Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/3F8563360B3011F1952D8DD1DAE4EC9C.roa
File: 3F8563360B3011F1952D8DD1DAE4EC9C.roa (raw, json)
Hash identifier: ywRwAGyvq53R6hNtJgtpMHcYkRZeZDea56O4hCBnArk=
Subject key identifier: 75:B4:AF:05:F5:27:CB:7B:0A:68:4F:2E:3E:CE:A1:58:17:0E:B4:A6
Certificate issuer: /CN=F369591CAR/serialNumber=0728C9B8455C65977FA30987DE4941DF018C651C
Certificate serial: 047F
Authority key identifier: 07:28:C9:B8:45:5C:65:97:7F:A3:09:87:DE:49:41:DF:01:8C:65:1C
Authority info access: rsync://rpki.afrinic.net/repository/arin/ByjJuEVcZZd_owmH3klB3wGMZRw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/3F8563360B3011F1952D8DD1DAE4EC9C.roa
Signing time: Mon 16 Feb 2026 12:08:48 +0000
ROA not before: Mon 16 Feb 2026 12:08:41 +0000
ROA not after: Tue 31 Dec 2030 12:08:41 +0000
asID: 15964
IP address blocks: 165.211.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/ByjJuEVcZZd_owmH3klB3wGMZRw.crl
rsync://rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/ByjJuEVcZZd_owmH3klB3wGMZRw.mft
rsync://rpki.afrinic.net/repository/arin/ByjJuEVcZZd_owmH3klB3wGMZRw.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1151 (0x47f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369591CAR, serialNumber=0728C9B8455C65977FA30987DE4941DF018C651C
Validity
Not Before: Feb 16 12:08:41 2026 GMT
Not After : Dec 31 12:08:41 2030 GMT
Subject: CN=699308d0-49ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:86:a6:c7:1d:87:4a:48:e5:c0:1c:a4:9a:f0:
25:58:54:01:e0:56:e4:90:e7:85:ce:52:5a:68:e0:
ca:68:de:4c:0d:b4:05:e2:5b:ad:df:c4:53:7b:14:
6f:ff:e9:fb:32:f0:77:46:f1:0f:2f:a8:02:5b:ff:
30:08:81:f3:3e:12:19:df:8e:5d:fe:65:ad:e0:90:
7c:20:b2:e7:dd:9b:e1:db:23:f5:8b:03:11:7c:4c:
4a:40:37:60:f5:53:db:9e:5f:f6:21:b3:95:3f:9a:
8c:8d:87:a4:de:b2:43:5b:9e:c8:a0:d6:8e:45:10:
fd:31:cd:ed:d3:8c:f4:dd:fb:dc:97:f2:87:f7:57:
9f:31:ee:6e:85:db:bd:a4:6d:4b:94:f3:22:ee:93:
50:37:05:62:f7:96:c3:5d:69:0e:be:db:98:77:ac:
44:31:0d:15:50:55:cb:67:11:85:da:4e:af:f2:09:
7f:e9:ce:ad:20:de:43:b1:5c:26:35:ea:d4:27:15:
77:ba:cb:13:30:21:79:e4:ec:c9:f2:16:ba:1d:d9:
d6:ee:1c:ea:7c:90:68:ea:e8:52:3a:1c:be:5f:c2:
6f:c3:4a:34:f0:ff:f1:66:53:46:84:76:c1:0d:c3:
c7:f0:25:b8:e0:3d:39:c0:82:64:d1:74:4b:a7:b6:
97:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B4:AF:05:F5:27:CB:7B:0A:68:4F:2E:3E:CE:A1:58:17:0E:B4:A6
X509v3 Authority Key Identifier:
keyid:07:28:C9:B8:45:5C:65:97:7F:A3:09:87:DE:49:41:DF:01:8C:65:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/ByjJuEVcZZd_owmH3klB3wGMZRw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/ByjJuEVcZZd_owmH3klB3wGMZRw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/3F8563360B3011F1952D8DD1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.211.28.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:e4:37:ca:c2:55:d2:93:04:2d:93:9c:e5:73:27:fc:8a:de:
