Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ACA719140B0D11F18E29C483DAE4EC9C.roa
File: ACA719140B0D11F18E29C483DAE4EC9C.roa (raw, json)
Hash identifier: DUWr51oZw+fp10pgi1FN4vOR6mZcI+ghIwR9ohaGpQ4=
Subject key identifier: 8D:81:78:E1:7C:EA:AC:A5:AE:02:BD:CE:4F:2B:16:98:0B:27:10:6C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 019E14
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ACA719140B0D11F18E29C483DAE4EC9C.roa
Signing time: Mon 16 Feb 2026 08:01:19 +0000
ROA not before: Mon 16 Feb 2026 08:01:14 +0000
ROA not after: Fri 20 Mar 2026 08:01:14 +0000
asID: 153706
IP address blocks: 156.254.20.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106004 (0x19e14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 16 08:01:14 2026 GMT
Not After : Mar 20 08:01:14 2026 GMT
Subject: CN=6992cecf-629f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:93:6c:5f:5d:4b:bc:f6:a0:a0:13:2b:4f:22:
18:fc:33:04:0e:07:99:12:83:c6:4f:59:3b:69:7f:
ea:ea:0a:69:96:eb:6a:bb:84:97:7f:4a:2d:8c:87:
86:ed:47:1f:92:b5:d3:ab:89:ee:15:7f:26:85:96:
5c:36:1b:2c:b1:94:5a:84:95:57:8a:57:ab:5c:65:
9b:d0:0c:d2:87:1a:2a:00:78:98:19:85:2e:cd:f1:
b6:2b:55:c1:0e:a8:0d:56:82:af:0e:d4:db:e8:22:
3c:08:68:f9:67:d5:7f:af:39:4f:24:92:54:b6:d8:
28:d2:22:45:c6:d8:54:1a:07:a0:0a:cc:c4:89:10:
f1:07:c1:96:19:e1:d1:ec:e2:fb:79:8e:b7:5e:e7:
eb:d9:af:d8:53:78:be:e8:f2:2c:66:49:32:63:53:
23:0f:7b:25:47:45:74:c8:d1:71:3c:ac:fa:68:67:
8e:f1:55:8f:85:87:74:d3:67:ee:71:89:1a:18:ae:
a1:11:55:9d:7e:fa:e9:2e:b6:4e:b1:9d:50:35:a9:
48:98:44:7d:e5:26:b5:90:7d:8a:c6:e1:43:77:ac:
01:21:59:64:e7:b6:0a:55:fd:a6:95:5e:b7:30:a8:
4b:dc:d5:08:25:c7:9e:b5:d8:84:65:d2:18:fe:54:
a3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:81:78:E1:7C:EA:AC:A5:AE:02:BD:CE:4F:2B:16:98:0B:27:10:6C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ACA719140B0D11F18E29C483DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.20.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:a5:e4:f9:37:b9:46:0a:c2:b3:7c:b4:42:33:90:2e:bc:62:
20:aa:39:2d:1c:d7:9d:b0:71:cf:6e:19:73:5b:04:1e:55:64:
ee:42:f3:e5:13:60:32:47:63:78:40:69:bc:b0:3b:fe:a3:24:
3d:af:c1:a1:c1:3a:fa:d8:9c:61:a7:65:d2:82:45:11:d7:98:
42:e2:50:73:9d:db:19:91:8d:78:e5:4a:04:95:2f:7e:21:2f:
5e:da:e2:73:72:f2:0f:a6:cd:57:8e:4e:6d:26:8f:07:61:7a:
8a:fd:b2:3c:3d:a2:71:e1:a9:6e:3c:50:63:4e:c3:88:e5:5f:
8c:ec:69:29:6f:43:d5:0d:91:ce:1d:31:da:e4:bc:c8:5b:3f:
7b:b1:92:de:8f:dc:ce:08:32:6d:54:75:a0:83:3e:85:d4:ea:
ba:2b:40:80:bc:69:f5:e7:f1:74:b6:f0:81:5e:f4:d2:ea:bb:
f5:0f:ef:54:d0:a4:bd:44:2f:45:0f:67:2f:7a:a1:7e:2b:eb:
ce:ef:f9:e8:0f:53:d4:21:57:e1:33:b3:fa:be:00:01:30:ab:
d8:11:50:ac:9c:68:5e:46:31:bf:ef:ba:74:c0:01:58:94:4d:
ec:66:9f:15:13:27:e3:43:ae:da:c2:3e:56:76:39:d2:50:21:
c6:b2:e4:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAZ4UMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjE2MDgwMTE0WhcNMjYwMzIwMDgwMTE0WjAYMRYw
FAYDVQQDEw02OTkyY2VjZi02MjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyZNsX11LvPagoBMrTyIY/DMEDgeZEoPGT1k7aX/q6gpplutqu4SXf0ot
jIeG7UcfkrXTq4nuFX8mhZZcNhsssZRahJVXilerXGWb0AzShxoqAHiYGYUuzfG2
K1XBDqgNVoKvDtTb6CI8CGj5Z9V/rzlPJJJUttgo0iJFxthUGgegCszEiRDxB8GW
GeHR7OL7eY63Xufr2a/YU3i+6PIsZkkyY1MjD3slR0V0yNFxPKz6aGeO8VWPhYd0
02fucYkaGK6hEVWdfvrpLrZOsZ1QNalImER95Sa1kH2KxuFDd6wBIVlk57YKVf2m
lV63MKhL3NUIJceetdiEZdIY/lSj9wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI2B
eOF86qylrgK9zk8rFpgLJxBsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQ0E3MTkxNDBCMEQxMUYxOEUyOUM0ODNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP4UMA0GCSqGSIb3DQEBCwUA
A4IBAQANpeT5N7lGCsKzfLRCM5AuvGIgqjktHNedsHHPbhlzWwQeVWTuQvPlE2Ay
R2N4QGm8sDv+oyQ9r8GhwTr62Jxhp2XSgkUR15hC4lBzndsZkY145UoElS9+IS9e
2uJzcvIPps1Xjk5tJo8HYXqK/bI8PaJx4aluPFBjTsOI5V+M7Gkpb0PVDZHOHTHa
5LzIWz97sZLej9zOCDJtVHWggz6F1Oq6K0CAvGn15/F0tvCBXvTS6rv1D+9U0KS9
RC9FD2cveqF+K+vO7/noD1PUIVfhM7P6vgABMKvYEVCsnGheRjG/77p0wAFYlE3s
Zp8VEyfjQ67awj5WdjnSUCHGsuSp
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:19:30 2026 by rpki-client