Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D591686C24CA11F191DBE7C2DAE4EC9C.roa
File: D591686C24CA11F191DBE7C2DAE4EC9C.roa (raw, json)
Hash identifier: LO4UxtuIp0lLBiw193k8q0ZSQFAWb5X83kA/jTvqVsI=
Subject key identifier: 61:B8:7C:9C:FD:2F:14:BC:3B:97:87:85:43:51:B1:B3:81:7C:63:13
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A63E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D591686C24CA11F191DBE7C2DAE4EC9C.roa
Signing time: Sat 21 Mar 2026 02:08:21 +0000
ROA not before: Sat 21 Mar 2026 02:08:16 +0000
ROA not after: Sat 27 Mar 2027 02:08:16 +0000
asID: 216047
IP address blocks: 156.246.80.0/22 maxlen: 24
156.247.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108094 (0x1a63e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 21 02:08:16 2026 GMT
Not After : Mar 27 02:08:16 2027 GMT
Subject: CN=69bdfd95-f45a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c4:17:c2:5d:67:07:4d:77:c6:e3:6c:d0:87:
c9:92:d3:cd:29:cc:15:ef:f3:9e:ce:25:9d:c6:82:
ce:79:9a:86:af:4c:63:98:3d:b3:9d:e8:fc:bd:03:
ca:ac:20:3d:a3:8f:ef:72:df:6e:2c:35:ab:83:7c:
8a:24:e8:93:7e:26:79:21:9e:b9:b6:ef:16:54:be:
77:b9:7c:71:39:ee:9d:61:74:ad:d3:c0:f7:88:85:
8e:cc:0d:8a:75:39:d9:b4:ff:d7:81:fe:e4:13:f3:
de:bb:1f:09:8a:be:1d:f8:1c:42:21:0a:49:00:f4:
f9:4d:7c:61:3f:6f:f5:c2:b5:6c:bc:cf:05:24:ad:
d8:37:10:49:13:94:c8:cc:8d:26:06:cf:e1:97:ff:
92:f3:a9:08:94:2b:ce:70:23:e6:02:87:ba:94:04:
25:a3:1f:5d:0a:d1:67:de:ca:7f:bc:6b:da:1d:63:
e2:fb:e5:f2:da:b7:19:38:26:7d:fc:a9:ab:0c:8a:
a0:55:cf:68:ce:52:ee:cd:52:c5:96:8a:e8:de:44:
f7:7d:e2:1e:00:62:e7:ff:81:b6:0d:87:f9:f1:9f:
74:04:30:3d:0e:f3:b4:1c:68:1a:78:8c:39:86:18:
16:46:6a:a1:50:de:56:82:e4:15:bb:a8:c9:4b:57:
13:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B8:7C:9C:FD:2F:14:BC:3B:97:87:85:43:51:B1:B3:81:7C:63:13
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D591686C24CA11F191DBE7C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.80.0/22
156.247.4.0/22
Signature Algorithm: sha256WithRSAEncryption
47:cf:99:93:36:51:ad:c3:48:61:f8:68:3d:7e:df:fd:07:e6:
b8:df:1d:02:cc:8b:f0:96:fd:01:77:a7:4d:9d:32:b2:89:b6:
66:bf:5b:65:76:af:d6:de:45:5e:07:2f:2c:d0:b2:10:78:48:
80:94:17:ed:a9:8f:e0:ec:e6:11:04:c8:6e:78:a9:7e:fc:8f:
e7:dc:d7:b4:8c:ff:6c:b4:8b:a3:7b:ce:ea:9e:e5:7c:29:a7:
65:38:df:b6:33:93:e4:09:d1:13:52:e5:d1:5a:1d:0c:cd:97:
bb:2c:00:b0:e0:27:dd:9a:9a:82:85:0c:09:cd:12:b0:0f:91:
c8:63:1c:bd:40:0f:f1:d6:52:80:64:e3:40:c2:3f:f5:8d:08:
bc:73:ab:5f:a7:14:48:d1:c9:41:f6:2c:13:61:36:ab:ea:30:
86:db:50:5d:d0:fa:1a:a1:1c:18:7f:fc:30:af:51:16:0b:c2:
d5:62:be:a0:e9:4a:7c:fe:73:1f:75:81:36:8a:ed:8f:ce:96:
10:c1:10:c4:a7:ef:f5:6f:37:45:9a:62:6c:78:6c:9d:76:21:
2a:3a:28:bf:79:04:64:87:a1:ad:cd:27:da:93:26:71:e9:31:
27:00:c9:f6:e3:d5:19:4b:7b:6d:b9:59:40:d6:68:c2:b2:a0:
c1:75:75:36
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAaY+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzIxMDIwODE2WhcNMjcwMzI3MDIwODE2WjAYMRYw
FAYDVQQDEw02OWJkZmQ5NS1mNDVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArcQXwl1nB013xuNs0IfJktPNKcwV7/OeziWdxoLOeZqGr0xjmD2znej8
vQPKrCA9o4/vct9uLDWrg3yKJOiTfiZ5IZ65tu8WVL53uXxxOe6dYXSt08D3iIWO
zA2KdTnZtP/Xgf7kE/Peux8Jir4d+BxCIQpJAPT5TXxhP2/1wrVsvM8FJK3YNxBJ
E5TIzI0mBs/hl/+S86kIlCvOcCPmAoe6lAQlox9dCtFn3sp/vGvaHWPi++Xy2rcZ
OCZ9/KmrDIqgVc9ozlLuzVLFloro3kT3feIeAGLn/4G2DYf58Z90BDA9DvO0HGga
eIw5hhgWRmqhUN5WguQVu6jJS1cTRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGG4
fJz9LxS8O5eHhUNRsbOBfGMTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENTkxNjg2QzI0Q0ExMUYxOTFEQkU3QzJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCnPZQAwQCnPcEMA0GCSqGSIb3
DQEBCwUAA4IBAQBHz5mTNlGtw0hh+Gg9ft/9B+a43x0CzIvwlv0Bd6dNnTKyibZm
v1tldq/W3kVeBy8s0LIQeEiAlBftqY/g7OYRBMhueKl+/I/n3Ne0jP9stIuje87q
nuV8KadlON+2M5PkCdETUuXRWh0MzZe7LACw4CfdmpqChQwJzRKwD5HIYxy9QA/x
1lKAZONAwj/1jQi8c6tfpxRI0clB9iwTYTar6jCG21Bd0PoaoRwYf/wwr1EWC8LV
Yr6g6Up8/nMfdYE2iu2PzpYQwRDEp+/1bzdFmmJseGyddiEqOii/eQRkh6GtzSfa
kyZx6TEnAMn249UZS3ttuVlA1mjCsqDBdXU2
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:11:06 2026 by rpki-client