Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8E0F114122311F1BC3EE792DAE4EC9C.roa
File: C8E0F114122311F1BC3EE792DAE4EC9C.roa (raw, json)
Hash identifier: 1J7qEMd6UdQpMPXzkF2iIfrub61PLKHOHRKln57dlTk=
Subject key identifier: B8:D7:48:53:FF:75:42:65:B3:53:A9:A9:89:51:C2:68:F5:4C:DA:BD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A06A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8E0F114122311F1BC3EE792DAE4EC9C.roa
Signing time: Wed 25 Feb 2026 08:27:13 +0000
ROA not before: Wed 25 Feb 2026 08:27:09 +0000
ROA not after: Wed 01 Apr 2026 08:27:09 +0000
asID: 984
IP address blocks: 156.252.8.0/24 maxlen: 24
156.252.11.0/24 maxlen: 24
156.253.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106602 (0x1a06a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 25 08:27:09 2026 GMT
Not After : Apr 1 08:27:09 2026 GMT
Subject: CN=699eb261-c71b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f4:e5:dc:b4:e0:02:09:ca:ae:fb:52:d2:e5:
af:e7:f1:ee:72:bf:1e:fc:6f:c3:58:8e:4c:f7:95:
8d:fa:b7:0d:e7:33:73:9c:25:ab:22:65:6b:96:13:
c2:e2:c5:00:e7:2f:2b:e8:55:ca:15:a7:10:57:7e:
30:75:ef:c7:51:57:40:85:63:0c:44:07:f8:f7:29:
e0:c1:5d:f4:ae:6d:36:b6:f2:f4:1a:73:c9:1d:a0:
cb:96:41:b1:0c:07:69:24:78:3f:49:bd:54:ec:2e:
b0:27:8d:83:fa:fd:2e:60:57:d5:51:c6:22:c7:04:
dc:49:74:15:66:71:03:88:e0:4f:6d:b9:db:1d:b7:
97:08:c0:10:fd:b2:f7:f2:76:5a:ca:84:6c:7b:67:
9b:87:cd:ed:53:ab:e0:bc:3b:6c:8e:59:db:47:cd:
38:29:6b:fe:62:64:12:f2:56:75:ba:c3:fd:fb:0b:
5b:5d:9e:a9:ae:e3:7a:f6:fc:e3:0c:91:c4:8c:45:
aa:39:4c:94:3a:13:24:68:1a:f7:b4:ed:8c:61:23:
34:3a:43:fc:84:55:68:ce:b8:e6:c4:50:09:3d:2e:
45:7f:37:6b:18:8e:95:59:7c:c7:44:06:44:75:b7:
46:e1:d0:57:25:18:c4:62:a0:a3:d7:92:1c:75:47:
8c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D7:48:53:FF:75:42:65:B3:53:A9:A9:89:51:C2:68:F5:4C:DA:BD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8E0F114122311F1BC3EE792DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.8.0/24
156.252.11.0/24
156.253.134.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:25:08:e3:94:52:ad:05:7f:93:86:a6:eb:8f:ec:c7:89:5d:
58:af:9f:a5:7c:fc:b9:3e:76:31:41:21:7d:eb:14:69:30:f2:
e6:cd:71:07:c4:4b:c5:f0:a5:b1:27:2b:2e:bf:51:ef:6a:eb:
d2:d3:25:05:5e:c8:cb:1f:b2:3c:34:db:40:9a:a0:9b:46:9a:
f8:78:35:84:0a:b2:f0:36:05:ea:7c:58:18:0d:84:d1:e7:6b:
40:37:79:b2:dc:4e:9f:95:20:79:29:3e:c1:75:70:a8:9d:72:
96:1f:bf:a6:ed:1f:61:62:84:88:bc:b7:9d:88:a8:9b:7e:c8:
2a:94:09:50:29:ca:d3:4e:37:18:bf:98:90:d8:2a:b6:dc:e8:
18:b6:44:d0:31:52:2a:2f:c5:b9:ea:8d:2c:70:08:d7:4a:84:
6f:69:68:c1:ef:2b:c8:5c:b7:2d:15:90:8f:13:86:b6:ed:27:
be:35:0a:b4:c3:08:98:ac:dd:3e:1d:34:ad:43:2d:97:66:06:
0d:d2:19:2a:99:52:93:93:47:ca:24:73:e7:7d:43:34:be:70:
5e:4b:d2:a1:5d:8d:fa:1f:6a:b8:70:65:e0:d5:7f:23:85:a7:
17:4f:2c:ca:fa:93:04:fb:64:ee:85:f2:a2:74:c0:92:e0:9a:
ec:dd:76:e5
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAaBqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjI1MDgyNzA5WhcNMjYwNDAxMDgyNzA5WjAYMRYw
FAYDVQQDEw02OTllYjI2MS1jNzFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAufTl3LTgAgnKrvtS0uWv5/Hucr8e/G/DWI5M95WN+rcN5zNznCWrImVr
lhPC4sUA5y8r6FXKFacQV34wde/HUVdAhWMMRAf49yngwV30rm02tvL0GnPJHaDL
lkGxDAdpJHg/Sb1U7C6wJ42D+v0uYFfVUcYixwTcSXQVZnEDiOBPbbnbHbeXCMAQ
/bL38nZayoRse2ebh83tU6vgvDtsjlnbR804KWv+YmQS8lZ1usP9+wtbXZ6pruN6
9vzjDJHEjEWqOUyUOhMkaBr3tO2MYSM0OkP8hFVozrjmxFAJPS5FfzdrGI6VWXzH
RAZEdbdG4dBXJRjEYqCj15IcdUeMQQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFLjX
SFP/dUJls1OpqYlRwmj1TNq9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOEUwRjExNDEyMjMxMUYxQkMzRUU3OTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnPwIAwQAnPwLAwQAnP2GMA0G
CSqGSIb3DQEBCwUAA4IBAQA8JQjjlFKtBX+Thqbrj+zHiV1Yr5+lfPy5PnYxQSF9
6xRpMPLmzXEHxEvF8KWxJysuv1HvauvS0yUFXsjLH7I8NNtAmqCbRpr4eDWECrLw
NgXqfFgYDYTR52tAN3my3E6flSB5KT7BdXConXKWH7+m7R9hYoSIvLediKibfsgq
lAlQKcrTTjcYv5iQ2Cq23OgYtkTQMVIqL8W56o0scAjXSoRvaWjB7yvIXLctFZCP
E4a27Se+NQq0wwiYrN0+HTStQy2XZgYN0hkqmVKTk0fKJHPnfUM0vnBeS9KhXY36
H2q4cGXg1X8jhacXTyzK+pME+2TuhfKidMCS4Jrs3Xbl
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:19:30 2026 by rpki-client