Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9D7021E29D511F1A2DAC5B8DAE4EC9C.roa
File: D9D7021E29D511F1A2DAC5B8DAE4EC9C.roa (raw, json)
Hash identifier: GRSUe6w5SczoNE1JGnWZqqIzEWxIcMw2LcFs4/OpCVg=
Subject key identifier: 99:E0:D8:CF:CB:86:8F:8F:D7:5A:2A:61:30:92:A9:61:70:C3:74:43
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A7CB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9D7021E29D511F1A2DAC5B8DAE4EC9C.roa
Signing time: Fri 27 Mar 2026 12:09:49 +0000
ROA not before: Fri 27 Mar 2026 12:09:44 +0000
ROA not after: Sun 10 May 2026 12:09:44 +0000
asID: 3257
IP address blocks: 156.225.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:26:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108491 (0x1a7cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 27 12:09:44 2026 GMT
Not After : May 10 12:09:44 2026 GMT
Subject: CN=69c6738d-f0d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:ce:78:8e:34:f8:61:c3:d6:3f:84:b1:9c:
bb:67:34:b8:d5:7d:b8:19:6e:28:5a:a6:10:ec:b5:
fd:cf:55:90:73:6b:42:8f:b3:91:83:02:18:af:0e:
b5:f6:c7:69:cf:58:97:1b:a2:9f:ad:cc:b4:87:77:
12:1b:01:40:9d:2e:5f:9e:00:a9:1e:91:05:93:af:
ff:0e:86:1f:80:03:56:f7:f0:ad:4e:71:6c:d5:fb:
11:76:73:8f:12:17:34:8c:95:c4:8e:da:a7:f5:de:
fc:90:2a:85:66:b0:b1:c4:33:ac:23:cc:70:b3:f8:
b7:a8:80:bc:f3:b7:63:32:e7:7d:01:30:d8:7e:d8:
ae:27:c4:a3:1f:0e:f1:c9:f7:35:2a:6b:9c:13:a2:
6f:fb:f0:47:76:4f:06:a2:0f:a7:ae:52:86:37:c7:
48:37:2a:9f:1c:9f:d7:9e:ab:91:3f:82:1e:fd:ff:
d0:af:ea:e5:f4:a4:b8:c5:64:84:af:48:5b:8e:b6:
a8:a9:b3:c0:27:d1:8b:aa:5d:6e:b5:b2:9b:a7:7d:
3a:a3:4c:2b:c3:12:25:3d:b4:8d:45:de:a3:7f:fd:
fa:e9:8f:02:38:d8:28:5a:1c:6d:32:8a:39:73:ef:
4c:68:25:cb:84:af:b4:2a:6d:c4:1a:5f:9c:4f:25:
10:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E0:D8:CF:CB:86:8F:8F:D7:5A:2A:61:30:92:A9:61:70:C3:74:43
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9D7021E29D511F1A2DAC5B8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.15.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:43:48:bf:ca:e3:95:2d:5c:7e:99:f6:5c:ab:d5:e1:c5:ef:
9c:5e:ff:7b:73:1e:92:de:37:ff:ec:5e:e0:8b:74:34:2c:82:
7f:67:46:2c:ca:e5:4d:11:8b:c7:66:96:7e:97:a2:77:b2:01:
f8:e5:7a:19:af:db:9a:a2:aa:ca:7b:61:82:99:44:97:1e:4c:
e6:43:d4:42:38:25:55:9c:4b:fc:8e:af:72:ac:07:56:59:e1:
28:55:5c:5b:12:a0:a5:e1:88:9b:59:3e:3c:62:a5:ca:a9:bb:
05:16:a1:1f:bb:ad:ec:e2:ae:08:67:17:db:0c:16:60:dd:1e:
3b:e2:7d:7d:f6:ed:8d:78:b3:14:92:b9:71:c0:0e:66:d4:18:
e7:ad:f9:8b:dc:f3:cc:12:58:cc:1e:95:3f:39:60:13:08:04:
9a:19:83:6a:90:10:12:c1:85:9d:9c:66:03:6b:2e:3a:91:59:
7a:f0:81:0a:a7:a2:e0:c4:4a:0e:5f:56:7a:8b:c4:8c:35:40:
30:2a:7b:73:54:48:95:7f:10:f7:c2:df:5a:68:41:83:ad:d8:
bd:6f:96:96:01:8c:3d:16:40:d8:5f:54:83:c4:9f:81:f1:94:
d3:2c:b5:fb:09:c6:b5:08:f5:09:c4:fc:2a:46:d7:91:3b:70:
1a:cf:16:b4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAafLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzI3MTIwOTQ0WhcNMjYwNTEwMTIwOTQ0WjAYMRYw
FAYDVQQDEw02OWM2NzM4ZC1mMGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqXzOeI40+GHD1j+EsZy7ZzS41X24GW4oWqYQ7LX9z1WQc2tCj7ORgwIY
rw619sdpz1iXG6Kfrcy0h3cSGwFAnS5fngCpHpEFk6//DoYfgANW9/CtTnFs1fsR
dnOPEhc0jJXEjtqn9d78kCqFZrCxxDOsI8xws/i3qIC887djMud9ATDYftiuJ8Sj
Hw7xyfc1KmucE6Jv+/BHdk8Gog+nrlKGN8dINyqfHJ/XnquRP4Ie/f/Qr+rl9KS4
xWSEr0hbjraoqbPAJ9GLql1utbKbp306o0wrwxIlPbSNRd6jf/366Y8CONgoWhxt
Moo5c+9MaCXLhK+0Km3EGl+cTyUQbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJng
2M/Lho+P11oqYTCSqWFww3RDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOUQ3MDIxRTI5RDUxMUYxQTJEQUM1QjhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEPMA0GCSqGSIb3DQEBCwUA
A4IBAQCbQ0i/yuOVLVx+mfZcq9Xhxe+cXv97cx6S3jf/7F7gi3Q0LIJ/Z0YsyuVN
EYvHZpZ+l6J3sgH45XoZr9uaoqrKe2GCmUSXHkzmQ9RCOCVVnEv8jq9yrAdWWeEo
VVxbEqCl4YibWT48YqXKqbsFFqEfu63s4q4IZxfbDBZg3R474n199u2NeLMUkrlx
wA5m1BjnrfmL3PPMEljMHpU/OWATCASaGYNqkBASwYWdnGYDay46kVl68IEKp6Lg
xEoOX1Z6i8SMNUAwKntzVEiVfxD3wt9aaEGDrdi9b5aWAYw9FkDYX1SDxJ+B8ZTT
LLX7Cca1CPUJxPwqRteRO3Aazxa0
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:25:28 2026 by rpki-client