Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/012B75C027C911F1B8C953BADAE4EC9C.roa
File: 012B75C027C911F1B8C953BADAE4EC9C.roa (raw, json)
Hash identifier: 2tBZ2S4zL5cS+5YInrzdzQaLgGtZswpgZ8+AHOSPNf8=
Subject key identifier: 06:28:58:E9:1C:BE:15:5E:E6:3A:63:D9:8E:8F:CC:7E:DB:D0:13:89
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A744
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/012B75C027C911F1B8C953BADAE4EC9C.roa
Signing time: Tue 24 Mar 2026 21:32:49 +0000
ROA not before: Tue 24 Mar 2026 21:32:44 +0000
ROA not after: Wed 08 Apr 2026 21:32:44 +0000
asID: 24435
IP address blocks: 156.238.82.0/24 maxlen: 24
156.238.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108356 (0x1a744)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 24 21:32:44 2026 GMT
Not After : Apr 8 21:32:44 2026 GMT
Subject: CN=69c30301-5c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b8:99:65:5f:e7:d3:29:e6:14:ae:fa:bb:c7:
1a:dc:53:91:fa:70:8f:87:c5:53:3a:c7:e9:cd:a4:
c8:43:18:0c:4f:f1:b1:1a:65:8e:3b:a6:28:5c:36:
b4:6a:18:61:49:36:f4:88:56:d9:43:53:3a:11:49:
96:eb:5c:85:9e:d1:69:eb:c6:ce:56:26:72:56:e5:
56:f6:52:8c:b9:54:bb:51:31:29:88:6d:fe:74:71:
cb:e6:3c:5a:06:99:cf:03:9f:bd:f7:c5:08:e6:30:
d5:da:28:61:32:6c:a9:14:32:ca:a9:21:88:37:91:
17:39:bd:98:44:4e:14:44:40:56:4f:98:8c:98:92:
df:87:9b:2e:4e:af:64:16:89:b9:51:11:41:36:82:
5a:b3:d5:92:dc:f9:4c:90:39:58:af:9b:ae:5d:6c:
ef:0c:3b:2b:36:c4:26:d4:7e:ed:28:49:56:5c:db:
4b:e2:2d:69:08:10:0f:71:c2:53:1b:6b:7e:ec:8a:
33:49:5c:44:83:12:15:55:2f:38:09:19:8b:ca:01:
6f:4e:41:c1:74:17:fe:99:a3:2c:54:20:8c:a4:e6:
5d:59:dd:03:a9:dc:51:34:d7:6b:3a:ce:f3:f1:09:
3d:6d:04:67:e6:e3:a9:49:fd:4e:a5:53:89:61:df:
04:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:28:58:E9:1C:BE:15:5E:E6:3A:63:D9:8E:8F:CC:7E:DB:D0:13:89
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/012B75C027C911F1B8C953BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.82.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:d1:71:3f:4d:47:01:da:d7:f9:f0:b4:61:cd:f4:67:dc:63:
d2:ca:fe:71:ba:32:cb:6d:00:f8:34:c9:8c:a7:cc:cd:e5:90:
ac:b2:a7:b2:ba:9c:c0:e8:04:d7:56:1d:cd:04:94:22:5c:4c:
98:9d:56:2b:2e:29:b7:fd:6f:c4:33:86:3a:86:ec:39:fc:98:
ef:2f:7d:29:37:0a:91:06:38:01:0d:9f:7f:f8:a2:45:8e:7c:
59:ea:93:a7:34:dc:24:ed:c3:25:65:4b:66:b8:83:e6:ba:4b:
e1:e3:62:38:ea:13:d0:31:2d:f9:42:29:36:f8:40:75:6a:20:
36:7b:ca:c2:33:91:d2:2d:58:d2:f7:21:e2:9d:57:2f:b8:68:
17:fb:e2:36:fc:81:f3:67:07:ef:ff:0b:a0:69:a7:8c:be:cb:
c0:b0:fc:49:de:94:53:09:56:15:28:17:98:e3:21:05:11:d4:
32:17:e5:d2:b8:78:c4:14:70:67:7e:10:d8:4f:03:1d:b2:c6:
40:5d:6a:82:58:e1:5c:cf:c5:3a:b9:b2:95:ac:1d:77:3a:b4:
5c:bc:02:55:7a:05:34:f2:69:50:75:d7:41:19:e1:a6:4d:12:
60:e8:93:bd:a6:30:30:5b:0d:7f:c9:a7:72:99:3d:c8:27:31:
8d:0f:0d:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAadEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzI0MjEzMjQ0WhcNMjYwNDA4MjEzMjQ0WjAYMRYw
FAYDVQQDEw02OWMzMDMwMS01YzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3LiZZV/n0ynmFK76u8ca3FOR+nCPh8VTOsfpzaTIQxgMT/GxGmWOO6Yo
XDa0ahhhSTb0iFbZQ1M6EUmW61yFntFp68bOViZyVuVW9lKMuVS7UTEpiG3+dHHL
5jxaBpnPA5+998UI5jDV2ihhMmypFDLKqSGIN5EXOb2YRE4UREBWT5iMmJLfh5su
Tq9kFom5URFBNoJas9WS3PlMkDlYr5uuXWzvDDsrNsQm1H7tKElWXNtL4i1pCBAP
ccJTG2t+7IozSVxEgxIVVS84CRmLygFvTkHBdBf+maMsVCCMpOZdWd0DqdxRNNdr
Os7z8Qk9bQRn5uOpSf1OpVOJYd8E9wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAYo
WOkcvhVe5jpj2Y6PzH7b0BOJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMTJCNzVDMDI3QzkxMUYxQjhDOTUzQkFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO5SMA0GCSqGSIb3DQEBCwUA
A4IBAQAO0XE/TUcB2tf58LRhzfRn3GPSyv5xujLLbQD4NMmMp8zN5ZCssqeyupzA
6ATXVh3NBJQiXEyYnVYrLim3/W/EM4Y6huw5/JjvL30pNwqRBjgBDZ9/+KJFjnxZ
6pOnNNwk7cMlZUtmuIPmukvh42I46hPQMS35Qik2+EB1aiA2e8rCM5HSLVjS9yHi
nVcvuGgX++I2/IHzZwfv/wugaaeMvsvAsPxJ3pRTCVYVKBeY4yEFEdQyF+XSuHjE
FHBnfhDYTwMdssZAXWqCWOFcz8U6ubKVrB13OrRcvAJVegU08mlQdddBGeGmTRJg
6JO9pjAwWw1/yadymT3IJzGNDw26
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:15:31 2026 by rpki-client