMK6qrVlr
GSnSq+1HCIbwJK3qY157Ymc9mkPfY/ogewaL
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:54:58 2026 by rpki-client