Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF91667C13BC11F19B51FDDEDAE4EC9C.roa
File: FF91667C13BC11F19B51FDDEDAE4EC9C.roa (raw, json)
Hash identifier: U93ozOrB/WPOsczCH2pYFoAm1P1UpA2H1Sg1UYPbRCQ=
Subject key identifier: 26:9B:1F:78:33:ED:50:0B:52:B0:D0:98:6E:1F:B6:43:61:0A:3E:0F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A116
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF91667C13BC11F19B51FDDEDAE4EC9C.roa
Signing time: Fri 27 Feb 2026 09:16:29 +0000
ROA not before: Fri 27 Feb 2026 09:16:25 +0000
ROA not after: Thu 09 Apr 2026 09:16:25 +0000
asID: 401783
IP address blocks: 156.254.117.0/24 maxlen: 24
156.254.118.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106774 (0x1a116)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 27 09:16:25 2026 GMT
Not After : Apr 9 09:16:25 2026 GMT
Subject: CN=69a160ed-5953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:82:17:c3:6d:26:20:68:b3:17:85:d9:e3:e2:
74:7a:da:89:9e:22:76:cd:cd:13:a1:0f:bf:8e:4e:
6b:64:39:9e:dd:83:0e:51:8a:bf:19:4e:19:6b:d3:
6d:37:4b:62:11:fc:17:04:ad:9c:3b:89:cf:27:63:
20:e8:66:a4:9f:03:2f:8a:c9:70:1e:f7:63:a6:02:
44:fb:29:91:a3:49:89:14:1b:89:b8:a3:dc:52:7a:
1b:ee:83:92:b5:88:f6:21:d0:ef:9b:0e:4a:fb:b0:
be:1e:10:ce:ac:b0:83:13:57:2f:b1:ad:cb:ec:9c:
1e:e5:b6:27:29:22:7a:1a:32:f8:06:24:2f:eb:13:
a9:63:07:b8:64:61:a5:b6:73:e4:88:25:02:11:9a:
84:f6:2f:cd:27:ca:0a:cc:89:fe:7d:01:34:7f:2f:
d9:9b:91:f4:f3:aa:af:a8:59:f9:28:e5:cb:70:d4:
d4:88:f9:ed:72:5b:de:5e:5d:5f:23:2b:fe:11:92:
4a:fc:28:93:a5:a6:2b:93:b2:ef:c1:22:19:40:4f:
e0:9e:fb:bf:fa:18:3b:30:74:51:bb:66:d4:2f:8e:
dc:95:d4:28:c9:84:fc:b5:39:93:86:65:ef:43:60:
32:e3:a6:5d:3d:92:95:88:6d:9a:14:07:63:79:e0:
78:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:9B:1F:78:33:ED:50:0B:52:B0:D0:98:6E:1F:B6:43:61:0A:3E:0F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF91667C13BC11F19B51FDDEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.117.0-156.254.119.255
Signature Algorithm: sha256WithRSAEncryption
36:ef:09:37:25:36:6c:17:14:88:90:b5:04:a2:84:d3:de:be:
1d:4f:1c:e7:3f:f6:ab:16:ab:06:9a:23:78:ce:02:27:a5:28:
89:6f:52:3e:36:a9:26:77:30:b7:7f:49:56:07:0c:fe:ce:9d:
8c:2e:a5:9d:f9:55:55:24:53:bc:10:20:fe:1c:ab:80:6e:ff:
96:f6:24:3d:9c:bf:d4:af:31:6d:4a:97:09:7f:f4:eb:d7:6d:
a1:9f:d5:c8:52:42:a5:d5:a9:26:0e:01:f0:d9:b1:60:22:3b:
d8:e1:42:e2:10:ee:32:08:c3:fa:06:39:42:da:0c:53:fe:48:
ba:d4:fc:39:f3:e7:c5:9e:52:7c:3c:53:f0:b9:f0:66:ea:15:
9d:3a:04:a5:1f:69:ce:8d:e4:45:8f:fe:07:f6:af:ab:45:bf:
42:7b:59:4d:73:4a:b6:9e:3f:c9:0c:54:dc:d5:7f:b0:c0:21:
ad:7a:22:83:ab:90:0d:ca:c8:d0:65:9f:47:32:3c:f3:b0:5e:
a5:56:6b:86:63:4d:9b:c9:5f:b0:1b:f2:04:a7:1e:0e:2d:af:
6d:f5:01:30:43:64:83:1c:fb:67:f2:61:fc:a7:78:f1:8d:90:
ec:47:8d:11:e9:87:27:82:f0:bd:b1:b2:f0:14:37:50:5e:e5:
87:3c:38:f7
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAaEWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjI3MDkxNjI1WhcNMjYwNDA5MDkxNjI1WjAYMRYw
FAYDVQQDEw02OWExNjBlZC01OTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7IIXw20mIGizF4XZ4+J0etqJniJ2zc0ToQ+/jk5rZDme3YMOUYq/GU4Z
a9NtN0tiEfwXBK2cO4nPJ2Mg6GaknwMvislwHvdjpgJE+ymRo0mJFBuJuKPcUnob
7oOStYj2IdDvmw5K+7C+HhDOrLCDE1cvsa3L7Jwe5bYnKSJ6GjL4BiQv6xOpYwe4
ZGGltnPkiCUCEZqE9i/NJ8oKzIn+fQE0fy/Zm5H086qvqFn5KOXLcNTUiPntclve
Xl1fIyv+EZJK/CiTpaYrk7LvwSIZQE/gnvu/+hg7MHRRu2bUL47cldQoyYT8tTmT
hmXvQ2Ay46ZdPZKViG2aFAdjeeB4YwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFCab
H3gz7VALUrDQmG4ftkNhCj4PMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRjkxNjY3QzEzQkMxMUYxOUI1MUZEREVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc/nUDBAOc/nAwDQYJKoZI
hvcNAQELBQADggEBADbvCTclNmwXFIiQtQSihNPevh1PHOc/9qsWqwaaI3jOAiel
KIlvUj42qSZ3MLd/SVYHDP7OnYwupZ35VVUkU7wQIP4cq4Bu/5b2JD2cv9SvMW1K
lwl/9OvXbaGf1chSQqXVqSYOAfDZsWAiO9jhQuIQ7jIIw/oGOULaDFP+SLrU/Dnz
58WeUnw8U/C58GbqFZ06BKUfac6N5EWP/gf2r6tFv0J7WU1zSraeP8kMVNzVf7DA
Ia16IoOrkA3KyNBln0cyPPOwXqVWa4ZjTZvJX7Ab8gSnHg4tr231ATBDZIMc+2fy
YfynePGNkOxHjRHphyeC8L2xsvAUN1Be5Yc8OPc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:38:03 2026 by rpki-client