Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6BFCF0EE1D1611F181A418E3DAE4EC9C.roa
File: 6BFCF0EE1D1611F181A418E3DAE4EC9C.roa (raw, json)
Hash identifier: RgEoBSibgC5/cXqtuPlBvnEhPWsxBbDQgKixdZt4Vcs=
Subject key identifier: F0:85:5B:67:1C:AB:28:7A:80:38:FB:72:5C:5B:CA:40:8E:D4:BA:1D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A3F4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6BFCF0EE1D1611F181A418E3DAE4EC9C.roa
Signing time: Wed 11 Mar 2026 06:49:17 +0000
ROA not before: Wed 11 Mar 2026 06:49:11 +0000
ROA not after: Wed 13 May 2026 06:49:11 +0000
asID: 142286
IP address blocks: 156.253.64.0/18 maxlen: 24
156.254.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107508 (0x1a3f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 11 06:49:11 2026 GMT
Not After : May 13 06:49:11 2026 GMT
Subject: CN=69b1106d-49ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:70:5e:95:29:87:ab:5e:2f:e9:93:b4:b9:3d:
f1:82:1d:bd:5b:dc:b6:d9:ba:7c:6e:42:b7:b5:a8:
a3:45:44:6c:ea:4b:01:09:23:b7:80:46:f0:9d:51:
84:64:93:33:0d:89:ef:d7:75:d8:ea:7d:d0:6e:b6:
28:3f:0e:9e:b8:b1:e2:89:df:7d:e4:95:c1:52:63:
f7:41:4a:ef:9b:fa:be:49:d8:8b:fe:3c:50:55:ec:
f2:d3:49:e8:d0:22:56:d5:02:d6:6f:da:59:9b:26:
ea:56:15:04:22:69:e8:9a:ed:5a:a5:c3:c7:06:10:
24:59:ff:7d:8e:f9:6a:02:60:45:a0:52:57:0f:9b:
91:97:a9:c5:1b:f4:6d:5e:5f:8a:2c:6d:7d:03:d6:
7f:cf:0f:f6:d7:df:f1:1a:8b:2f:8b:e6:23:3b:ee:
b9:af:ff:11:3d:20:87:90:d7:97:b9:13:6c:d5:0f:
f5:5a:b7:cc:fe:9c:3d:45:b5:81:ee:d7:b8:dc:d4:
cc:29:bb:5f:fb:7f:b7:31:dc:77:c3:74:30:7f:18:
7f:c9:2a:54:2e:5f:53:3d:d5:db:db:00:b0:98:ad:
8b:d0:da:9e:fe:4f:47:0c:10:cf:e9:6f:c5:22:5d:
9e:41:d3:3e:a6:9d:90:43:d3:d7:86:47:69:1c:c5:
3a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:85:5B:67:1C:AB:28:7A:80:38:FB:72:5C:5B:CA:40:8E:D4:BA:1D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6BFCF0EE1D1611F181A418E3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.64.0/18
156.254.128.0/17
Signature Algorithm: sha256WithRSAEncryption
64:d9:57:27:90:35:d6:17:2d:c1:af:39:e4:ed:28:ae:55:88:
68:9a:19:9b:a7:d1:64:e7:2c:ab:ec:d6:f6:55:b5:b8:85:a2:
14:02:c9:63:47:53:47:a1:f3:33:82:97:54:18:13:5d:35:9e:
8e:e9:68:f9:9f:4b:74:1f:51:17:6c:92:46:8e:c3:a2:79:76:
47:b1:96:e9:82:02:c3:1c:dd:e4:64:4b:7a:ac:08:c3:f5:05:
f0:0b:b8:bd:c6:ba:8a:3e:3d:be:18:65:ee:fb:b0:da:c5:2d:
a7:db:fe:8e:f5:36:06:4f:b3:93:4a:5b:e0:96:75:55:45:9a:
69:7a:c4:2b:ba:49:72:6b:1e:d1:6c:4d:e3:53:7a:1f:cb:a5:
62:2d:dd:54:f8:ed:8b:2b:ca:bc:1b:41:8b:1b:6c:4d:9a:c7:
ac:f8:6a:4e:1b:4c:48:3d:9a:8e:6d:8d:0b:1e:50:56:d8:7a:
b1:35:b7:79:e7:2b:33:df:2f:0f:b7:7a:a1:7a:72:fb:c9:8c:
6c:8a:96:55:e2:08:2a:23:17:b9:af:7e:1a:40:82:97:be:23:
7f:29:06:76:98:85:52:ea:48:c6:cb:87:8f:d2:2d:49:93:26:
7f:b4:12:2e:eb:3b:6a:d1:5c:2b:df:a6:42:10:d1:64:c6:12:
2d:3c:c6:8e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAaP0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzExMDY0OTExWhcNMjYwNTEzMDY0OTExWjAYMRYw
FAYDVQQDEw02OWIxMTA2ZC00OWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp3BelSmHq14v6ZO0uT3xgh29W9y22bp8bkK3taijRURs6ksBCSO3gEbw
nVGEZJMzDYnv13XY6n3QbrYoPw6euLHiid995JXBUmP3QUrvm/q+SdiL/jxQVezy
00no0CJW1QLWb9pZmybqVhUEImnomu1apcPHBhAkWf99jvlqAmBFoFJXD5uRl6nF
G/RtXl+KLG19A9Z/zw/219/xGosvi+YjO+65r/8RPSCHkNeXuRNs1Q/1WrfM/pw9
RbWB7te43NTMKbtf+3+3Mdx3w3Qwfxh/ySpULl9TPdXb2wCwmK2L0Nqe/k9HDBDP
6W/FIl2eQdM+pp2QQ9PXhkdpHMU6+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPCF
W2ccqyh6gDj7clxbykCO1LodMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82QkZDRjBFRTFEMTYxMUYxODFBNDE4RTNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGnP1AAwQHnP6AMA0GCSqGSIb3
DQEBCwUAA4IBAQBk2VcnkDXWFy3Brznk7SiuVYhomhmbp9Fk5yyr7Nb2VbW4haIU
AsljR1NHofMzgpdUGBNdNZ6O6Wj5n0t0H1EXbJJGjsOieXZHsZbpggLDHN3kZEt6
rAjD9QXwC7i9xrqKPj2+GGXu+7DaxS2n2/6O9TYGT7OTSlvglnVVRZppesQrukly
ax7RbE3jU3ofy6ViLd1U+O2LK8q8G0GLG2xNmses+GpOG0xIPZqObY0LHlBW2Hqx
Nbd55ysz3y8Pt3qhenL7yYxsipZV4ggqIxe5r34aQIKXviN/KQZ2mIVS6kjGy4eP
0i1JkyZ/tBIu6ztq0Vwr36ZCENFkxhItPMaO
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:10:43 2026 by rpki-client