Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/478F8930210611F1B2CC49DEDAE4EC9C.roa
File: 478F8930210611F1B2CC49DEDAE4EC9C.roa (raw, json)
Hash identifier: b4grn+w6Y8IysSGF3HwpG+fwBba8VVAkY+dxopKdHbc=
Subject key identifier: BA:C9:C1:5F:8E:96:E7:4C:42:52:D6:BE:56:7D:A6:F0:AF:59:99:AC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A556
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/478F8930210611F1B2CC49DEDAE4EC9C.roa
Signing time: Mon 16 Mar 2026 07:03:48 +0000
ROA not before: Mon 16 Mar 2026 07:03:43 +0000
ROA not after: Mon 20 Apr 2026 07:03:43 +0000
asID: 55933
IP address blocks: 156.254.6.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107862 (0x1a556)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 16 07:03:43 2026 GMT
Not After : Apr 20 07:03:43 2026 GMT
Subject: CN=69b7ab54-e893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9c:be:61:36:b7:19:4d:94:56:99:fa:f0:03:
06:a0:80:1b:15:33:fe:3f:28:aa:65:18:08:b4:2f:
80:83:37:ea:25:aa:5b:d6:ca:12:4f:4b:dd:81:97:
1b:6b:04:70:9d:43:02:2c:3b:1d:f1:25:d9:90:06:
f9:70:b3:e4:ff:c0:93:fb:f5:96:31:12:2a:6b:4c:
f1:05:2b:a3:37:f5:b4:85:1c:b7:c1:18:60:f3:92:
3c:c7:9a:46:7a:de:f0:2f:33:25:30:5b:0f:15:f1:
0b:16:76:2e:9e:c7:a8:71:90:08:a2:e1:7c:be:d9:
67:17:ce:51:bb:b7:3a:9a:11:68:c6:2a:7a:28:74:
65:cc:70:b9:67:45:19:ee:a7:3a:d0:c6:bd:cb:f4:
2d:92:1d:8f:0c:bc:92:53:ef:b7:f7:6c:36:61:07:
39:ca:d3:97:42:31:2b:e1:64:bb:a4:78:2b:8c:7b:
83:a2:f5:9e:8e:a7:5b:b9:6a:e0:d0:9c:d7:92:b4:
61:ae:e5:3d:24:52:f9:16:0b:73:4e:d9:0c:31:c9:
8a:59:59:0c:84:57:99:a6:cd:eb:b0:37:43:58:ed:
90:ab:31:22:16:dc:56:dd:e5:ea:dd:3d:e8:ed:6b:
76:59:0f:16:0a:68:c4:4e:87:ee:06:ad:4f:06:1a:
9f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C9:C1:5F:8E:96:E7:4C:42:52:D6:BE:56:7D:A6:F0:AF:59:99:AC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/478F8930210611F1B2CC49DEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.6.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:af:05:2a:15:01:46:0f:7a:55:d8:f6:f8:4e:a4:84:ba:32:
1e:53:4d:fb:28:54:bf:a2:c0:43:88:29:77:b9:a4:a5:41:0f:
8d:68:11:04:d9:d7:73:6e:b5:c2:c0:fc:ed:52:80:38:26:1e:
a9:a2:ce:55:68:8c:29:71:da:92:ba:3d:5a:d0:ee:28:11:dd:
86:36:b0:06:ba:ca:72:ac:d9:83:4c:a1:20:2d:a3:ce:ab:70:
f0:11:25:f7:18:83:74:21:c2:4d:15:3b:fc:53:e1:dd:dc:59:
24:a5:48:4f:7f:2f:52:d0:cb:0d:27:6a:c9:38:e5:08:2b:23:
0c:2f:15:61:7b:47:6e:e6:db:f6:68:19:82:29:6b:46:9e:cc:
bf:45:f8:7a:eb:d6:1c:ca:0a:ba:e5:ea:b5:b3:9b:88:79:af:
e6:8e:35:0e:3a:61:1d:fc:73:91:cd:fd:e6:5d:ae:d2:3d:72:
42:3c:4a:dd:5d:a3:77:a0:58:23:4a:4f:41:fe:f5:f3:76:7c:
c8:df:eb:df:5c:4d:fa:ef:eb:07:9e:d8:4d:94:56:4c:58:46:
a2:25:ce:24:17:83:5e:84:b5:2d:2d:33:74:b3:2d:75:40:ac:
37:f5:24:6c:7b:5b:26:cf:e6:f6:f4:69:14:78:26:11:ce:0c:
45:4e:6a:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaVWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzE2MDcwMzQzWhcNMjYwNDIwMDcwMzQzWjAYMRYw
FAYDVQQDEw02OWI3YWI1NC1lODkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxJy+YTa3GU2UVpn68AMGoIAbFTP+PyiqZRgItC+AgzfqJapb1soST0vd
gZcbawRwnUMCLDsd8SXZkAb5cLPk/8CT+/WWMRIqa0zxBSujN/W0hRy3wRhg85I8
x5pGet7wLzMlMFsPFfELFnYunseocZAIouF8vtlnF85Ru7c6mhFoxip6KHRlzHC5
Z0UZ7qc60Ma9y/Qtkh2PDLySU++392w2YQc5ytOXQjEr4WS7pHgrjHuDovWejqdb
uWrg0JzXkrRhruU9JFL5FgtzTtkMMcmKWVkMhFeZps3rsDdDWO2QqzEiFtxW3eXq
3T3o7Wt2WQ8WCmjETofuBq1PBhqfowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLrJ
wV+OludMQlLWvlZ9pvCvWZmsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NzhGODkzMDIxMDYxMUYxQjJDQzQ5REVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP4GMA0GCSqGSIb3DQEBCwUA
A4IBAQCyrwUqFQFGD3pV2Pb4TqSEujIeU037KFS/osBDiCl3uaSlQQ+NaBEE2ddz
brXCwPztUoA4Jh6pos5VaIwpcdqSuj1a0O4oEd2GNrAGuspyrNmDTKEgLaPOq3Dw
ESX3GIN0IcJNFTv8U+Hd3FkkpUhPfy9S0MsNJ2rJOOUIKyMMLxVhe0du5tv2aBmC
KWtGnsy/Rfh669Ycygq65eq1s5uIea/mjjUOOmEd/HORzf3mXa7SPXJCPErdXaN3
oFgjSk9B/vXzdnzI3+vfXE367+sHnthNlFZMWEaiJc4kF4NehLUtLTN0sy11QKw3
9SRse1smz+b29GkUeCYRzgxFTmra
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:10:53 2026 by rpki-client