Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C89AB77413CE11F1B906B3C8DAE4EC9C.roa
File: C89AB77413CE11F1B906B3C8DAE4EC9C.roa (raw, json)
Hash identifier: KZsjmGlOie+40ah+rbM+FYojpMBJitFpBzWByZq6ceE=
Subject key identifier: 64:E2:BF:25:4A:3D:A6:75:9F:71:AA:DC:84:92:05:E3:54:15:67:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A12C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C89AB77413CE11F1B906B3C8DAE4EC9C.roa
Signing time: Fri 27 Feb 2026 11:23:48 +0000
ROA not before: Fri 27 Feb 2026 11:23:43 +0000
ROA not after: Thu 12 Mar 2026 11:23:43 +0000
asID: 62513
IP address blocks: 156.225.32.0/21 maxlen: 24
156.225.40.0/24 maxlen: 24
156.225.43.0/24 maxlen: 24
156.225.44.0/24 maxlen: 24
156.225.56.0/21 maxlen: 24
156.225.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106796 (0x1a12c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 27 11:23:43 2026 GMT
Not After : Mar 12 11:23:43 2026 GMT
Subject: CN=69a17ec3-67cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b7:12:f6:73:47:00:1d:13:09:51:24:28:3f:
cc:96:26:81:e9:2e:d4:60:ac:5f:d7:8a:dd:2e:f9:
a1:cc:81:17:e7:3c:7d:6b:f7:f6:c3:33:26:e9:e4:
19:18:b8:1d:61:eb:ec:b4:83:51:32:e3:df:30:8a:
7c:b7:ab:18:84:1b:61:5b:6f:d9:d5:38:8a:ae:88:
9c:e2:05:52:96:84:55:0c:85:92:70:90:2e:3f:9c:
cc:6a:36:d0:c8:af:34:fd:23:53:53:51:f6:b6:95:
6d:7b:f0:2b:89:9f:78:32:1e:c2:04:d0:9e:cb:3e:
e9:4e:bd:04:e6:4c:c5:bc:8b:c3:2c:91:9e:9f:d4:
23:de:9f:20:1c:6b:21:e3:ab:57:d4:d3:3e:4b:18:
9a:12:8a:49:5a:87:ca:e4:8b:c6:a2:70:e1:d2:77:
0e:91:d5:97:43:04:cc:59:43:4e:66:7c:6d:90:25:
d2:2b:9f:c8:7c:96:ee:95:85:7d:b5:3c:46:77:a8:
65:53:cb:ca:0e:29:54:c5:ee:35:94:24:7f:b8:1d:
57:93:52:43:10:d7:9b:12:eb:52:c8:d2:39:5b:32:
cd:61:9b:ed:de:12:37:3e:7a:19:a9:ab:d0:2c:8a:
1d:11:00:99:82:a1:db:95:3e:1d:b3:35:40:35:15:
36:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E2:BF:25:4A:3D:A6:75:9F:71:AA:DC:84:92:05:E3:54:15:67:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C89AB77413CE11F1B906B3C8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.32.0-156.225.40.255
156.225.43.0-156.225.44.255
156.225.56.0/21
156.225.184.0/21
Signature Algorithm: sha256WithRSAEncryption
62:b6:ef:df:40:05:22:8c:af:f0:3f:46:e4:9d:88:83:a9:e5:
bf:7b:51:5f:b1:b2:6f:b3:9c:cf:e6:22:69:58:f1:6f:39:51:
af:3d:99:2a:a5:e6:4a:d9:6e:b3:a9:26:c4:38:ee:00:cf:09:
67:55:a9:cd:3e:88:45:d6:ba:78:46:9e:ff:43:dc:79:53:dc:
f9:a9:f1:d7:de:a5:54:5d:35:48:98:ff:28:b5:db:bd:b8:59:
da:34:54:9e:c6:a8:ca:a5:11:37:c7:df:ff:b6:38:bd:6a:80:
a6:8e:31:49:8d:12:58:12:1d:da:17:fb:3d:87:72:e4:2f:2a:
d3:a9:eb:e8:33:52:bd:d1:95:f3:a4:a5:1c:3a:43:71:b8:a4:
b1:aa:31:41:1f:14:7e:11:3b:d1:f5:60:7f:b4:0e:8b:0f:e9:
1b:a5:76:5b:c4:ed:6c:bd:1b:89:61:09:3e:7c:04:1e:fd:cd:
5a:b8:28:1b:38:3f:b1:a1:15:d4:b6:e2:d5:60:fe:9f:39:80:
4a:e1:93:9f:de:03:70:47:0e:e1:90:60:9a:11:79:65:f3:e6:
f3:68:f0:77:96:ab:77:f5:da:12:bc:ce:e5:68:71:0c:dc:d2:
6d:59:be:cc:90:2a:1f:00:e8:07:2a:3b:f6:b9:b5:01:38:32:
3e:74:d7:81
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgIDAaEsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjI3MTEyMzQzWhcNMjYwMzEyMTEyMzQzWjAYMRYw
FAYDVQQDEw02OWExN2VjMy02N2NkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0rcS9nNHAB0TCVEkKD/MliaB6S7UYKxf14rdLvmhzIEX5zx9a/f2wzMm
6eQZGLgdYevstINRMuPfMIp8t6sYhBthW2/Z1TiKroic4gVSloRVDIWScJAuP5zM
ajbQyK80/SNTU1H2tpVte/AriZ94Mh7CBNCeyz7pTr0E5kzFvIvDLJGen9Qj3p8g
HGsh46tX1NM+SxiaEopJWofK5IvGonDh0ncOkdWXQwTMWUNOZnxtkCXSK5/IfJbu
lYV9tTxGd6hlU8vKDilUxe41lCR/uB1Xk1JDENebEutSyNI5WzLNYZvt3hI3PnoZ
qavQLIodEQCZgqHblT4dszVANRU2ZwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFGTi
vyVKPaZ1n3Gq3ISSBeNUFWc4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DODlBQjc3NDEzQ0UxMUYxQjkwNkIzQzhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAWc4SADBACc4SgwDAMEAJzh
KwMEAJzhLAMEA5zhOAMEA5zhuDANBgkqhkiG9w0BAQsFAAOCAQEAYrbv30AFIoyv
8D9G5J2Ig6nlv3tRX7Gyb7Ocz+YiaVjxbzlRrz2ZKqXmStlus6kmxDjuAM8JZ1Wp
zT6IRda6eEae/0PceVPc+anx196lVF01SJj/KLXbvbhZ2jRUnsaoyqURN8ff/7Y4
vWqApo4xSY0SWBId2hf7PYdy5C8q06nr6DNSvdGV86SlHDpDcbiksaoxQR8UfhE7
0fVgf7QOiw/pG6V2W8TtbL0biWEJPnwEHv3NWrgoGzg/saEV1Lbi1WD+nzmASuGT
n94DcEcO4ZBgmhF5ZfPm82jwd5ard/XaErzO5WhxDNzSbVm+zJAqHwDoByo79rm1
ATgyPnTXgQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:18:56 2026 by rpki-client