Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A6DF60C2FC3A11F08022F1E6DAE4EC9C.roa
File: A6DF60C2FC3A11F08022F1E6DAE4EC9C.roa (raw, json)
Hash identifier: cHEugXrLtkAgHfs35AB9+wGkysHVQOfg1Cs6J0Txxu8=
Subject key identifier: FD:0B:8F:6D:DE:6C:02:6D:4D:87:1D:D9:02:59:35:A9:39:D8:D6:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 019A65
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A6DF60C2FC3A11F08022F1E6DAE4EC9C.roa
Signing time: Wed 28 Jan 2026 11:15:29 +0000
ROA not before: Wed 28 Jan 2026 11:15:23 +0000
ROA not after: Sat 07 Mar 2026 11:15:23 +0000
asID: 138195
IP address blocks: 156.234.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105061 (0x19a65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 28 11:15:23 2026 GMT
Not After : Mar 7 11:15:23 2026 GMT
Subject: CN=6979efd1-2acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ad:be:38:cc:32:82:12:2d:2c:21:1c:80:11:
cd:18:e5:8d:24:8a:60:bd:d8:e5:48:80:46:af:a8:
97:f6:97:40:ce:9e:eb:35:c5:19:a7:c0:c2:70:ab:
0a:64:e1:62:13:18:5e:25:54:50:da:95:98:fb:30:
15:dd:d9:4b:10:cb:fd:10:c3:10:0e:c9:be:21:2d:
5a:a6:13:a3:86:5b:e1:87:0e:c6:26:af:e1:ba:51:
1e:bc:88:c6:00:a3:79:3c:a0:04:c9:85:26:96:db:
9f:f0:16:8b:d6:6b:52:a9:9f:ad:42:a0:bb:13:47:
7e:2b:fe:d3:e5:b6:f2:e6:b8:56:bc:10:e0:c9:de:
bd:66:d9:06:7e:de:7f:e6:5d:fa:2e:32:58:ef:cd:
ba:a5:36:81:01:57:f4:69:12:18:4f:bb:cd:8e:67:
47:eb:28:f2:fd:cc:25:bb:2d:df:2d:69:31:7c:38:
1a:3f:36:ac:83:9c:b3:fb:eb:35:ba:97:95:23:8f:
07:17:5c:53:f8:c0:b6:06:57:00:e9:31:91:f7:2e:
83:ce:55:45:8f:be:5d:bb:70:12:33:d6:57:84:d1:
15:dc:cc:70:85:74:88:0e:84:06:d1:ac:a0:bf:cd:
93:62:95:69:27:50:c6:ae:a4:e0:1b:19:0b:b8:27:
36:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:0B:8F:6D:DE:6C:02:6D:4D:87:1D:D9:02:59:35:A9:39:D8:D6:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A6DF60C2FC3A11F08022F1E6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7e:f1:76:b2:3e:a1:cb:ca:a0:5a:00:3b:2f:c3:09:6b:04:f9:
2d:ca:0e:07:6f:91:a8:37:d1:92:31:38:cb:87:42:18:29:77:
5d:e0:2d:12:07:8d:09:af:1a:1f:40:9e:b3:e0:1d:a0:00:fe:
7c:6c:ee:3a:ff:cd:08:ca:c8:8d:7a:b7:98:e6:32:22:9d:35:
3a:ab:f8:1c:fa:55:46:cf:25:cd:2b:b4:3f:2a:48:28:b4:9a:
de:14:be:54:c0:77:ac:e2:9c:19:3a:73:95:5d:78:53:77:2f:
2d:83:82:27:16:a0:e3:fe:52:6b:b4:b3:6c:35:81:eb:72:50:
d7:6a:aa:61:9e:aa:33:62:da:40:51:48:f4:bd:52:fe:a8:fa:
36:3f:82:3e:9a:9c:3b:13:e4:39:b5:2c:a8:22:8a:22:e2:53:
fb:58:cb:87:e0:2e:4c:f0:56:54:a5:ed:cc:09:81:3e:8c:38:
e0:5e:d8:41:48:75:16:75:ed:3b:55:10:40:10:32:5c:ba:24:
e6:32:af:cd:4e:15:2e:23:0e:03:ca:25:1e:0f:b2:07:b9:b1:
fb:93:a1:9e:8f:25:61:f6:46:b1:50:ba:13:85:2c:0d:0f:3a:
a6:43:66:86:db:d0:66:7c:bb:14:6a:50:6a:b9:bd:0e:b8:29:
18:c6:fa:c1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDAZplMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMTI4MTExNTIzWhcNMjYwMzA3MTExNTIzWjAYMRYw
FAYDVQQDEw02OTc5ZWZkMS0yYWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtK2+OMwyghItLCEcgBHNGOWNJIpgvdjlSIBGr6iX9pdAzp7rNcUZp8DC
cKsKZOFiExheJVRQ2pWY+zAV3dlLEMv9EMMQDsm+IS1aphOjhlvhhw7GJq/hulEe
vIjGAKN5PKAEyYUmltuf8BaL1mtSqZ+tQqC7E0d+K/7T5bby5rhWvBDgyd69ZtkG
ft5/5l36LjJY7826pTaBAVf0aRIYT7vNjmdH6yjy/cwluy3fLWkxfDgaPzasg5yz
++s1upeVI48HF1xT+MC2BlcA6TGR9y6DzlVFj75du3ASM9ZXhNEV3MxwhXSIDoQG
0aygv82TYpVpJ1DGrqTgGxkLuCc2DQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFP0L
j23ebAJtTYcd2QJZNak52NaQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNkRGNjBDMkZDM0ExMUYwODAyMkYxRTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnOowDQYJKoZIhvcNAQELBQAD
ggEBAH7xdrI+ocvKoFoAOy/DCWsE+S3KDgdvkag30ZIxOMuHQhgpd13gLRIHjQmv
Gh9AnrPgHaAA/nxs7jr/zQjKyI16t5jmMiKdNTqr+Bz6VUbPJc0rtD8qSCi0mt4U
vlTAd6zinBk6c5VdeFN3Ly2DgicWoOP+Umu0s2w1getyUNdqqmGeqjNi2kBRSPS9
Uv6o+jY/gj6anDsT5Dm1LKgiiiLiU/tYy4fgLkzwVlSl7cwJgT6MOOBe2EFIdRZ1
7TtVEEAQMly6JOYyr81OFS4jDgPKJR4Psge5sfuToZ6PJWH2RrFQuhOFLA0POqZD
Zobb0GZ8uxRqUGq5vQ64KRjG+sE=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:01:40 2026 by rpki-client