Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF6DC26A398311F1A3D8EEB5CE1D38B0.roa
File: BF6DC26A398311F1A3D8EEB5CE1D38B0.roa (raw, json)
Hash identifier: UfEIyx9edtXjRUCOMk8KzVAhIRTDHUDIxbpNv0R9jvk=
Subject key identifier: F1:89:A3:88:12:41:8B:15:E4:66:38:44:ED:5E:DE:F6:D9:2F:68:6F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AD21
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF6DC26A398311F1A3D8EEB5CE1D38B0.roa
Signing time: Thu 16 Apr 2026 11:02:24 +0000
ROA not before: Thu 16 Apr 2026 11:02:20 +0000
ROA not after: Wed 20 May 2026 11:02:20 +0000
asID: 400619
IP address blocks: 156.254.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:26:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109857 (0x1ad21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 16 11:02:20 2026 GMT
Not After : May 20 11:02:20 2026 GMT
Subject: CN=69e0c1c0-a67f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b0:02:50:89:48:f7:6e:e2:14:ce:97:a2:53:
dd:9c:5c:47:c7:d8:c8:db:30:37:d1:b5:db:57:55:
c9:32:df:3e:ee:23:12:71:70:e3:21:df:79:3d:4e:
f3:26:b0:4f:5f:75:21:54:ce:56:68:54:14:c5:b8:
b6:f7:4c:77:80:eb:bf:15:f3:48:89:88:f9:ed:4c:
46:5e:b3:00:68:49:da:e8:f3:f0:f2:ae:44:53:e9:
94:4f:4a:86:18:77:41:de:13:55:81:60:0e:da:54:
fd:b0:63:1e:80:6b:70:03:5f:c3:1c:ad:7b:49:86:
2d:1c:ac:62:c9:ea:36:ca:5a:66:66:5c:58:4c:ed:
6a:b8:c0:e0:a6:58:7d:5c:67:c7:a9:ae:35:5a:fa:
03:4e:f1:dd:d1:d0:f1:58:bd:34:fa:53:67:01:c9:
19:9b:8a:39:32:b3:74:9c:de:6f:a4:ac:1d:37:7e:
cf:0a:70:05:69:74:24:18:9b:7c:b9:c4:0b:8a:3e:
94:bb:2a:37:d3:31:d4:9f:f3:07:2e:fb:4f:01:5e:
87:68:ec:55:ca:67:fb:14:65:26:d7:7e:72:41:e0:
bd:ad:3a:e4:40:ea:01:0a:6a:30:10:8d:2e:f5:38:
af:08:db:6f:2a:72:21:5e:53:98:4e:3c:e0:fb:85:
0c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:89:A3:88:12:41:8B:15:E4:66:38:44:ED:5E:DE:F6:D9:2F:68:6F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF6DC26A398311F1A3D8EEB5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7e:37:7f:52:e4:cf:2b:ea:e6:12:f1:0e:50:53:1a:c1:2a:9d:
bb:f8:4f:49:9b:65:55:b0:ef:c3:7b:8d:0d:5f:b8:6f:04:1b:
f9:18:67:7a:9a:07:09:a8:d6:02:65:b8:fa:95:81:e2:5b:79:
ca:d0:bc:19:69:ca:b2:4c:9c:a6:19:e3:c0:ef:cd:c1:17:8d:
55:2e:7e:cd:68:b8:b2:38:2e:cd:f6:bd:90:9d:f6:b8:72:4d:
d7:c0:bc:51:95:b5:3e:b2:9d:92:60:35:c5:15:a0:2f:89:55:
ae:19:6c:5f:db:f0:22:41:fe:62:b0:fa:61:7b:10:81:25:ef:
16:e2:a1:cd:3e:d4:5d:94:50:59:86:27:28:75:21:98:e0:a5:
13:57:21:43:bd:cd:6a:55:ff:04:a7:b7:5b:f8:56:fa:aa:96:
1f:99:8f:8c:b7:1c:69:06:a2:be:5d:ff:fb:f4:16:69:b5:35:
1e:bb:db:93:3d:74:d6:a5:0f:bf:fc:8f:00:17:eb:75:3a:56:
9d:db:85:7e:9a:46:7d:93:99:d3:c0:4f:61:9c:4d:13:26:77:
48:04:ff:d2:3a:68:9a:1c:2c:e7:f0:c3:31:4b:a7:31:77:f5:
ca:6a:00:be:6c:d3:3e:db:da:0a:14:d4:5e:2f:e1:5e:2f:66:
a3:78:5d:81
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAa0hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDE2MTEwMjIwWhcNMjYwNTIwMTEwMjIwWjAYMRYw
FAYDVQQDEw02OWUwYzFjMC1hNjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxbACUIlI927iFM6XolPdnFxHx9jI2zA30bXbV1XJMt8+7iMScXDjId95
PU7zJrBPX3UhVM5WaFQUxbi290x3gOu/FfNIiYj57UxGXrMAaEna6PPw8q5EU+mU
T0qGGHdB3hNVgWAO2lT9sGMegGtwA1/DHK17SYYtHKxiyeo2ylpmZlxYTO1quMDg
plh9XGfHqa41WvoDTvHd0dDxWL00+lNnAckZm4o5MrN0nN5vpKwdN37PCnAFaXQk
GJt8ucQLij6Uuyo30zHUn/MHLvtPAV6HaOxVymf7FGUm135yQeC9rTrkQOoBCmow
EI0u9TivCNtvKnIhXlOYTjzg+4UMOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPGJ
o4gSQYsV5GY4RO1e3vbZL2hvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRjZEQzI2QTM5ODMxMUYxQTNEOEVFQjVDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnP4AMA0GCSqGSIb3DQEBCwUA
A4IBAQB+N39S5M8r6uYS8Q5QUxrBKp27+E9Jm2VVsO/De40NX7hvBBv5GGd6mgcJ
qNYCZbj6lYHiW3nK0LwZacqyTJymGePA783BF41VLn7NaLiyOC7N9r2Qnfa4ck3X
wLxRlbU+sp2SYDXFFaAviVWuGWxf2/AiQf5isPphexCBJe8W4qHNPtRdlFBZhico
dSGY4KUTVyFDvc1qVf8Ep7db+Fb6qpYfmY+MtxxpBqK+Xf/79BZptTUeu9uTPXTW
pQ+//I8AF+t1Olad24V+mkZ9k5nTwE9hnE0TJndIBP/SOmiaHCzn8MMxS6cxd/XK
agC+bNM+29oKFNReL+FeL2ajeF2B
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:54:39 2026 by rpki-client