Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6F1A53C13C011F19A6676F5DAE4EC9C.roa
File: F6F1A53C13C011F19A6676F5DAE4EC9C.roa (raw, json)
Hash identifier: uoAWv1psGwfVYNTn+twPZnFfr8XQymLiV21megjemEQ=
Subject key identifier: F4:F8:57:AE:1D:44:3A:94:5F:C8:23:8C:C8:1B:A3:39:2C:6A:B7:94
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A11E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6F1A53C13C011F19A6676F5DAE4EC9C.roa
Signing time: Fri 27 Feb 2026 09:44:52 +0000
ROA not before: Fri 27 Feb 2026 09:44:47 +0000
ROA not after: Thu 09 Apr 2026 09:44:47 +0000
asID: 395793
IP address blocks: 156.243.252.0/24 maxlen: 24
156.243.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106782 (0x1a11e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 27 09:44:47 2026 GMT
Not After : Apr 9 09:44:47 2026 GMT
Subject: CN=69a16794-3d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e6:82:c6:d5:1d:1d:72:e6:2a:d9:db:d1:a3:
42:ec:a4:93:eb:8c:2b:5d:10:ae:bd:c4:31:89:9d:
7f:2c:59:2e:30:be:ba:0a:32:d6:8e:9a:56:7b:a4:
2d:fa:d9:7a:db:be:3c:5c:17:e7:e4:2c:29:97:c9:
1e:06:2d:1e:bd:9f:df:6c:77:b1:5f:26:ef:be:f4:
08:9e:87:e9:72:6a:66:7c:c0:d8:cb:c3:7d:7c:49:
73:5c:e4:bb:e4:a6:95:c2:e3:db:2b:e4:cd:91:f6:
60:93:91:1e:f3:80:3f:90:8e:06:4f:6b:15:aa:58:
f9:01:91:ce:79:56:8d:55:02:2b:ad:d9:b2:62:c3:
b7:49:88:03:2c:94:82:2f:36:e6:07:48:fd:59:ef:
73:30:cd:5a:8c:11:1f:07:da:f5:56:40:36:c6:b9:
a8:3c:24:6b:73:bf:df:df:17:df:d7:9d:c9:5f:c5:
bf:e6:d6:0f:1f:1b:58:8e:a8:0f:74:90:99:32:a5:
fc:f0:b6:98:43:af:03:53:89:27:13:43:c3:95:40:
a9:25:08:a8:47:a2:93:d5:4f:ac:e2:47:3d:fc:70:
5e:a3:ac:3d:9b:47:2a:ec:e2:3d:ed:d2:c2:39:9c:
2b:db:14:27:8c:a7:24:bb:4f:ae:79:d9:d1:ef:33:
75:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F8:57:AE:1D:44:3A:94:5F:C8:23:8C:C8:1B:A3:39:2C:6A:B7:94
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6F1A53C13C011F19A6676F5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.252.0/23
Signature Algorithm: sha256WithRSAEncryption
84:5a:b2:45:7a:fc:17:f0:5d:7e:27:82:cd:b6:8d:58:d9:67:
68:63:af:97:64:f1:28:09:3e:d2:23:67:33:57:3b:a9:13:a8:
8f:3d:dd:8f:95:ad:fc:ad:b4:9b:c1:b9:be:37:07:a6:9c:1c:
85:3d:e7:49:8c:66:15:5e:51:96:20:db:b8:69:09:be:42:cc:
2d:27:4f:da:76:14:c4:68:4b:a9:18:89:38:63:08:e4:2b:84:
07:ba:f2:29:cc:ac:68:00:c5:af:14:d6:c7:c6:3f:e6:b6:44:
ed:12:c3:04:0a:62:25:5a:d5:23:06:c9:f6:77:6a:29:86:82:
e0:f3:dc:11:b9:f4:6e:ff:dc:2c:e0:05:1d:bf:13:f6:d5:92:
23:4a:d6:2d:f9:43:89:5d:52:61:22:a5:38:b0:3e:cd:fd:36:
e5:34:f9:38:e9:d9:f9:a0:ef:ab:35:98:a4:e3:7a:9a:03:ee:
0f:7c:e9:57:54:86:43:dc:07:2e:a6:85:0d:bb:ee:06:37:13:
a6:29:c7:9f:41:04:33:a6:09:81:54:db:5b:99:60:83:ef:75:
dd:49:6e:bc:c2:3c:ae:e8:25:50:14:d3:0a:b5:92:b6:aa:30:
a1:0c:3e:94:7a:4b:ab:13:08:8a:ef:43:1a:db:fc:c9:d2:b1:
6e:c9:34:e5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaEeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjI3MDk0NDQ3WhcNMjYwNDA5MDk0NDQ3WjAYMRYw
FAYDVQQDEw02OWExNjc5NC0zZDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuuaCxtUdHXLmKtnb0aNC7KST64wrXRCuvcQxiZ1/LFkuML66CjLWjppW
e6Qt+tl62748XBfn5Cwpl8keBi0evZ/fbHexXybvvvQInofpcmpmfMDYy8N9fElz
XOS75KaVwuPbK+TNkfZgk5Ee84A/kI4GT2sVqlj5AZHOeVaNVQIrrdmyYsO3SYgD
LJSCLzbmB0j9We9zMM1ajBEfB9r1VkA2xrmoPCRrc7/f3xff153JX8W/5tYPHxtY
jqgPdJCZMqX88LaYQ68DU4knE0PDlUCpJQioR6KT1U+s4kc9/HBeo6w9m0cq7OI9
7dLCOZwr2xQnjKcku0+uednR7zN1SQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPT4
V64dRDqUX8gjjMgbozksareUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNkYxQTUzQzEzQzAxMUYxOUE2Njc2RjVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPP8MA0GCSqGSIb3DQEBCwUA
A4IBAQCEWrJFevwX8F1+J4LNto1Y2WdoY6+XZPEoCT7SI2czVzupE6iPPd2Pla38
rbSbwbm+NwemnByFPedJjGYVXlGWINu4aQm+QswtJ0/adhTEaEupGIk4YwjkK4QH
uvIpzKxoAMWvFNbHxj/mtkTtEsMECmIlWtUjBsn2d2ophoLg89wRufRu/9ws4AUd
vxP21ZIjStYt+UOJXVJhIqU4sD7N/TblNPk46dn5oO+rNZik43qaA+4PfOlXVIZD
3AcupoUNu+4GNxOmKcefQQQzpgmBVNtbmWCD73XdSW68wjyu6CVQFNMKtZK2qjCh
DD6UekurEwiK70Ma2/zJ0rFuyTTl
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:33:58 2026 by rpki-client