Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3187BE720E6511F1B27E0F90DAE4EC9C.roa
File: 3187BE720E6511F1B27E0F90DAE4EC9C.roa (raw, json)
Hash identifier: hfkv2j+S7fdPxi8UEdLwuFlLfS+f/aqOCH6WIDvpCN4=
Subject key identifier: 77:FE:10:E0:8E:C4:A3:1A:F8:FE:CD:B0:26:8A:94:AE:70:B1:CD:16
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 019EE8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3187BE720E6511F1B27E0F90DAE4EC9C.roa
Signing time: Fri 20 Feb 2026 14:05:21 +0000
ROA not before: Fri 20 Feb 2026 14:05:16 +0000
ROA not after: Thu 26 Mar 2026 14:05:16 +0000
asID: 274728
IP address blocks: 156.235.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106216 (0x19ee8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 20 14:05:16 2026 GMT
Not After : Mar 26 14:05:16 2026 GMT
Subject: CN=69986a21-093e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:56:97:0d:6e:ae:dd:4a:30:01:ec:34:1b:40:
89:2d:d3:cf:4a:47:08:18:64:8e:8c:0d:40:fa:dd:
36:c1:1d:ec:4e:82:13:14:10:4f:95:0b:52:74:de:
66:01:96:0a:43:5c:b2:ec:96:e6:da:ce:1b:3e:69:
61:f5:27:e9:44:b5:ad:c0:61:ae:94:78:16:3c:0a:
e8:10:7f:e0:94:7c:7f:98:f6:54:6b:81:e6:b1:f0:
03:40:c8:3f:6a:0e:d2:05:bf:15:f2:5e:c1:9b:f5:
01:ae:a5:44:30:5d:7c:ce:2b:7b:bb:31:36:fb:35:
6e:72:5b:fe:02:74:1a:4a:74:0c:53:87:67:93:c1:
c1:46:14:76:da:57:4c:30:97:a1:e1:0c:b1:e0:db:
da:e6:5b:3f:f0:13:e6:b9:c3:18:7d:b2:a2:fa:e9:
52:8e:71:f7:0b:7c:4a:c5:2d:a5:89:67:3d:97:ef:
9f:e0:02:74:16:29:81:a0:88:29:f1:a8:04:59:a6:
12:11:3d:5c:6b:82:f7:dc:e9:0e:b6:90:fe:8b:e3:
cb:f2:3f:75:23:f9:79:0a:a3:74:b6:4c:47:93:68:
8d:34:4e:52:fb:d2:12:8a:2c:3f:91:5a:c8:0c:6f:
77:94:f0:9f:c3:ab:b0:2b:c6:71:2c:09:07:e1:ed:
0d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:FE:10:E0:8E:C4:A3:1A:F8:FE:CD:B0:26:8A:94:AE:70:B1:CD:16
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3187BE720E6511F1B27E0F90DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.49.0/24
Signature Algorithm: sha256WithRSAEncryption
76:19:c2:af:a2:a6:be:d5:81:6c:9f:85:5b:27:c1:54:2c:09:
2f:4f:3e:06:d8:d3:26:90:ff:41:ec:6f:c3:61:b9:10:a1:0b:
e9:b9:d8:78:06:13:d3:e5:6c:86:e5:eb:69:f5:f2:90:53:e3:
92:85:89:a9:1a:99:14:04:05:97:72:26:50:26:17:0a:db:9e:
89:0f:3b:2a:f9:e0:49:71:47:b5:a7:5b:b5:ff:7f:99:18:a1:
9c:1b:27:dc:6e:55:62:fc:bb:91:85:94:97:59:95:f8:96:14:
50:f3:eb:1b:13:5f:d2:3c:7c:90:5a:e0:4f:4f:16:b3:42:79:
97:04:eb:89:90:69:76:08:72:b2:8e:33:2d:82:22:e8:43:95:
d5:00:c6:a1:af:11:fd:28:18:bf:a2:29:11:b2:c8:51:24:02:
8d:58:7f:50:26:da:c8:fa:5c:22:2d:98:64:49:0b:44:69:7c:
22:db:9d:6a:aa:de:f0:f4:0d:f7:4f:8a:31:55:a7:8c:8b:4b:
91:8f:e0:76:db:cf:d9:b3:b4:a2:4b:97:81:08:de:f5:3b:21:
1a:84:e7:97:4b:2c:a9:d5:f1:94:bf:42:13:38:f7:89:7e:6d:
78:ab:11:e4:1e:d6:21:3b:fe:26:19:57:1b:6b:dd:9b:12:f1:
18:af:40:bc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAZ7oMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjIwMTQwNTE2WhcNMjYwMzI2MTQwNTE2WjAYMRYw
FAYDVQQDEw02OTk4NmEyMS0wOTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyVaXDW6u3UowAew0G0CJLdPPSkcIGGSOjA1A+t02wR3sToITFBBPlQtS
dN5mAZYKQ1yy7Jbm2s4bPmlh9SfpRLWtwGGulHgWPAroEH/glHx/mPZUa4HmsfAD
QMg/ag7SBb8V8l7Bm/UBrqVEMF18zit7uzE2+zVuclv+AnQaSnQMU4dnk8HBRhR2
2ldMMJeh4Qyx4Nva5ls/8BPmucMYfbKi+ulSjnH3C3xKxS2liWc9l++f4AJ0FimB
oIgp8agEWaYSET1ca4L33OkOtpD+i+PL8j91I/l5CqN0tkxHk2iNNE5S+9ISiiw/
kVrIDG93lPCfw6uwK8ZxLAkH4e0NJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHf+
EOCOxKMa+P7NsCaKlK5wsc0WMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMTg3QkU3MjBFNjUxMUYxQjI3RTBGOTBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOsxMA0GCSqGSIb3DQEBCwUA
A4IBAQB2GcKvoqa+1YFsn4VbJ8FULAkvTz4G2NMmkP9B7G/DYbkQoQvpudh4BhPT
5WyG5etp9fKQU+OShYmpGpkUBAWXciZQJhcK256JDzsq+eBJcUe1p1u1/3+ZGKGc
GyfcblVi/LuRhZSXWZX4lhRQ8+sbE1/SPHyQWuBPTxazQnmXBOuJkGl2CHKyjjMt
giLoQ5XVAMahrxH9KBi/oikRsshRJAKNWH9QJtrI+lwiLZhkSQtEaXwi251qqt7w
9A33T4oxVaeMi0uRj+B228/Zs7SiS5eBCN71OyEahOeXSyyp1fGUv0ITOPeJfm14
qxHkHtYhO/4mGVcba92bEvEYr0C8
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:56:48 2026 by rpki-client