Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/524A9A7618BF11F1927CF29CDAE4EC9C.roa
File: 524A9A7618BF11F1927CF29CDAE4EC9C.roa (raw, json)
Hash identifier: y7pQ6JxcdOxWrXbw6nfZH+285iYf1JzSK+bnHq7Qo70=
Subject key identifier: 91:31:44:6C:74:BC:63:16:F9:AF:F3:25:05:37:95:F7:F3:F1:AE:B0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A2C9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/524A9A7618BF11F1927CF29CDAE4EC9C.roa
Signing time: Thu 05 Mar 2026 18:15:43 +0000
ROA not before: Thu 05 Mar 2026 18:15:38 +0000
ROA not after: Wed 22 Apr 2026 18:15:38 +0000
asID: 40779
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107209 (0x1a2c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 5 18:15:38 2026 GMT
Not After : Apr 22 18:15:38 2026 GMT
Subject: CN=69a9c84f-d8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5a:65:75:ad:67:f5:a8:13:94:54:23:31:0c:
86:63:33:f7:b5:6a:8e:2b:e7:6a:df:ab:3e:88:a6:
06:45:76:12:d6:82:91:a3:30:82:bb:cd:3b:fc:c9:
9d:6a:35:15:83:43:f7:bd:2b:87:cd:6c:32:51:34:
06:e9:9e:ea:5b:84:c5:6b:b1:34:28:d9:ba:fa:f8:
4c:f0:05:51:e6:61:05:e2:33:e6:bb:16:71:c6:c8:
52:af:f4:24:62:5a:f7:1c:09:f5:0a:8c:1a:8c:ee:
bc:6f:cc:a1:32:57:35:06:fe:36:4c:1e:35:24:ba:
04:8c:40:c9:e0:59:05:3a:3c:ad:7e:e2:7e:52:25:
eb:8c:be:c1:6c:18:31:0b:e8:3b:d4:89:c1:17:81:
6d:15:a1:3b:5a:3b:8e:5f:dc:5a:f5:9a:b0:6c:8d:
9e:16:bc:6f:b9:0e:5b:8d:0b:e2:2e:55:80:06:7d:
5d:3c:78:28:12:eb:09:02:cf:02:0f:4f:96:44:b5:
9c:cf:63:0f:98:ae:a7:f8:36:3f:85:64:e1:c3:32:
fb:29:96:98:c2:6a:46:04:8e:13:5e:cc:43:56:57:
db:ad:53:64:e8:fd:df:73:5d:80:11:ca:e6:e7:1e:
f6:22:f2:e5:5c:44:e6:30:77:d7:8d:33:7b:ff:37:
be:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:31:44:6C:74:BC:63:16:F9:AF:F3:25:05:37:95:F7:F3:F1:AE:B0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/524A9A7618BF11F1927CF29CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
73:d7:76:06:5f:d9:12:b3:81:76:b2:3d:18:6d:95:30:d7:6e:
0e:a1:d9:06:7a:f1:09:3a:b5:72:b0:bd:ad:c0:91:4e:4b:03:
63:57:b4:c2:7b:1f:66:bc:ec:bd:f2:52:dd:ec:74:02:27:c3:
8d:eb:14:f3:8b:f6:65:ce:66:c2:73:25:db:fc:11:f4:95:3b:
34:03:2c:cd:3c:7b:46:99:57:81:c8:38:e6:8e:7c:22:af:e1:
c9:ea:c2:d8:ec:57:95:75:72:1c:45:8a:92:94:94:7f:a2:b8:
fb:7d:68:94:82:f9:e9:e5:fa:29:d8:17:9a:61:f8:f2:05:ee:
a9:22:e6:c0:44:dd:b9:09:3b:ec:9d:f7:3f:6e:28:a5:28:2a:
d2:94:9c:12:7c:2c:95:a5:d1:5e:73:20:8e:f7:ec:d2:0e:21:
76:be:9f:f1:63:7c:7b:65:c3:24:5b:12:93:58:98:4e:9f:7e:
38:98:8d:3d:39:2b:94:1a:8b:88:a4:9a:f8:0e:7b:ad:71:ce:
25:4a:f9:83:0b:15:d3:cf:a4:5c:ba:d4:13:4e:b6:7b:50:d0:
ff:a7:a1:fd:a6:7d:92:4c:2f:06:7c:f6:45:35:1b:ed:d7:ff:
93:f1:9e:b5:6c:db:e1:1c:f7:c9:3c:c5:8b:a5:a8:3f:19:3a:
09:af:34:82
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaLJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzA1MTgxNTM4WhcNMjYwNDIyMTgxNTM4WjAYMRYw
FAYDVQQDEw02OWE5Yzg0Zi1kOGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA01plda1n9agTlFQjMQyGYzP3tWqOK+dq36s+iKYGRXYS1oKRozCCu807
/MmdajUVg0P3vSuHzWwyUTQG6Z7qW4TFa7E0KNm6+vhM8AVR5mEF4jPmuxZxxshS
r/QkYlr3HAn1CowajO68b8yhMlc1Bv42TB41JLoEjEDJ4FkFOjytfuJ+UiXrjL7B
bBgxC+g71InBF4FtFaE7WjuOX9xa9ZqwbI2eFrxvuQ5bjQviLlWABn1dPHgoEusJ
As8CD0+WRLWcz2MPmK6n+DY/hWThwzL7KZaYwmpGBI4TXsxDVlfbrVNk6P3fc12A
Ecrm5x72IvLlXETmMHfXjTN7/ze+bQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJEx
RGx0vGMW+a/zJQU3lffz8a6wMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MjRBOUE3NjE4QkYxMUYxOTI3Q0YyOUNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQBz13YGX9kSs4F2sj0YbZUw124OodkGevEJOrVysL2twJFOSwNjV7TCex9m
vOy98lLd7HQCJ8ON6xTzi/ZlzmbCcyXb/BH0lTs0AyzNPHtGmVeByDjmjnwir+HJ
6sLY7FeVdXIcRYqSlJR/orj7fWiUgvnp5fop2BeaYfjyBe6pIubARN25CTvsnfc/
biilKCrSlJwSfCyVpdFecyCO9+zSDiF2vp/xY3x7ZcMkWxKTWJhOn344mI09OSuU
GouIpJr4Dnutcc4lSvmDCxXTz6RcutQTTrZ7UND/p6H9pn2STC8GfPZFNRvt1/+T
8Z61bNvhHPfJPMWLpag/GToJrzSC
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:10:46 2026 by rpki-client