Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3632159/8A0A5AE84ABC11EDACFD3184F1222468/14676520195C11F1882310E6DAE4EC9C.roa
File: 14676520195C11F1882310E6DAE4EC9C.roa (raw, json)
Hash identifier: MEXom9qqtVBHi9cTLvqwaxyNpMlwORLkLiKzmbGhhwI=
Subject key identifier: 20:FD:FC:62:1F:78:A1:3B:03:25:68:A8:8C:11:B2:10:5D:01:26:21
Certificate issuer: /CN=F3632159AR/serialNumber=6721A192FCFD261A77C1CDDC47891C7814FAC777
Certificate serial: 0501
Authority key identifier: 67:21:A1:92:FC:FD:26:1A:77:C1:CD:DC:47:89:1C:78:14:FA:C7:77
Authority info access: rsync://rpki.afrinic.net/repository/arin/ZyGhkvz9Jhp3wc3cR4kceBT6x3c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3632159/8A0A5AE84ABC11EDACFD3184F1222468/14676520195C11F1882310E6DAE4EC9C.roa
Signing time: Fri 06 Mar 2026 12:57:50 +0000
ROA not before: Fri 06 Mar 2026 12:57:44 +0000
ROA not after: Thu 06 Mar 2036 12:57:44 +0000
asID: 328218
IP address blocks: 160.19.128.0/20 maxlen: 21
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3632159/8A0A5AE84ABC11EDACFD3184F1222468/ZyGhkvz9Jhp3wc3cR4kceBT6x3c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3632159/8A0A5AE84ABC11EDACFD3184F1222468/ZyGhkvz9Jhp3wc3cR4kceBT6x3c.mft
rsync://rpki.afrinic.net/repository/arin/ZyGhkvz9Jhp3wc3cR4kceBT6x3c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1281 (0x501)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3632159AR, serialNumber=6721A192FCFD261A77C1CDDC47891C7814FAC777
Validity
Not Before: Mar 6 12:57:44 2026 GMT
Not After : Mar 6 12:57:44 2036 GMT
Subject: CN=69aacf4e-a3d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:90:2c:4a:42:1d:10:81:12:1f:24:48:40:8c:
d0:02:10:af:47:db:02:ad:cb:e4:90:71:b0:e8:94:
03:5d:09:d2:5f:09:93:7d:06:a9:02:b4:0b:d3:9a:
88:57:f9:06:10:8e:73:d4:02:4f:27:9a:40:cd:8d:
c6:6a:d6:51:14:fb:ae:fe:1f:03:3b:f2:96:cd:01:
7e:03:b7:d3:bd:3e:35:87:13:55:4f:72:d5:10:38:
c3:0f:3d:c2:ce:cc:d0:86:8b:64:ef:89:f9:18:ee:
6e:30:53:15:92:85:de:3b:6f:94:f9:3a:c5:8b:00:
ba:b6:f4:ea:7a:d4:0e:2c:08:46:92:af:2e:44:83:
e9:94:5c:44:58:e8:b7:4e:aa:65:7f:18:8a:6e:4d:
af:b7:3e:4b:05:83:d7:80:58:e0:b2:52:f4:c1:e7:
9a:2b:18:b7:d9:01:cd:34:0e:2b:98:af:5b:9e:54:
68:ce:17:b0:db:c9:37:06:8f:34:b1:11:87:5a:b9:
aa:20:61:cb:eb:a8:d0:91:5b:4a:28:cd:f0:18:30:
63:c7:fe:20:9b:e9:3c:63:2a:6d:5e:08:0a:13:ba:
8f:66:b2:4c:91:db:10:6b:31:c6:88:e4:fc:2f:14:
40:f4:49:b7:69:0f:85:48:e8:a4:de:d0:5f:9a:b7:
ff:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FD:FC:62:1F:78:A1:3B:03:25:68:A8:8C:11:B2:10:5D:01:26:21
X509v3 Authority Key Identifier:
