Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/595E7B402EB111F1ABE82AC3DAE4EC9C.roa
File: 595E7B402EB111F1ABE82AC3DAE4EC9C.roa (raw, json)
Hash identifier: URng8tGNiCttDSiKMRS5J6RiZkekhxRdR9WJfFcxuGY=
Subject key identifier: CF:68:20:AA:2F:A7:12:B4:37:43:6C:95:B4:86:5A:B6:DE:94:3E:CD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A969
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/595E7B402EB111F1ABE82AC3DAE4EC9C.roa
Signing time: Thu 02 Apr 2026 16:31:07 +0000
ROA not before: Thu 02 Apr 2026 16:31:01 +0000
ROA not after: Sun 10 May 2026 16:31:01 +0000
asID: 55320
IP address blocks: 156.244.23.0/24 maxlen: 24
156.244.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 08 Apr 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108905 (0x1a969)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 2 16:31:01 2026 GMT
Not After : May 10 16:31:01 2026 GMT
Subject: CN=69ce99cb-baab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ac:e5:00:aa:82:c0:e1:6e:cb:01:bf:c1:0f:
c5:2c:ff:50:e1:a3:a6:18:32:de:7f:fd:fb:01:0b:
29:c2:f7:a6:91:c3:15:9a:d7:e7:6f:71:25:6d:e0:
f2:b9:ef:e6:fd:41:6a:bc:e7:07:0a:a0:38:39:b8:
c2:34:fa:61:2e:da:bb:98:3a:b7:21:ad:d4:b2:dc:
ef:c6:1c:ae:dc:9b:8c:84:c4:9a:1e:93:7b:8e:02:
c9:01:a3:b4:6e:03:dc:e2:b2:89:e6:11:5b:ba:5b:
00:6b:3e:1a:53:e5:ec:91:f1:b6:c8:a6:62:2f:6e:
57:09:cc:5f:fb:6f:ec:e5:e8:75:d0:03:2f:69:88:
43:d5:f3:1d:4d:a5:2e:5f:c8:d5:5d:c8:af:ea:0c:
21:d4:35:9a:cc:a6:eb:a2:e5:fc:c0:d4:c3:33:37:
20:03:28:06:57:c4:51:09:92:4e:a4:18:e8:fb:70:
bf:77:3b:24:b9:a8:4c:59:68:28:a3:bb:09:c8:1d:
57:56:36:cb:35:3f:57:3f:d0:2b:39:4b:18:e0:c3:
2c:d1:c2:96:30:89:32:1f:10:b1:44:71:53:0c:65:
7f:5e:3b:6d:f0:66:5a:5b:c2:28:33:cd:99:01:03:
58:03:47:c1:52:1a:a0:2b:0d:13:3d:43:a5:15:8d:
8d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:68:20:AA:2F:A7:12:B4:37:43:6C:95:B4:86:5A:B6:DE:94:3E:CD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/595E7B402EB111F1ABE82AC3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.23.0-156.244.24.255
Signature Algorithm: sha256WithRSAEncryption
13:1d:f6:58:e5:b9:fc:ed:7f:53:91:8f:9c:23:78:28:c3:8a:
8c:b2:d6:c7:a4:c8:c7:5a:fe:33:e3:b9:14:04:00:67:23:b7:
0d:bd:12:57:57:18:85:51:42:00:20:05:ca:12:3d:95:14:a7:
1c:45:2f:ad:d3:c6:6b:8a:fd:20:17:29:82:68:71:48:7f:cb:
11:58:f3:6e:3d:f2:87:43:61:fb:41:d2:ec:79:6f:58:e2:a0:
24:b7:32:97:d0:71:f6:1c:6a:75:73:4c:ec:ed:65:f3:54:59:
5a:12:ba:9f:bc:5c:9b:3a:2e:69:86:a2:92:a5:a5:02:4c:4c:
2f:0a:17:9a:2e:a5:29:84:c0:ef:d3:8f:d5:4f:c3:28:71:30:
88:6e:e5:86:2f:13:50:bf:6c:21:b9:1f:c0:19:71:c7:0c:cf:
23:6e:87:e7:a3:91:80:0e:58:e1:2b:c6:fa:5a:31:a9:b1:8b:
ce:61:5e:60:09:ff:54:39:1d:71:59:e0:d1:55:67:ee:ce:0f:
87:da:e7:6d:df:bf:bd:cb:38:15:30:3a:e0:c6:13:52:e8:cd:
3d:6b:e7:f3:ee:12:f0:9a:f0:34:04:5c:9d:47:71:3c:e2:89:
f5:eb:5d:7b:96:20:ac:1e:2b:1c:1d:8a:a2:f1:ee:55:6f:fa:
f3:a3:1a:cf
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAalpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDAyMTYzMTAxWhcNMjYwNTEwMTYzMTAxWjAYMRYw
FAYDVQQDEw02OWNlOTljYi1iYWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2KzlAKqCwOFuywG/wQ/FLP9Q4aOmGDLef/37AQspwvemkcMVmtfnb3El
beDyue/m/UFqvOcHCqA4ObjCNPphLtq7mDq3Ia3Ustzvxhyu3JuMhMSaHpN7jgLJ
AaO0bgPc4rKJ5hFbulsAaz4aU+XskfG2yKZiL25XCcxf+2/s5eh10AMvaYhD1fMd
TaUuX8jVXciv6gwh1DWazKbrouX8wNTDMzcgAygGV8RRCZJOpBjo+3C/dzskuahM
WWgoo7sJyB1XVjbLNT9XP9ArOUsY4MMs0cKWMIkyHxCxRHFTDGV/Xjtt8GZaW8Io
M82ZAQNYA0fBUhqgKw0TPUOlFY2NkQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFM9o
IKovpxK0N0NslbSGWrbelD7NMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81OTVFN0I0MDJFQjExMUYxQUJFODJBQzNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc9BcDBACc9BgwDQYJKoZI
hvcNAQELBQADggEBABMd9ljlufztf1ORj5wjeCjDioyy1sekyMda/jPjuRQEAGcj
tw29EldXGIVRQgAgBcoSPZUUpxxFL63TxmuK/SAXKYJocUh/yxFY82498odDYftB
0ux5b1jioCS3MpfQcfYcanVzTOztZfNUWVoSup+8XJs6LmmGopKlpQJMTC8KF5ou
pSmEwO/Tj9VPwyhxMIhu5YYvE1C/bCG5H8AZcccMzyNuh+ejkYAOWOErxvpaMamx
i85hXmAJ/1Q5HXFZ4NFVZ+7OD4fa523fv73LOBUwOuDGE1LozT1r5/PuEvCa8DQE
XJ1HcTziifXrXXuWIKweKxwdiqLx7lVv+vOjGs8=
-----END CERTIFICATE-----
Generated at Mon Apr 6 03:12:29 2026 by rpki-client