Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/019A8A5E43A911F1A5F5A7CACE1D38B0.roa
File: 019A8A5E43A911F1A5F5A7CACE1D38B0.roa (raw, json)
Hash identifier: cmcxLjOkr3UxwUdPlQp5mD8UtFDsgLQJlzOCos74e9g=
Subject key identifier: 0B:8E:B5:AD:C2:19:A4:51:69:F7:83:09:D4:0E:92:EB:9D:73:F7:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AFCD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/019A8A5E43A911F1A5F5A7CACE1D38B0.roa
Signing time: Wed 29 Apr 2026 08:54:18 +0000
ROA not before: Wed 29 Apr 2026 08:54:13 +0000
ROA not after: Thu 04 Jun 2026 08:54:13 +0000
asID: 138643
IP address blocks: 156.234.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110541 (0x1afcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 08:54:13 2026 GMT
Not After : Jun 4 08:54:13 2026 GMT
Subject: CN=69f1c73a-9927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7b:fa:4f:38:1c:9c:2b:ec:ac:d9:38:bf:ac:
68:ed:04:ea:a4:e5:64:96:2e:0c:be:9d:48:41:0c:
df:a0:87:61:d8:bc:00:be:40:c1:11:eb:de:7d:8e:
5b:37:69:91:fb:b6:1c:51:2f:c0:3e:85:3a:52:d8:
12:e4:46:4d:3c:13:0d:92:1b:97:25:06:ff:57:aa:
ca:af:2f:50:81:26:50:e2:7f:23:81:42:d5:e7:f5:
75:0b:a4:97:c9:5b:dd:fd:ec:99:79:10:54:c8:6e:
ae:da:e7:da:44:30:e8:ed:de:76:77:4d:23:28:24:
ec:3c:ee:b1:07:d0:4a:06:ac:84:4a:1c:6f:8b:05:
91:80:89:95:05:ac:47:05:5e:9d:1f:85:94:16:9b:
b6:c1:c2:0d:fe:ae:13:09:f6:2c:f8:76:6a:26:ff:
32:af:74:de:3f:12:e9:20:20:c1:88:3e:a0:d6:14:
72:2d:41:a8:34:4f:fe:54:ff:f6:e5:4d:6c:af:9d:
be:cd:13:59:e8:ad:d1:96:69:dc:3b:79:83:f6:03:
80:cd:50:63:52:9e:45:1b:e8:e9:86:dc:52:b8:94:
7b:0a:16:bc:1f:3c:3d:61:05:36:11:b5:25:dd:4b:
b4:bf:16:54:ea:a9:7a:83:5f:5a:54:7c:76:13:76:
92:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:8E:B5:AD:C2:19:A4:51:69:F7:83:09:D4:0E:92:EB:9D:73:F7:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/019A8A5E43A911F1A5F5A7CACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:bb:7b:1e:24:29:eb:b7:bf:24:37:0e:17:24:05:32:9b:3c:
54:4b:27:98:48:ce:22:20:c2:6e:91:e2:c0:ba:11:85:e3:b6:
fb:91:d1:dd:22:44:5f:1c:ca:f5:ae:2a:60:b0:d8:f4:2d:ae:
cd:71:31:a0:c6:73:2b:dc:22:b0:21:c5:2a:57:1d:61:4b:4f:
2b:53:40:63:e7:b6:b8:d5:2d:f0:a3:11:dd:4a:04:11:31:11:
95:b9:4b:6d:79:42:39:26:c0:9e:c2:0e:c1:2b:d3:68:11:ac:
3a:f1:41:97:cd:41:d4:90:5d:5c:38:5d:61:41:65:c9:46:8d:
81:61:02:b2:21:82:32:3d:18:2b:d0:fb:0e:fe:08:48:31:94:
15:b6:e1:56:4a:1f:15:d5:df:12:e0:e1:cc:1a:a0:7e:51:bb:
89:31:ee:74:e9:1e:93:2f:da:c5:d1:e0:13:a8:c5:f7:22:21:
12:eb:b7:c0:6b:83:51:98:72:be:54:bc:13:0a:23:f3:b2:d4:
5d:32:32:e1:cf:bc:87:48:3c:fb:2a:f3:f6:98:76:ed:83:53:
80:16:fc:b9:dd:9c:04:0c:9b:6d:a2:21:23:cc:b7:1f:02:12:
36:48:c3:b3:8c:4f:36:3d:25:b4:77:a0:b7:98:92:3d:30:35:
76:6f:5b:32
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAa/NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDI5MDg1NDEzWhcNMjYwNjA0MDg1NDEzWjAYMRYw
FAYDVQQDEw02OWYxYzczYS05OTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApnv6TzgcnCvsrNk4v6xo7QTqpOVkli4Mvp1IQQzfoIdh2LwAvkDBEeve
fY5bN2mR+7YcUS/APoU6UtgS5EZNPBMNkhuXJQb/V6rKry9QgSZQ4n8jgULV5/V1
C6SXyVvd/eyZeRBUyG6u2ufaRDDo7d52d00jKCTsPO6xB9BKBqyEShxviwWRgImV
BaxHBV6dH4WUFpu2wcIN/q4TCfYs+HZqJv8yr3TePxLpICDBiD6g1hRyLUGoNE/+
VP/25U1sr52+zRNZ6K3RlmncO3mD9gOAzVBjUp5FG+jphtxSuJR7Cha8Hzw9YQU2
EbUl3Uu0vxZU6ql6g19aVHx2E3aScQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAuO
ta3CGaRRafeDCdQOkuudc/fdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMTlBOEE1RTQzQTkxMUYxQTVGNUE3Q0FDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOoAMA0GCSqGSIb3DQEBCwUA
A4IBAQBNu3seJCnrt78kNw4XJAUymzxUSyeYSM4iIMJukeLAuhGF47b7kdHdIkRf
HMr1ripgsNj0La7NcTGgxnMr3CKwIcUqVx1hS08rU0Bj57a41S3woxHdSgQRMRGV
uUtteUI5JsCewg7BK9NoEaw68UGXzUHUkF1cOF1hQWXJRo2BYQKyIYIyPRgr0PsO
/ghIMZQVtuFWSh8V1d8S4OHMGqB+UbuJMe506R6TL9rF0eATqMX3IiES67fAa4NR
mHK+VLwTCiPzstRdMjLhz7yHSDz7KvP2mHbtg1OAFvy53ZwEDJttoiEjzLcfAhI2
SMOzjE82PSW0d6C3mJI9MDV2b1sy
-----END CERTIFICATE-----
Generated at Wed May 13 12:02:43 2026 by rpki-client