Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D9CBDFA067D11F18DF255F0DAE4EC9C.roa
File: 4D9CBDFA067D11F18DF255F0DAE4EC9C.roa (raw, json)
Hash identifier: urpOV4MEnxnMlI7L3JMVFYVIdFUcuIAErusFMAhHpY8=
Subject key identifier: 05:17:A8:C2:8D:56:5D:4F:41:47:5B:BA:B2:A9:20:61:29:F7:81:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 019CAB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D9CBDFA067D11F18DF255F0DAE4EC9C.roa
Signing time: Tue 10 Feb 2026 12:37:47 +0000
ROA not before: Tue 10 Feb 2026 12:37:40 +0000
ROA not after: Mon 08 Mar 2027 12:37:40 +0000
asID: 152920
IP address blocks: 156.231.3.0/24 maxlen: 24
156.231.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105643 (0x19cab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 10 12:37:40 2026 GMT
Not After : Mar 8 12:37:40 2027 GMT
Subject: CN=698b269b-9561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f8:9d:93:39:8e:1c:f5:6b:cd:5c:0b:b3:cf:
8d:54:43:56:ab:dc:b5:3e:1e:13:6f:50:af:08:94:
11:63:dd:ff:ed:c0:00:5a:0c:66:64:68:03:b6:61:
9e:7f:22:4a:18:3b:50:6c:5b:da:87:4f:93:52:3e:
2a:c4:28:ee:38:5c:66:8c:99:3f:77:4e:ed:13:f1:
8f:3f:41:c7:c7:45:8b:49:d8:93:5d:30:42:6f:29:
0c:67:81:71:2a:9c:e3:04:0f:62:9d:db:a3:56:89:
2c:af:65:57:3a:8e:2e:df:33:86:e8:ee:f2:89:28:
3a:0a:3b:1e:d7:ba:fe:be:ff:cc:5a:fc:f2:fe:9d:
63:06:e9:00:26:d1:7b:20:7e:6f:a2:8a:64:56:d7:
bd:e5:ae:6c:f3:39:54:ab:b2:cc:30:59:2d:32:e4:
0b:56:b6:b5:9f:7e:89:5d:75:b2:14:a1:05:4e:ac:
14:7f:6f:21:be:aa:6a:6d:9d:71:80:a6:30:19:bb:
1a:6b:bc:80:06:6d:36:59:1c:56:e3:ab:f4:e7:c9:
78:00:3b:f3:14:5f:81:34:ff:20:22:b2:fd:8a:59:
ec:f5:29:e1:f6:35:9c:f0:33:55:c1:75:1e:92:02:
e5:34:74:8d:06:b9:51:26:3e:94:32:82:66:6e:14:
e2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:17:A8:C2:8D:56:5D:4F:41:47:5B:BA:B2:A9:20:61:29:F7:81:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D9CBDFA067D11F18DF255F0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.3.0/24
156.231.7.0/24
Signature Algorithm: sha256WithRSAEncryption
15:b9:6c:9f:31:6c:be:c8:8d:a2:3d:5a:33:e3:7f:f2:cb:19:
d4:18:f6:95:e8:92:34:cc:53:c0:a8:14:6f:ec:b3:4b:18:d9:
70:39:51:4d:4a:4f:78:a2:8d:68:b6:4a:e3:4a:53:d2:22:1f:
95:f6:86:0a:e3:e6:2d:aa:ab:83:f4:cf:bf:bd:85:79:19:85:
4e:48:d2:61:72:a1:7d:41:4f:5c:a0:56:1c:44:c6:1f:41:f2:
4f:c4:ab:17:ae:66:0c:19:3b:2d:21:68:75:83:4d:fa:d0:f3:
4b:32:9f:69:83:8e:8e:84:3c:e0:8f:70:cc:9a:82:82:ce:76:
2e:3e:29:93:a8:6c:1d:a8:b4:f4:fe:1a:ed:f8:2f:e4:55:1e:
64:9a:ff:08:39:22:94:b2:23:e5:64:a1:89:05:0d:ec:6f:b2:
a7:32:a5:13:9e:6f:c7:1b:f5:6c:1f:e4:7d:c6:6f:c9:dd:c9:
f5:02:f1:3f:ab:39:65:bd:00:2c:4e:06:ec:d2:fd:2b:e8:0e:
11:e1:45:b9:4b:47:7c:55:a1:d6:f4:3e:2e:bd:f9:05:fb:f5:
f6:17:0d:ef:f3:9e:5f:d5:a0:b9:a0:de:20:66:1c:04:13:16:
1a:ad:6f:2e:57:79:8f:9e:66:21:07:fa:3b:89:4d:ed:dc:3b:
bf:b6:e9:3c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAZyrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjEwMTIzNzQwWhcNMjcwMzA4MTIzNzQwWjAYMRYw
FAYDVQQDEw02OThiMjY5Yi05NTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApvidkzmOHPVrzVwLs8+NVENWq9y1Ph4Tb1CvCJQRY93/7cAAWgxmZGgD
tmGefyJKGDtQbFvah0+TUj4qxCjuOFxmjJk/d07tE/GPP0HHx0WLSdiTXTBCbykM
Z4FxKpzjBA9indujVoksr2VXOo4u3zOG6O7yiSg6Cjse17r+vv/MWvzy/p1jBukA
JtF7IH5voopkVte95a5s8zlUq7LMMFktMuQLVra1n36JXXWyFKEFTqwUf28hvqpq
bZ1xgKYwGbsaa7yABm02WRxW46v058l4ADvzFF+BNP8gIrL9ilns9Snh9jWc8DNV
wXUekgLlNHSNBrlRJj6UMoJmbhTi3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAUX
qMKNVl1PQUdburKpIGEp94EbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RDlDQkRGQTA2N0QxMUYxOERGMjU1RjBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOcDAwQAnOcHMA0GCSqGSIb3
DQEBCwUAA4IBAQAVuWyfMWy+yI2iPVoz43/yyxnUGPaV6JI0zFPAqBRv7LNLGNlw
OVFNSk94oo1otkrjSlPSIh+V9oYK4+YtqquD9M+/vYV5GYVOSNJhcqF9QU9coFYc
RMYfQfJPxKsXrmYMGTstIWh1g0360PNLMp9pg46OhDzgj3DMmoKCznYuPimTqGwd
qLT0/hrt+C/kVR5kmv8IOSKUsiPlZKGJBQ3sb7KnMqUTnm/HG/VsH+R9xm/J3cn1
AvE/qzllvQAsTgbs0v0r6A4R4UW5S0d8VaHW9D4uvfkF+/X2Fw3v855f1aC5oN4g
ZhwEExYarW8uV3mPnmYhB/o7iU3t3Du/tuk8
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:09:01 2026 by rpki-client