keyid:67:21:A1:92:FC:FD:26:1A:77:C1:CD:DC:47:89:1C:78:14:FA:C7:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3632159/8A0A5AE84ABC11EDACFD3184F1222468/ZyGhkvz9Jhp3wc3cR4kceBT6x3c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/ZyGhkvz9Jhp3wc3cR4kceBT6x3c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3632159/8A0A5AE84ABC11EDACFD3184F1222468/14676520195C11F1882310E6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.19.128.0/20
Signature Algorithm: sha256WithRSAEncryption
48:b0:ed:0f:4f:32:5c:4e:24:c6:e7:95:f1:fc:78:40:66:b2:
48:50:a0:96:1b:47:a4:9c:59:82:39:ae:cd:36:89:3a:d2:2f:
77:ba:4a:97:6f:a9:9b:0d:af:80:c5:04:c4:df:31:6e:67:a6:
f4:e2:69:07:93:01:85:cc:19:e0:15:08:58:58:42:a4:e3:3a:
8e:06:2a:17:c9:fa:a8:9f:a3:bb:b4:03:a0:af:f7:6d:b1:88:
0d:a2:d5:d4:a6:ea:e1:c7:35:48:b2:dc:c7:9e:52:86:25:0f:
fc:5b:18:ad:37:1e:be:11:aa:2d:0d:da:27:7c:d0:e3:73:53:
3d:36:e8:ae:ce:83:42:d6:7a:b2:29:8d:00:b3:d5:9e:89:75:
79:99:80:18:75:e4:4b:f3:75:2f:18:47:4d:f6:05:3f:ce:b9:
68:45:c2:b0:8d:e1:71:e9:98:07:8e:bd:69:01:0b:d6:49:ef:
13:17:28:5a:76:28:eb:32:6c:97:24:96:04:55:93:5c:8e:28:
2b:09:36:da:07:92:ad:cf:07:ad:4a:fe:db:bf:fb:d8:32:52:
2f:f6:ba:6c:56:d8:e6:97:6b:b3:41:55:71:19:d8:2a:d0:de:
46:5c:1b:fe:7e:10:d0:3d:43:79:09:07:3e:92:c9:5d:37:70:
7b:43:04:13
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBQEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzIxNTlBUjExMC8GA1UEBRMoNjcyMUExOTJGQ0ZEMjYxQTc3QzFDRERDNDc4OTFD
NzgxNEZBQzc3NzAeFw0yNjAzMDYxMjU3NDRaFw0zNjAzMDYxMjU3NDRaMBgxFjAU
BgNVBAMTDTY5YWFjZjRlLWEzZDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDKkCxKQh0QgRIfJEhAjNACEK9H2wKty+SQcbDolANdCdJfCZN9BqkCtAvT
mohX+QYQjnPUAk8nmkDNjcZq1lEU+67+HwM78pbNAX4Dt9O9PjWHE1VPctUQOMMP
PcLOzNCGi2TvifkY7m4wUxWShd47b5T5OsWLALq29Op61A4sCEaSry5Eg+mUXERY
6LdOqmV/GIpuTa+3PksFg9eAWOCyUvTB55orGLfZAc00DiuYr1ueVGjOF7DbyTcG
jzSxEYdauaogYcvrqNCRW0oozfAYMGPH/iCb6TxjKm1eCAoTuo9mskyR2xBrMcaI
5PwvFED0SbdpD4VI6KTe0F+at/9vAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUIP38
Yh94oTsDJWiojBGyEF0BJiEwHwYDVR0jBBgwFoAUZyGhkvz9Jhp3wc3cR4kceBT6
x3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjMyMTU5LzhBMEE1QUU4NEFCQzExRURBQ0ZEMzE4NEYxMjIyNDY4L1p5R2hr
dno5SmhwM3djM2NSNGtjZUJUNngzYy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1p5R2hrdno5SmhwM3djM2NSNGtjZUJUNngzYy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjMyMTU5LzhBMEE1QUU4NEFCQzExRURBQ0ZEMzE4NEYxMjIy
NDY4LzE0Njc2NTIwMTk1QzExRjE4ODIzMTBFNkRBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASgE4AwDQYJKoZIhvcNAQELBQAD
ggEBAEiw7Q9PMlxOJMbnlfH8eEBmskhQoJYbR6ScWYI5rs02iTrSL3e6SpdvqZsN
r4DFBMTfMW5npvTiaQeTAYXMGeAVCFhYQqTjOo4GKhfJ+qifo7u0A6Cv922xiA2i
1dSm6uHHNUiy3MeeUoYlD/xbGK03Hr4Rqi0N2id80ONzUz026K7Og0LWerIpjQCz
1Z6JdXmZgBh15EvzdS8YR032BT/OuWhFwrCN4XHpmAeOvWkBC9ZJ7xMXKFp2KOsy
bJcklgRVk1yOKCsJNtoHkq3PB61K/tu/+9gyUi/2umxW2OaXa7NBVXEZ2CrQ3kZc
G/5+ENA9Q3kJBz6SyV03cHtDBBM=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:06:57 2026 by rpki-client