Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43140EE201D211F1826D22C2DAE4EC9C.roa
File: 43140EE201D211F1826D22C2DAE4EC9C.roa (raw, json)
Hash identifier: Urh96MLgPrTi1XnoRl6kiQ0iSVgmh1piDBzZ/fX8bR0=
Subject key identifier: 8F:0D:FE:C9:F3:15:A8:45:E0:7C:0D:B6:30:05:36:79:9F:46:EB:6D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 019BD9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43140EE201D211F1826D22C2DAE4EC9C.roa
Signing time: Wed 04 Feb 2026 14:03:20 +0000
ROA not before: Wed 04 Feb 2026 14:03:16 +0000
ROA not after: Tue 10 Mar 2026 14:03:16 +0000
asID: 395793
IP address blocks: 156.225.2.0/23 maxlen: 24
156.225.50.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105433 (0x19bd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 4 14:03:16 2026 GMT
Not After : Mar 10 14:03:16 2026 GMT
Subject: CN=698351a8-81ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e1:dd:b0:00:fd:a0:e7:fd:55:ba:70:17:d2:
de:92:50:07:86:10:db:88:7a:80:7b:0a:7f:e0:77:
1d:4d:57:6f:89:aa:a8:f8:1a:39:62:59:40:92:a9:
80:05:3f:4b:7e:ac:13:00:c2:e0:0c:72:b0:65:f7:
14:99:a2:ab:80:f3:40:6b:50:90:e6:34:07:31:c8:
6e:f5:28:71:51:4e:66:dc:be:39:44:fc:a3:36:58:
b8:e2:12:c4:08:18:29:df:c1:21:98:1a:5b:5c:2f:
5b:3b:03:b1:74:9f:7e:59:ef:3e:52:f2:f4:8f:42:
25:25:63:eb:ca:93:27:0e:cc:0b:55:ad:59:6b:09:
10:f4:57:f0:b7:75:a0:14:1e:94:8e:0a:0a:db:9b:
ce:1c:a6:c1:e2:90:aa:24:e4:e4:2f:6a:c3:15:67:
84:0a:05:f6:b6:ad:85:d3:dc:ec:cd:08:bb:c1:9d:
f3:ae:32:16:a6:3f:85:ed:38:bc:be:97:da:40:2a:
3e:2b:6a:e6:16:d1:3c:7c:8c:0c:9d:35:a1:d0:aa:
66:8e:34:bc:a7:4a:15:99:c3:56:3a:87:85:65:b7:
97:bb:3e:3b:4f:4e:7f:7f:06:14:fb:99:79:df:e0:
4b:c0:d7:e2:71:9f:50:5d:4a:58:e5:f4:8a:93:2b:
6c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:0D:FE:C9:F3:15:A8:45:E0:7C:0D:B6:30:05:36:79:9F:46:EB:6D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43140EE201D211F1826D22C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.2.0/23
156.225.50.0/23
Signature Algorithm: sha256WithRSAEncryption
74:94:d1:ce:a0:d0:84:f4:7a:2a:9d:f1:53:3b:0b:9c:f5:d7:
1e:0e:66:9d:6c:23:f9:7f:84:5e:51:a4:f6:38:f5:47:a8:cd:
2a:6a:06:0b:5f:1b:fa:16:6c:85:6f:fa:16:83:20:fa:3e:40:
c1:36:db:e6:2d:f7:6a:d4:92:61:40:67:c9:f9:0a:6e:d6:a3:
a3:5c:1e:2b:ec:36:00:8b:76:85:8e:24:7b:1c:2c:b2:fa:05:
d1:43:73:67:62:4d:1d:65:80:41:45:31:67:9a:df:82:60:be:
56:82:59:be:45:44:84:2f:fe:4c:93:25:e1:85:6b:c8:04:45:
2a:67:fd:f6:58:1f:49:e4:d0:89:82:96:2c:4b:5a:e3:d5:b5:
88:f7:ab:eb:d8:16:97:12:f4:9b:12:e5:21:be:ed:16:07:71:
6f:b8:74:e0:d6:df:77:7a:89:b9:63:4d:21:c1:8a:d2:d6:cc:
06:3e:b2:5f:70:ae:3d:74:c7:1b:01:21:57:dd:40:78:c2:c9:
21:ea:ec:40:fb:f5:b2:33:c4:84:41:51:dd:fe:ea:db:2f:b6:
79:16:f6:9b:c9:06:b6:8d:37:6b:22:2a:c4:82:bf:f3:05:88:
ff:93:16:f8:aa:fb:65:5a:62:a6:7f:4e:3c:1e:78:29:0a:88:
ce:53:52:7a
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAZvZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjA0MTQwMzE2WhcNMjYwMzEwMTQwMzE2WjAYMRYw
FAYDVQQDEw02OTgzNTFhOC04MWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuOHdsAD9oOf9VbpwF9LeklAHhhDbiHqAewp/4HcdTVdviaqo+Bo5YllA
kqmABT9LfqwTAMLgDHKwZfcUmaKrgPNAa1CQ5jQHMchu9ShxUU5m3L45RPyjNli4
4hLECBgp38EhmBpbXC9bOwOxdJ9+We8+UvL0j0IlJWPrypMnDswLVa1ZawkQ9Ffw
t3WgFB6UjgoK25vOHKbB4pCqJOTkL2rDFWeECgX2tq2F09zszQi7wZ3zrjIWpj+F
7Ti8vpfaQCo+K2rmFtE8fIwMnTWh0KpmjjS8p0oVmcNWOoeFZbeXuz47T05/fwYU
+5l53+BLwNficZ9QXUpY5fSKkyts6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI8N
/snzFahF4HwNtjAFNnmfRuttMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MzE0MEVFMjAxRDIxMUYxODI2RDIyQzJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnOECAwQBnOEyMA0GCSqGSIb3
DQEBCwUAA4IBAQB0lNHOoNCE9HoqnfFTOwuc9dceDmadbCP5f4ReUaT2OPVHqM0q
agYLXxv6FmyFb/oWgyD6PkDBNtvmLfdq1JJhQGfJ+Qpu1qOjXB4r7DYAi3aFjiR7
HCyy+gXRQ3NnYk0dZYBBRTFnmt+CYL5Wglm+RUSEL/5MkyXhhWvIBEUqZ/32WB9J
5NCJgpYsS1rj1bWI96vr2BaXEvSbEuUhvu0WB3FvuHTg1t93eom5Y00hwYrS1swG
PrJfcK49dMcbASFX3UB4wskh6uxA+/WyM8SEQVHd/urbL7Z5FvabyQa2jTdrIirE
gr/zBYj/kxb4qvtlWmKmf048HngpCojOU1J6
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:30:14 2026 by rpki-client