Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C1D21001C6E11F1A5732A88DAE4EC9C.roa
File: 1C1D21001C6E11F1A5732A88DAE4EC9C.roa (raw, json)
Hash identifier: hkGO5ZOpvVDRvt7hzNuWZ+j1mQR6CYc252xJHPYm/Ig=
Subject key identifier: 9A:68:F1:47:E0:4B:4A:CF:52:B7:1B:66:38:65:11:B3:85:C7:63:F3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A3C0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C1D21001C6E11F1A5732A88DAE4EC9C.roa
Signing time: Tue 10 Mar 2026 10:44:27 +0000
ROA not before: Tue 10 Mar 2026 10:44:22 +0000
ROA not after: Fri 10 Apr 2026 10:44:22 +0000
asID: 44509
IP address blocks: 156.231.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107456 (0x1a3c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 10 10:44:22 2026 GMT
Not After : Apr 10 10:44:22 2026 GMT
Subject: CN=69aff60b-f7f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ea:0c:15:8b:6f:a1:e2:1b:a7:2a:e5:6f:d6:
90:0a:cb:83:65:27:e2:6a:7a:67:09:6a:76:03:b2:
c5:2a:4f:08:b3:2a:9c:bb:9f:ad:e2:43:7f:e9:92:
6c:49:87:ad:d9:fd:2e:01:41:7b:13:15:83:3f:f1:
20:e2:6e:2d:1b:a7:60:cb:4a:52:9e:80:43:08:1d:
83:e7:de:3b:f7:3c:94:43:95:a6:f5:03:0f:3c:99:
c3:8c:e0:c8:9b:09:43:38:2b:9e:cf:c8:84:6b:28:
5e:2b:c0:bd:f0:72:75:91:f2:78:1a:d0:ec:bc:60:
fd:39:9f:c2:6a:73:f0:9f:52:15:cd:9c:24:9b:ca:
0b:12:cf:d0:f9:e2:1b:ff:7a:c7:7c:54:d2:ad:bf:
ef:e7:d8:30:7e:ee:8d:24:47:0f:d2:8e:16:66:a9:
4f:f5:28:ff:c3:d3:24:9f:68:1a:f1:d2:12:9e:1b:
03:72:de:e4:a6:11:77:5e:3e:96:f0:fd:64:4b:6a:
48:62:69:2d:e9:a6:6b:99:58:02:26:d4:d6:53:d3:
75:30:d7:75:c8:30:26:0a:5b:ec:38:96:7d:2b:63:
fc:fb:0b:3a:98:73:38:24:1d:37:86:44:84:ef:1a:
d1:25:d9:64:75:3a:29:1a:0f:59:af:a2:b6:c0:52:
d9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:68:F1:47:E0:4B:4A:CF:52:B7:1B:66:38:65:11:B3:85:C7:63:F3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C1D21001C6E11F1A5732A88DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.111.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ce:8a:c5:f8:6c:39:cd:4b:98:09:b2:9f:0a:d1:7b:d1:88:
65:e9:4e:29:38:c9:96:95:ee:7b:00:b5:ad:4e:f7:80:ab:20:
86:19:d0:34:15:2f:85:0e:51:b4:40:05:6d:2a:66:ad:87:f9:
32:d9:ea:3b:3e:67:81:74:be:d8:7f:69:70:95:d1:69:4e:32:
9d:9a:29:f3:0f:4c:46:9b:d7:59:93:36:7d:6e:30:b7:fd:dd:
42:a1:d5:1c:be:8c:ee:35:3c:a3:88:57:e1:c2:28:26:26:05:
18:ba:53:52:97:6b:98:79:fd:9e:9a:b4:9a:e0:f4:63:09:bc:
ff:2a:0a:79:89:c5:76:4c:d5:87:29:d9:d2:2e:70:d2:ca:be:
a7:d9:88:38:ee:e1:16:09:36:d4:cf:e1:dc:ae:5a:a3:14:a6:
24:fb:4f:cf:3c:4c:5a:b2:3c:42:f4:fa:ae:26:d3:ef:a3:73:
7e:02:01:b7:57:bb:65:10:40:a6:2e:2d:18:49:c5:9e:77:93:
7e:f2:31:e1:1d:48:90:e3:dd:29:12:7a:8f:cd:bd:9b:92:8c:
22:84:52:f7:3a:45:4e:a8:be:fc:23:54:f2:0c:02:6e:0d:aa:
30:9d:07:11:a1:e5:1d:c4:63:ec:e7:81:4f:7c:69:a0:45:0a:
42:27:28:61
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaPAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzEwMTA0NDIyWhcNMjYwNDEwMTA0NDIyWjAYMRYw
FAYDVQQDEw02OWFmZjYwYi1mN2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtOoMFYtvoeIbpyrlb9aQCsuDZSfianpnCWp2A7LFKk8Isyqcu5+t4kN/
6ZJsSYet2f0uAUF7ExWDP/Eg4m4tG6dgy0pSnoBDCB2D59479zyUQ5Wm9QMPPJnD
jODImwlDOCuez8iEayheK8C98HJ1kfJ4GtDsvGD9OZ/CanPwn1IVzZwkm8oLEs/Q
+eIb/3rHfFTSrb/v59gwfu6NJEcP0o4WZqlP9Sj/w9Mkn2ga8dISnhsDct7kphF3
Xj6W8P1kS2pIYmkt6aZrmVgCJtTWU9N1MNd1yDAmClvsOJZ9K2P8+ws6mHM4JB03
hkSE7xrRJdlkdTopGg9Zr6K2wFLZPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJpo
8UfgS0rPUrcbZjhlEbOFx2PzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQzFEMjEwMDFDNkUxMUYxQTU3MzJBODhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOdvMA0GCSqGSIb3DQEBCwUA
A4IBAQCazorF+Gw5zUuYCbKfCtF70Yhl6U4pOMmWle57ALWtTveAqyCGGdA0FS+F
DlG0QAVtKmath/ky2eo7PmeBdL7Yf2lwldFpTjKdminzD0xGm9dZkzZ9bjC3/d1C
odUcvozuNTyjiFfhwigmJgUYulNSl2uYef2emrSa4PRjCbz/Kgp5icV2TNWHKdnS
LnDSyr6n2Yg47uEWCTbUz+HcrlqjFKYk+0/PPExasjxC9PquJtPvo3N+AgG3V7tl
EECmLi0YScWed5N+8jHhHUiQ490pEnqPzb2bkowihFL3OkVOqL78I1TyDAJuDaow
nQcRoeUdxGPs54FPfGmgRQpCJyhh
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:15:02 2026 by rpki-client