a4:2b:fc:dc:f0:39:05:49:dc:21:9e:5d:b3:a3:0a:9a:39:49:
9c:a0:7a:a9:f9:06:4a:00:a4:61:6e:21:cd:67:36:48:df:c5:
de:fc:d0:86:f8:48:09:31:1a:28:0a:a1:46:0c:5a:03:d1:6f:
4a:77:0d:86:47:d3:78:b1:58:df:10:55:38:34:da:02:7c:9d:
56:d3:eb:b5:26:8d:4a:22:67:29:30:fd:84:d3:63:44:fa:c1:
2c:32:15:2a:16:b5:b1:a0:07:5c:89:d4:9c:10:9d:06:15:a9:
a4:fe:af:43:33:ff:3a:95:c2:ec:5a:a5:92:a4:81:cc:ac:ed:
25:2c:cb:b4:92:c6:2f:f9:d1:03:26:d3:9a:cc:53:74:fc:1e:
c5:e5:29:16:49:18:c0:c5:10:14:54:7e:a0:7c:64:67:e4:79:
d1:b1:80:48:d9:47:45:0a:ca:f4:8e:8b:3c:6e:33:e0:da:c2:
03:c3:9f:3f:15:ec:98:c3:9d:20:7d:02:74:a5:77:39:fa:27:
34:5c:78:12:7d:43:ae:ec:57:87:4e:61:0d:59:c9:ec:1b:e6:
39:9c:c2:33:82:c5:ae:ce:ae:5b:1a:60:92:a9:fc:ee:c0:df:
8c:ad:49:9a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBH8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTU5MUNBUjExMC8GA1UEBRMoMDcyOEM5Qjg0NTVDNjU5NzdGQTMwOTg3REU0OTQx
REYwMThDNjUxQzAeFw0yNjAyMTYxMjA4NDFaFw0zMDEyMzExMjA4NDFaMBgxFjAU
BgNVBAMTDTY5OTMwOGQwLTQ5ZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDMhqbHHYdKSOXAHKSa8CVYVAHgVuSQ54XOUlpo4Mpo3kwNtAXiW63fxFN7
FG//6fsy8HdG8Q8vqAJb/zAIgfM+Ehnfjl3+Za3gkHwgsufdm+HbI/WLAxF8TEpA
N2D1U9ueX/Yhs5U/moyNh6TeskNbnsig1o5FEP0xze3TjPTd+9yX8of3V58x7m6F
272kbUuU8yLuk1A3BWL3lsNdaQ6+25h3rEQxDRVQVctnEYXaTq/yCX/pzq0g3kOx
XCY16tQnFXe6yxMwIXnk7MnyFrod2dbuHOp8kGjq6FI6HL5fwm/DSjTw//FmU0aE
dsENw8fwJbjgPTnAgmTRdEuntpefAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUdbSv
BfUny3sKaE8uPs6hWBcOtKYwHwYDVR0jBBgwFoAUByjJuEVcZZd/owmH3klB3wGM
ZRwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzREOTJFQzI2QzI0NzExRURCRjkzMjNBMEYxMjIyNDY4L0J5akp1
RVZjWlpkX293bUgza2xCM3dHTVpSdy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0J5akp1RVZjWlpkX293bUgza2xCM3dHTVpSdy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjk1OTFDLzREOTJFQzI2QzI0NzExRURCRjkzMjNBMEYxMjIy
NDY4LzNGODU2MzM2MEIzMDExRjE5NTJEOEREMURBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACl0xwwDQYJKoZIhvcNAQELBQAD
ggEBAH7kN8rCVdKTBC2TnOVzJ/yK3qQr/NzwOQVJ3CGeXbOjCpo5SZygeqn5BkoA
pGFuIc1nNkjfxd780Ib4SAkxGigKoUYMWgPRb0p3DYZH03ixWN8QVTg02gJ8nVbT
67UmjUoiZykw/YTTY0T6wSwyFSoWtbGgB1yJ1JwQnQYVqaT+r0Mz/zqVwuxapZKk
gcys7SUsy7SSxi/50QMm05rMU3T8HsXlKRZJGMDFEBRUfqB8ZGfkedGxgEjZR0UK
yvSOizxuM+DawgPDnz8V7JjDnSB9AnSldzn6JzRceBJ9Q67sV4dOYQ1Zyewb5jmc
wjOCxa7OrlsaYJKp/O7A34ytSZo=
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:11:52 2026 by rpki-client