Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3D79E60364D11F1AC341718CF1D38B0.roa
File: A3D79E60364D11F1AC341718CF1D38B0.roa (raw, json)
Hash identifier: IDfjgw8Xb4EgCmSr3sx7MSeDvqjnDXXl9zKMitD13mo=
Subject key identifier: DD:45:3A:75:73:D7:A1:77:63:34:49:3E:38:82:FF:11:C7:11:55:71
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AC0D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3D79E60364D11F1AC341718CF1D38B0.roa
Signing time: Sun 12 Apr 2026 08:57:32 +0000
ROA not before: Sun 12 Apr 2026 08:57:26 +0000
ROA not after: Mon 18 May 2026 08:57:26 +0000
asID: 20326
IP address blocks: 156.245.164.0/22 maxlen: 24
156.245.172.0/22 maxlen: 24
156.249.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109581 (0x1ac0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 12 08:57:26 2026 GMT
Not After : May 18 08:57:26 2026 GMT
Subject: CN=69db5e7c-8454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0a:73:de:1a:6b:5f:a4:d2:a2:d0:e7:95:c5:
33:0f:3d:d5:ec:68:76:44:8b:49:d7:ca:bb:9a:a8:
da:b1:e6:5b:f9:1b:d4:c1:59:df:37:7d:99:03:04:
04:5d:2c:a5:58:7f:e3:05:f5:2a:45:f4:d5:ec:c3:
6c:07:8e:8b:6c:59:e5:f9:e4:7a:99:ae:a1:c6:1b:
b6:a6:10:48:72:df:e3:c3:0b:1c:2c:66:07:32:21:
08:21:5c:2f:f8:28:2b:af:98:dd:19:10:71:a9:79:
c5:d4:5a:08:35:f4:62:a0:9e:d6:c6:2e:32:32:90:
75:3f:27:63:92:48:96:e5:46:0b:92:31:35:fa:12:
9a:c8:10:19:f8:a0:68:e7:15:a8:6b:a7:4a:5b:10:
20:1a:65:f8:bc:b9:f3:97:11:1c:a2:fb:6a:b7:b5:
6f:ad:67:2d:25:5e:04:8d:c1:72:f0:7a:7a:07:03:
7b:45:79:c4:f7:5a:97:5c:36:7e:c7:3c:bf:7a:c9:
b4:31:61:81:ad:c1:6b:dc:9a:a1:28:7f:15:c2:0e:
69:c7:f3:e0:d9:2c:29:e4:ed:cf:c0:88:72:a7:2b:
78:08:4a:76:7b:e1:4a:fe:8b:dd:9a:58:3b:5d:a4:
29:11:42:c5:de:a9:cb:02:6f:69:6e:bc:28:d5:90:
4d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:45:3A:75:73:D7:A1:77:63:34:49:3E:38:82:FF:11:C7:11:55:71
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3D79E60364D11F1AC341718CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.164.0/22
156.245.172.0/22
156.249.124.0/22
Signature Algorithm: sha256WithRSAEncryption
84:83:f8:9f:de:de:1b:a2:bf:7a:12:10:76:cb:ff:72:79:0b:
54:71:ac:8d:b2:07:8f:f7:bf:09:57:96:6e:1d:74:fd:da:7d:
de:97:e1:cc:cc:a6:c6:8d:46:43:d8:82:09:61:46:46:57:a7:
df:63:f0:8e:67:e3:d9:d3:87:42:5a:3b:72:a1:de:8f:37:3a:
db:73:85:2c:a6:2a:63:e8:39:c9:15:c9:c5:95:2f:65:a1:dd:
66:28:a0:92:46:bb:f4:12:43:67:eb:2c:72:87:fe:1e:90:a5:
93:1b:aa:e1:b4:f6:19:9b:62:e0:19:6a:0b:84:d1:86:ec:6d:
9c:06:58:4d:9d:67:69:0f:be:96:d1:5a:41:4f:5f:90:bd:53:
77:b4:8d:f8:ab:1a:62:05:07:a0:56:65:22:51:33:3d:2f:fc:
a4:e7:15:c6:31:e4:e6:1d:85:97:45:97:63:4d:2c:7e:75:69:
36:ec:80:5f:7e:6e:13:b7:89:a2:6e:f5:b4:54:05:27:ce:97:
17:40:f2:8c:6a:e5:fe:f6:d9:da:66:3d:83:69:0e:3e:8a:e5:
d6:2c:77:44:39:71:8e:2a:22:44:5a:58:33:00:0b:6b:95:d0:
d1:0f:9d:41:80:f0:94:9a:48:fd:c4:66:d2:7f:5b:e8:da:ed:
f8:06:99:20
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAawNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDEyMDg1NzI2WhcNMjYwNTE4MDg1NzI2WjAYMRYw
FAYDVQQDEw02OWRiNWU3Yy04NDU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQpz3hprX6TSotDnlcUzDz3V7Gh2RItJ18q7mqjaseZb+RvUwVnfN32Z
AwQEXSylWH/jBfUqRfTV7MNsB46LbFnl+eR6ma6hxhu2phBIct/jwwscLGYHMiEI
IVwv+Cgrr5jdGRBxqXnF1FoINfRioJ7Wxi4yMpB1PydjkkiW5UYLkjE1+hKayBAZ
+KBo5xWoa6dKWxAgGmX4vLnzlxEcovtqt7VvrWctJV4EjcFy8Hp6BwN7RXnE91qX
XDZ+xzy/esm0MWGBrcFr3JqhKH8Vwg5px/Pg2Swp5O3PwIhypyt4CEp2e+FK/ovd
mlg7XaQpEULF3qnLAm9pbrwo1ZBNFwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFN1F
OnVz16F3YzRJPjiC/xHHEVVxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BM0Q3OUU2MDM2NEQxMUYxQUMzNDE3MThDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCnPWkAwQCnPWsAwQCnPl8MA0G
CSqGSIb3DQEBCwUAA4IBAQCEg/if3t4bor96EhB2y/9yeQtUcayNsgeP978JV5Zu
HXT92n3el+HMzKbGjUZD2IIJYUZGV6ffY/COZ+PZ04dCWjtyod6PNzrbc4Uspipj
6DnJFcnFlS9lod1mKKCSRrv0EkNn6yxyh/4ekKWTG6rhtPYZm2LgGWoLhNGG7G2c
BlhNnWdpD76W0VpBT1+QvVN3tI34qxpiBQegVmUiUTM9L/yk5xXGMeTmHYWXRZdj
TSx+dWk27IBffm4Tt4mibvW0VAUnzpcXQPKMauX+9tnaZj2DaQ4+iuXWLHdEOXGO
KiJEWlgzAAtrldDRD51BgPCUmkj9xGbSf1vo2u34Bpkg
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:41:52 2026 by rpki-client