Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25A1D4BC2A8011F1973F6D9FDAE4EC9C.roa
File: 25A1D4BC2A8011F1973F6D9FDAE4EC9C.roa (raw, json)
Hash identifier: ZewA5mtqpMwSINgRGhplhDoMvPfoANu0uR4w9hvojUE=
Subject key identifier: 35:1F:0E:6D:8C:8E:B5:6D:22:BA:39:1A:BA:30:F4:D5:19:F2:4A:D8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A7DB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25A1D4BC2A8011F1973F6D9FDAE4EC9C.roa
Signing time: Sat 28 Mar 2026 08:28:51 +0000
ROA not before: Sat 28 Mar 2026 08:28:45 +0000
ROA not after: Fri 01 May 2026 08:28:45 +0000
asID: 141167
IP address blocks: 156.225.0.0/23 maxlen: 24
156.225.12.0/23 maxlen: 24
156.228.3.0/24 maxlen: 24
156.238.2.0/23 maxlen: 24
156.254.120.0/22 maxlen: 24
156.254.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108507 (0x1a7db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 28 08:28:45 2026 GMT
Not After : May 1 08:28:45 2026 GMT
Subject: CN=69c79142-1916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:9f:e0:1e:42:28:23:9f:34:b4:c8:f5:56:c4:
15:5e:a3:0e:f6:35:3b:0f:e0:ad:ae:05:b0:05:cf:
49:f1:b5:8a:17:9b:7f:20:ab:74:39:02:16:4a:11:
ed:57:1f:1e:a7:a6:6b:aa:c7:32:93:b3:96:6c:3d:
86:52:ea:2c:16:22:4f:0d:e3:b6:ac:31:5f:1c:02:
4e:de:c7:57:bf:7a:4b:fe:e8:fd:85:92:50:56:28:
0c:71:10:52:78:61:23:da:cf:ab:6c:a9:cf:60:16:
07:2e:dd:76:e7:6d:80:ef:e9:81:dd:4f:00:d0:f6:
62:da:40:0d:a4:e2:e2:da:01:da:59:d6:7e:f9:f1:
71:01:c8:03:53:38:96:28:9d:f7:f6:31:2e:93:9e:
9a:63:fe:9e:67:a4:60:d3:dc:b3:aa:67:96:75:db:
c5:15:9b:2b:67:87:80:ac:80:34:1c:87:19:2d:5c:
21:24:31:82:51:69:cd:29:02:5f:9b:0a:37:7b:e8:
3d:ba:1d:c3:f7:4d:ed:60:51:dd:c6:b6:16:ce:98:
97:da:49:1a:55:f5:dc:f2:51:0e:f7:79:a5:82:e6:
64:5d:5d:80:3e:dd:33:c1:20:b8:c7:ce:1f:64:80:
96:9f:0c:58:1f:e6:67:1c:8b:f0:60:c1:57:cc:ca:
4f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1F:0E:6D:8C:8E:B5:6D:22:BA:39:1A:BA:30:F4:D5:19:F2:4A:D8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25A1D4BC2A8011F1973F6D9FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.0.0/23
156.225.12.0/23
156.228.3.0/24
156.238.2.0/23
156.254.120.0-156.254.125.255
Signature Algorithm: sha256WithRSAEncryption
64:df:5a:31:52:b9:66:40:cf:38:78:98:d4:ac:4a:03:28:9d:
6d:3f:5a:6a:1a:80:81:c9:ec:cb:50:2c:d8:48:77:95:9e:7f:
c9:95:f5:0e:98:8b:f9:64:2b:8b:f8:bb:9b:44:6b:10:a9:e0:
b9:c1:a6:fb:1f:48:4a:89:44:b9:be:67:bf:37:81:d8:83:e3:
1a:ad:b2:35:88:5b:c0:78:35:1c:6c:9d:f6:7a:d5:39:ff:86:
84:8f:fd:f7:56:c8:ea:62:7c:4c:70:c8:5b:62:3d:d3:96:49:
e6:8f:bf:b1:3e:fb:db:21:52:e1:0b:4d:d9:30:4d:ad:b9:3f:
db:a1:5b:33:47:d5:67:c7:3a:54:5b:45:86:2b:4a:ae:a5:5b:
39:b1:7f:65:ee:46:0c:fc:7e:27:c0:d3:35:a7:b5:fc:f8:73:
e4:89:0e:49:ab:90:b7:ef:cc:b6:9d:67:cf:6f:33:7f:8b:5a:
ef:00:69:29:61:8c:10:d3:04:1b:65:54:5c:f8:69:b4:06:6a:
aa:2a:9f:81:ac:e9:5e:47:7b:68:38:15:70:78:94:dc:22:45:
57:7e:39:f8:a1:dc:4e:c0:36:94:77:e8:51:62:fd:3f:f9:e1:
8d:08:c8:7b:86:2f:e6:30:5c:f0:81:cb:f5:53:34:e7:a5:47:
e6:2d:73:2e
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIDAafbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzI4MDgyODQ1WhcNMjYwNTAxMDgyODQ1WjAYMRYw
FAYDVQQDEw02OWM3OTE0Mi0xOTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9Z/gHkIoI580tMj1VsQVXqMO9jU7D+CtrgWwBc9J8bWKF5t/IKt0OQIW
ShHtVx8ep6Zrqscyk7OWbD2GUuosFiJPDeO2rDFfHAJO3sdXv3pL/uj9hZJQVigM
cRBSeGEj2s+rbKnPYBYHLt12522A7+mB3U8A0PZi2kANpOLi2gHaWdZ++fFxAcgD
UziWKJ339jEuk56aY/6eZ6Rg09yzqmeWddvFFZsrZ4eArIA0HIcZLVwhJDGCUWnN
KQJfmwo3e+g9uh3D903tYFHdxrYWzpiX2kkaVfXc8lEO93mlguZkXV2APt0zwSC4
x84fZICWnwxYH+ZnHIvwYMFXzMpP9QIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFDUf
Dm2MjrVtIro5Grow9NUZ8krYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNUExRDRCQzJBODAxMUYxOTczRjZEOUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBnOEAAwQBnOEMAwQAnOQDAwQB
nO4CMAwDBAOc/ngDBAGc/nwwDQYJKoZIhvcNAQELBQADggEBAGTfWjFSuWZAzzh4
mNSsSgMonW0/WmoagIHJ7MtQLNhId5Wef8mV9Q6Yi/lkK4v4u5tEaxCp4LnBpvsf
SEqJRLm+Z783gdiD4xqtsjWIW8B4NRxsnfZ61Tn/hoSP/fdWyOpifExwyFtiPdOW
SeaPv7E++9shUuELTdkwTa25P9uhWzNH1WfHOlRbRYYrSq6lWzmxf2XuRgz8fifA
0zWntfz4c+SJDkmrkLfvzLadZ89vM3+LWu8AaSlhjBDTBBtlVFz4abQGaqoqn4Gs
6V5He2g4FXB4lNwiRVd+Ofih3E7ANpR36FFi/T/54Y0IyHuGL+YwXPCBy/VTNOel
R+Ytcy4=
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:49:32 2026 by rpki-client