Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CDA19DE211C11F1BEEE78DADAE4EC9C.roa
File: 0CDA19DE211C11F1BEEE78DADAE4EC9C.roa (raw, json)
Hash identifier: Mq1YlM402Fwf5gU1r8Lc+dtfShKWh+s8yeBlnuX8yBk=
Subject key identifier: 6E:1B:6F:54:D8:FE:0C:23:09:66:52:C3:B1:42:CC:7B:13:55:E1:9A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A59A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CDA19DE211C11F1BEEE78DADAE4EC9C.roa
Signing time: Mon 16 Mar 2026 09:39:39 +0000
ROA not before: Mon 16 Mar 2026 09:39:34 +0000
ROA not after: Mon 20 Apr 2026 09:39:34 +0000
asID: 135391
IP address blocks: 156.254.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107930 (0x1a59a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 16 09:39:34 2026 GMT
Not After : Apr 20 09:39:34 2026 GMT
Subject: CN=69b7cfdb-eefc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:bc:d0:65:b0:a1:27:7c:3b:2a:4d:19:00:20:
0c:9c:83:d8:e2:aa:5c:49:88:bc:42:b3:d6:84:b3:
24:7a:44:06:d4:51:c1:1a:e0:65:dd:36:03:ca:ed:
c7:b9:14:96:00:f8:cd:58:f4:02:14:a7:f7:cc:6f:
0a:1e:98:54:92:95:8c:03:1f:ea:f5:ff:95:c9:18:
67:95:23:9b:e5:ec:f4:1d:b8:2b:dd:ae:71:d8:6e:
ca:70:c6:fa:87:f8:26:98:59:5e:39:59:82:4b:22:
b1:27:c1:04:82:f2:1d:69:49:d8:ff:fd:49:64:82:
61:aa:e7:48:7a:e5:62:30:f8:b0:55:a4:f1:1f:2d:
96:fd:40:99:b5:88:0b:5f:68:f4:8c:d9:68:95:32:
d8:12:47:cf:1f:c3:3a:44:f4:c5:96:bf:5f:3d:77:
4c:38:7d:a2:d8:33:5f:21:97:c9:64:96:01:0f:39:
7f:dd:d1:9b:2f:cb:b2:da:0e:d3:ea:f7:97:83:06:
f5:9a:3d:0e:d7:92:49:3d:98:4f:50:24:28:63:e0:
52:a5:53:f8:95:ff:bf:09:7b:15:46:2e:30:43:15:
ee:9a:25:46:e5:eb:a0:56:88:f6:2a:19:e5:b3:96:
a9:74:a1:85:c1:52:4e:87:e1:92:73:66:f6:d9:05:
ba:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1B:6F:54:D8:FE:0C:23:09:66:52:C3:B1:42:CC:7B:13:55:E1:9A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CDA19DE211C11F1BEEE78DADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.4.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:c0:bf:9c:10:96:ce:41:9f:d1:7b:3f:04:71:e4:7a:9c:46:
89:80:23:af:4c:d9:70:e8:fc:a2:6f:9c:d1:4f:7d:7b:83:5a:
7c:d4:19:ec:dd:a7:05:3a:20:72:42:b2:53:f7:89:3a:e3:06:
7c:12:27:43:27:cd:5e:99:5e:41:26:94:bb:09:ba:2f:ce:67:
42:f1:26:58:b5:e3:4a:00:cc:05:6c:cc:45:36:ef:d8:fc:be:
32:17:ed:62:45:53:2f:58:5d:4e:7d:af:3e:71:73:91:57:70:
28:6c:0c:23:b9:fd:a4:13:80:87:a3:5d:3f:e8:94:b4:c4:d4:
9c:d8:93:f0:27:72:f1:04:b2:da:1d:26:6f:d4:9e:14:a0:d0:
76:0d:f8:39:ca:ff:a2:38:2d:c7:d1:aa:a7:16:28:ae:23:5a:
2d:a3:1a:13:9c:df:96:c5:1c:41:b7:95:a6:95:59:0f:ce:57:
cb:fd:bd:9a:f6:3b:8c:80:35:3d:6a:2f:54:0c:e7:94:79:68:
6a:3e:46:0d:90:85:bd:99:3c:bd:4d:bd:54:90:70:ab:ea:0d:
ad:bc:5b:28:94:79:91:d3:0f:dd:e0:91:17:3e:19:1e:e5:c3:
cf:7a:52:1b:8c:08:2c:49:21:ab:5c:00:de:25:91:23:6f:e6:
23:4b:6d:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaWaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzE2MDkzOTM0WhcNMjYwNDIwMDkzOTM0WjAYMRYw
FAYDVQQDEw02OWI3Y2ZkYi1lZWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4LzQZbChJ3w7Kk0ZACAMnIPY4qpcSYi8QrPWhLMkekQG1FHBGuBl3TYD
yu3HuRSWAPjNWPQCFKf3zG8KHphUkpWMAx/q9f+VyRhnlSOb5ez0Hbgr3a5x2G7K
cMb6h/gmmFleOVmCSyKxJ8EEgvIdaUnY//1JZIJhqudIeuViMPiwVaTxHy2W/UCZ
tYgLX2j0jNlolTLYEkfPH8M6RPTFlr9fPXdMOH2i2DNfIZfJZJYBDzl/3dGbL8uy
2g7T6veXgwb1mj0O15JJPZhPUCQoY+BSpVP4lf+/CXsVRi4wQxXumiVG5eugVoj2
Khnls5apdKGFwVJOh+GSc2b22QW6LwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG4b
b1TY/gwjCWZSw7FCzHsTVeGaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQ0RBMTlERTIxMUMxMUYxQkVFRTc4REFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4EMA0GCSqGSIb3DQEBCwUA
A4IBAQCOwL+cEJbOQZ/Rez8EceR6nEaJgCOvTNlw6Pyib5zRT317g1p81Bns3acF
OiByQrJT94k64wZ8EidDJ81emV5BJpS7CbovzmdC8SZYteNKAMwFbMxFNu/Y/L4y
F+1iRVMvWF1Ofa8+cXORV3AobAwjuf2kE4CHo10/6JS0xNSc2JPwJ3LxBLLaHSZv
1J4UoNB2Dfg5yv+iOC3H0aqnFiiuI1otoxoTnN+WxRxBt5WmlVkPzlfL/b2a9juM
gDU9ai9UDOeUeWhqPkYNkIW9mTy9Tb1UkHCr6g2tvFsolHmR0w/d4JEXPhke5cPP
elIbjAgsSSGrXADeJZEjb+YjS22S
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:10:53 2026 by rpki-client