Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF8C1808448511F1865EDB05CF1D38B0.roa
File: AF8C1808448511F1865EDB05CF1D38B0.roa (raw, json)
Hash identifier: BvvYh3tIbOihYYNYtSTDzNqgb3sYbOZTUNBshag+0ds=
Subject key identifier: 3E:29:9B:27:B2:F2:2F:A0:99:E7:BD:60:1F:17:FD:D6:7D:AC:7B:67
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B032
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF8C1808448511F1865EDB05CF1D38B0.roa
Signing time: Thu 30 Apr 2026 11:13:59 +0000
ROA not before: Thu 30 Apr 2026 11:13:55 +0000
ROA not after: Thu 04 Jun 2026 11:13:55 +0000
asID: 64013
IP address blocks: 156.234.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110642 (0x1b032)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 30 11:13:55 2026 GMT
Not After : Jun 4 11:13:55 2026 GMT
Subject: CN=69f33977-6201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:eb:da:48:3e:d7:42:0c:2f:eb:17:56:ce:38:
c8:bc:4b:cb:61:56:4d:ae:be:83:af:b3:dd:ae:5b:
36:41:ac:f2:d5:a9:e3:91:1f:ce:e0:66:c7:8d:bb:
74:0b:51:0f:dd:54:90:e6:49:4c:c9:75:32:c7:33:
44:11:b6:6a:86:68:47:f1:25:97:73:60:7b:d4:ab:
cc:91:02:66:a6:9e:fc:2b:85:bd:f2:45:19:d6:18:
24:b1:c9:0d:ba:69:83:a9:98:aa:26:42:e2:a9:8d:
fb:f6:9f:8a:2e:c9:03:10:4f:76:19:ac:58:f4:c2:
6d:ee:37:5b:9a:27:30:cc:5a:3f:0b:5e:f8:d9:e5:
68:8d:10:c4:e2:3c:62:ec:f7:9c:9e:65:2a:c3:e5:
c4:99:82:1b:dd:23:12:41:38:af:a1:0d:3f:00:fa:
1e:0e:ad:1c:59:2c:85:4b:36:dc:1d:1b:1c:58:b3:
7a:ae:a9:26:07:55:3a:30:be:ff:c1:16:22:fd:7b:
95:b7:34:99:4e:e2:0e:bf:1b:86:b4:2f:d9:31:f8:
21:72:ed:e7:54:16:6e:90:f7:72:ed:cf:4e:cc:00:
9a:e8:63:63:94:b7:39:23:c8:73:f1:7f:89:2a:af:
59:3b:57:a7:45:5f:fa:ff:18:13:f2:27:37:09:56:
98:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:29:9B:27:B2:F2:2F:A0:99:E7:BD:60:1F:17:FD:D6:7D:AC:7B:67
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF8C1808448511F1865EDB05CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:5d:f0:ee:31:77:f5:78:89:a1:4a:35:22:a9:22:4f:d4:80:
bb:44:b5:f5:18:6d:a7:fa:69:ba:f8:57:4d:bc:02:e2:59:94:
f5:03:c8:9b:04:a6:bc:3b:aa:0b:ad:c8:df:77:d0:d7:4e:b2:
76:a5:6d:71:c8:b4:76:5f:e4:f9:33:f4:fc:d7:9d:48:fb:2a:
0e:f8:79:da:b6:78:71:1a:da:70:04:b4:d9:32:6c:96:11:4a:
35:a4:a8:df:f8:1e:30:62:a4:03:c2:51:1b:c0:60:ae:c9:63:
73:c7:d3:05:bf:a1:36:11:64:63:49:34:fc:32:aa:12:c8:94:
5a:27:01:c6:49:e7:db:17:7d:b2:fb:59:52:54:77:7a:d5:b1:
67:72:42:f9:ef:49:3d:fc:93:bd:39:99:7c:fb:d5:ea:43:9a:
7d:f4:bd:d2:29:36:de:09:2b:29:03:d7:5f:06:d2:74:fa:a1:
26:2e:11:83:85:96:ec:ea:8e:c0:71:eb:0e:8d:65:6d:18:e1:
a5:fc:d1:61:f6:95:ca:6d:10:dd:a0:f1:72:93:1b:d5:d8:cc:
18:1f:f8:ca:39:a0:e5:94:4e:ac:fd:1a:33:62:42:e4:e4:e0:
bc:99:ea:9c:0d:ac:32:38:08:6a:5c:a2:15:74:b3:7b:a4:3e:
9c:13:23:5d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDAbAyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDMwMTExMzU1WhcNMjYwNjA0MTExMzU1WjAYMRYw
FAYDVQQDEw02OWYzMzk3Ny02MjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5uvaSD7XQgwv6xdWzjjIvEvLYVZNrr6Dr7Pdrls2Qazy1anjkR/O4GbH
jbt0C1EP3VSQ5klMyXUyxzNEEbZqhmhH8SWXc2B71KvMkQJmpp78K4W98kUZ1hgk
sckNummDqZiqJkLiqY379p+KLskDEE92GaxY9MJt7jdbmicwzFo/C1742eVojRDE
4jxi7PecnmUqw+XEmYIb3SMSQTivoQ0/APoeDq0cWSyFSzbcHRscWLN6rqkmB1U6
ML7/wRYi/XuVtzSZTuIOvxuGtC/ZMfghcu3nVBZukPdy7c9OzACa6GNjlLc5I8hz
8X+JKq9ZO1enRV/6/xgT8ic3CVaYiwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFD4p
myey8i+gmee9YB8X/dZ9rHtnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRjhDMTgwODQ0ODUxMUYxODY1RURCMDVDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnOowDQYJKoZIhvcNAQELBQAD
ggEBAEVd8O4xd/V4iaFKNSKpIk/UgLtEtfUYbaf6abr4V028AuJZlPUDyJsEprw7
qgutyN930NdOsnalbXHItHZf5Pkz9PzXnUj7Kg74edq2eHEa2nAEtNkybJYRSjWk
qN/4HjBipAPCURvAYK7JY3PH0wW/oTYRZGNJNPwyqhLIlFonAcZJ59sXfbL7WVJU
d3rVsWdyQvnvST38k705mXz71epDmn30vdIpNt4JKykD118G0nT6oSYuEYOFluzq
jsBx6w6NZW0Y4aX80WH2lcptEN2g8XKTG9XYzBgf+Mo5oOWUTqz9GjNiQuTk4LyZ
6pwNrDI4CGpcohV0s3ukPpwTI10=
-----END CERTIFICATE-----
Generated at Wed May 13 08:27:36 2026 by rpki-client