Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25A9B19E13C611F1982F3696DAE4EC9C.roa
File: 25A9B19E13C611F1982F3696DAE4EC9C.roa (raw, json)
Hash identifier: 0X5cpxjFV/sFrdDl6GpUizYWwALrPK24x/h/MYELk0E=
Subject key identifier: D9:18:0C:12:55:AD:14:E2:19:0F:42:9B:5A:A1:12:68:0B:FB:AF:75
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A126
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25A9B19E13C611F1982F3696DAE4EC9C.roa
Signing time: Fri 27 Feb 2026 10:21:58 +0000
ROA not before: Fri 27 Feb 2026 10:21:54 +0000
ROA not after: Sun 08 Mar 2026 10:21:54 +0000
asID: 6079
IP address blocks: 156.239.16.0/24 maxlen: 24
156.239.23.0/24 maxlen: 24
156.239.55.0/24 maxlen: 24
156.253.0.0/24 maxlen: 24
156.253.48.0/24 maxlen: 24
156.253.49.0/24 maxlen: 24
156.253.50.0/24 maxlen: 24
156.253.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106790 (0x1a126)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 27 10:21:54 2026 GMT
Not After : Mar 8 10:21:54 2026 GMT
Subject: CN=69a17046-9bc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e8:fd:8d:a2:39:44:41:d9:e9:ec:57:91:17:
fd:03:62:6d:f4:e6:9a:86:4a:8c:7f:04:92:3d:de:
bc:f7:fa:fb:72:13:a9:f8:f5:af:cd:37:66:6f:56:
3e:7b:74:13:45:ce:e2:99:75:cc:36:ce:26:59:7c:
f4:d9:cb:c5:cc:9d:03:2c:d9:ec:a4:c3:fa:22:5b:
d9:8b:a2:cb:b8:64:dc:cd:c4:aa:b6:97:95:c3:3b:
19:52:5d:90:ad:d6:e8:e4:a2:af:f8:82:7a:3b:e8:
41:40:e1:22:db:74:89:5f:24:b7:63:6a:50:56:a2:
d3:52:5b:78:84:ec:d0:0f:80:19:b9:1a:8b:cc:a9:
41:cf:51:39:2b:91:47:fd:ce:60:57:77:26:be:8a:
40:9e:c4:91:2e:fe:79:84:ac:e6:b6:17:81:ca:cb:
ba:cd:3f:3d:c9:82:a1:19:74:86:64:21:b2:63:e8:
4a:27:58:54:33:c7:63:cb:33:6c:f0:b5:63:c4:a7:
22:09:fb:70:4d:12:5c:4e:15:10:1a:62:66:09:89:
ea:fd:46:0e:aa:ff:3d:96:dd:99:b4:6f:50:ad:5f:
57:a9:24:ae:f6:55:bb:e2:4d:6e:b8:2c:8a:bf:89:
4e:52:19:e8:f8:95:8b:61:5b:70:d1:46:5e:6d:b4:
7e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:18:0C:12:55:AD:14:E2:19:0F:42:9B:5A:A1:12:68:0B:FB:AF:75
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25A9B19E13C611F1982F3696DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.16.0/24
156.239.23.0/24
156.239.55.0/24
156.253.0.0/24
156.253.48.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:7f:39:d9:a7:2f:c8:c5:72:36:f6:e2:94:05:1a:80:74:d7:
0e:83:20:6d:fe:d6:f9:69:64:9d:f9:92:05:2b:db:5e:af:23:
98:70:52:02:0b:ba:1c:db:ab:46:a6:80:2d:4d:97:d2:2f:fb:
0c:23:b1:f5:76:6a:1e:ab:31:ca:c3:83:b5:6d:44:a2:9b:b0:
c6:98:ce:b2:1c:e7:76:94:dd:e0:a9:2d:59:4f:34:1f:b3:38:
31:eb:c0:6e:09:af:6c:51:c8:78:39:86:b4:09:c2:74:5b:09:
cf:3e:73:ab:f3:f5:8f:d7:a5:33:01:41:07:77:72:4f:ce:a2:
bf:dc:17:08:bd:d6:24:4f:85:81:e1:37:be:45:dc:82:20:26:
6c:4a:ce:8d:04:61:28:96:69:5a:e6:99:84:f1:e1:d6:07:44:
c7:dc:78:e6:87:19:e4:73:23:9e:ae:fc:42:93:a9:f9:4f:eb:
1e:e7:60:d2:a6:56:85:fa:79:0e:95:69:0f:ef:b5:37:c1:38:
84:f6:a0:d8:59:95:39:7b:3b:8e:2a:35:13:2d:1f:57:f1:4b:
9f:63:b4:fb:93:69:69:62:f2:96:11:9a:37:a9:f0:65:fd:7e:
ef:a8:06:34:06:a0:a5:8d:7b:1b:f3:05:1b:30:a9:19:f0:da:
26:de:a9:2d
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIDAaEmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjI3MTAyMTU0WhcNMjYwMzA4MTAyMTU0WjAYMRYw
FAYDVQQDEw02OWExNzA0Ni05YmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt+j9jaI5REHZ6exXkRf9A2Jt9OaahkqMfwSSPd689/r7chOp+PWvzTdm
b1Y+e3QTRc7imXXMNs4mWXz02cvFzJ0DLNnspMP6IlvZi6LLuGTczcSqtpeVwzsZ
Ul2Qrdbo5KKv+IJ6O+hBQOEi23SJXyS3Y2pQVqLTUlt4hOzQD4AZuRqLzKlBz1E5
K5FH/c5gV3cmvopAnsSRLv55hKzmtheBysu6zT89yYKhGXSGZCGyY+hKJ1hUM8dj
yzNs8LVjxKciCftwTRJcThUQGmJmCYnq/UYOqv89lt2ZtG9QrV9XqSSu9lW74k1u
uCyKv4lOUhno+JWLYVtw0UZebbR+gQIDAQABo4ICujCCArYwHQYDVR0OBBYEFNkY
DBJVrRTiGQ9Cm1qhEmgL+691MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNUE5QjE5RTEzQzYxMUYxOTgyRjM2OTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAnO8QAwQAnO8XAwQAnO83AwQA
nP0AAwQCnP0wMA0GCSqGSIb3DQEBCwUAA4IBAQBdfznZpy/IxXI29uKUBRqAdNcO
gyBt/tb5aWSd+ZIFK9teryOYcFICC7oc26tGpoAtTZfSL/sMI7H1dmoeqzHKw4O1
bUSim7DGmM6yHOd2lN3gqS1ZTzQfszgx68BuCa9sUch4OYa0CcJ0WwnPPnOr8/WP
16UzAUEHd3JPzqK/3BcIvdYkT4WB4Te+RdyCICZsSs6NBGEolmla5pmE8eHWB0TH
3HjmhxnkcyOervxCk6n5T+se52DSplaF+nkOlWkP77U3wTiE9qDYWZU5ezuOKjUT
LR9X8UufY7T7k2lpYvKWEZo3qfBl/X7vqAY0BqCljXsb8wUbMKkZ8Nom3qkt
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:42:59 2026 by rpki-client