Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B865632115E11F1A1C32BD1DAE4EC9C.roa
File: 1B865632115E11F1A1C32BD1DAE4EC9C.roa (raw, json)
Hash identifier: H7ebwEWSvgRyftDXFdseZj7B+cyImUQrdy3Y6NTmt7E=
Subject key identifier: 08:D5:46:1A:27:9E:7A:69:A1:42:B3:F7:D3:B0:49:C3:D9:DB:46:7A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A00F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B865632115E11F1A1C32BD1DAE4EC9C.roa
Signing time: Tue 24 Feb 2026 08:52:11 +0000
ROA not before: Tue 24 Feb 2026 08:52:07 +0000
ROA not after: Mon 30 Mar 2026 08:52:07 +0000
asID: 35916
IP address blocks: 156.225.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106511 (0x1a00f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 24 08:52:07 2026 GMT
Not After : Mar 30 08:52:07 2026 GMT
Subject: CN=699d66bb-56d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ce:43:7b:48:6e:36:8c:00:6f:bc:a8:be:2a:
fb:da:1d:da:9f:5f:a9:4e:22:4a:a2:fc:85:b0:b6:
04:84:00:29:36:12:4a:90:60:81:dd:6b:dd:bf:54:
80:93:20:28:48:7b:71:2f:12:02:b8:fa:e5:71:44:
a3:8d:d7:cf:3e:ca:ce:dd:d8:47:17:3a:02:34:3a:
86:6a:d1:1e:2d:03:cd:e0:55:9d:37:53:6e:87:21:
d1:e1:21:ce:28:2a:3c:d3:af:50:ef:d4:b6:bf:33:
ac:41:ee:7a:12:1d:37:f9:72:53:fb:42:a3:3b:b0:
25:c3:5f:e0:a8:dc:36:21:eb:b5:29:2d:c8:14:06:
0c:54:00:01:ee:6c:55:41:5b:85:45:e2:74:a7:8e:
da:81:91:94:9a:d0:0b:44:da:99:5e:e7:f1:40:ba:
d0:ea:de:e2:ae:8a:57:f6:be:82:1d:1e:08:6b:53:
98:21:5c:7e:ef:33:2f:59:77:bc:f2:f9:82:1b:2c:
fc:0c:f6:1f:03:13:93:96:79:d2:bc:fd:a1:89:98:
15:57:00:a7:c0:a5:66:5e:23:70:45:e2:30:6a:49:
66:0f:e5:83:28:5a:ae:2f:e2:94:30:f0:94:5e:12:
40:ad:93:37:48:2c:99:eb:0e:9a:6c:54:17:9e:b3:
82:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D5:46:1A:27:9E:7A:69:A1:42:B3:F7:D3:B0:49:C3:D9:DB:46:7A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B865632115E11F1A1C32BD1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.192.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:e0:4e:b3:8c:ed:36:f2:35:88:bf:77:83:b2:6a:b1:e5:25:
49:14:ff:03:e5:f1:68:5d:a9:a8:62:d8:8a:f5:f6:f0:de:67:
fb:86:0b:69:ee:9e:08:a2:6c:5e:6a:d2:85:ea:93:44:4f:38:
e6:74:23:23:f2:35:40:8a:50:e7:75:21:53:32:2d:ab:a4:b4:
07:1e:67:34:6c:73:43:3d:42:f0:71:10:ab:4d:a9:d6:66:bd:
70:e1:ef:c0:97:d6:fc:d8:9e:dd:3e:fd:84:70:a9:a1:7e:cb:
54:2b:a6:07:27:53:9f:3d:08:85:c7:26:bb:be:8f:8a:85:dd:
6e:51:55:9e:b9:00:f4:6f:8d:88:97:c2:33:0f:d3:3d:55:1a:
1a:3c:4c:df:c5:a4:e2:fb:bb:f8:0c:ea:4c:3f:33:8d:03:64:
88:f9:2a:f5:53:a5:e8:7d:10:e1:85:28:7e:68:54:e7:da:8d:
70:f5:a7:86:f7:ed:11:b4:6e:16:15:71:72:bc:c2:18:7b:f3:
9e:c4:a3:ab:9e:64:f7:89:78:32:87:bf:34:e0:c9:31:f5:ab:
5f:a5:a8:bd:c3:af:36:9d:41:7b:7e:48:79:b3:5d:00:ac:4e:
d1:07:d0:99:bd:9d:47:8f:0a:b5:9a:bc:1a:fc:c1:28:77:e1:
c2:f2:f1:b5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaAPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjI0MDg1MjA3WhcNMjYwMzMwMDg1MjA3WjAYMRYw
FAYDVQQDEw02OTlkNjZiYi01NmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1s5De0huNowAb7yovir72h3an1+pTiJKovyFsLYEhAApNhJKkGCB3Wvd
v1SAkyAoSHtxLxICuPrlcUSjjdfPPsrO3dhHFzoCNDqGatEeLQPN4FWdN1NuhyHR
4SHOKCo8069Q79S2vzOsQe56Eh03+XJT+0KjO7Alw1/gqNw2Ieu1KS3IFAYMVAAB
7mxVQVuFReJ0p47agZGUmtALRNqZXufxQLrQ6t7iropX9r6CHR4Ia1OYIVx+7zMv
WXe88vmCGyz8DPYfAxOTlnnSvP2hiZgVVwCnwKVmXiNwReIwaklmD+WDKFquL+KU
MPCUXhJArZM3SCyZ6w6abFQXnrOC+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAjV
RhonnnppoUKz99OwScPZ20Z6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQjg2NTYzMjExNUUxMUYxQTFDMzJCRDFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnOHAMA0GCSqGSIb3DQEBCwUA
A4IBAQBK4E6zjO028jWIv3eDsmqx5SVJFP8D5fFoXamoYtiK9fbw3mf7hgtp7p4I
omxeatKF6pNETzjmdCMj8jVAilDndSFTMi2rpLQHHmc0bHNDPULwcRCrTanWZr1w
4e/Al9b82J7dPv2EcKmhfstUK6YHJ1OfPQiFxya7vo+Khd1uUVWeuQD0b42Il8Iz
D9M9VRoaPEzfxaTi+7v4DOpMPzONA2SI+Sr1U6XofRDhhSh+aFTn2o1w9aeG9+0R
tG4WFXFyvMIYe/OexKOrnmT3iXgyh7804Mkx9atfpai9w682nUF7fkh5s10ArE7R
B9CZvZ1Hjwq1mrwa/MEod+HC8vG1
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:50:34 2026 by rpki-client