Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86D3B77A5A6211F19EE03A11CF1D38B0.roa
File: 86D3B77A5A6211F19EE03A11CF1D38B0.roa (raw, json)
Hash identifier: uceGk6w5xvQZjAjaQDUwC4N/d76cvvdN9kBV5UXJS7Y=
Subject key identifier: 94:AA:03:0A:D6:FC:0B:8F:D6:1F:BA:D2:5B:CA:2A:73:86:1D:22:76
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01BA4E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86D3B77A5A6211F19EE03A11CF1D38B0.roa
Signing time: Thu 28 May 2026 06:57:44 +0000
ROA not before: Thu 28 May 2026 06:57:40 +0000
ROA not after: Mon 08 Jun 2026 06:57:40 +0000
asID: 61461
IP address blocks: 156.247.128.0/17 maxlen: 24
156.255.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 31 May 2026 06:35:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113230 (0x1ba4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 06:57:40 2026 GMT
Not After : Jun 8 06:57:40 2026 GMT
Subject: CN=6a17e768-1ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cd:1b:b0:00:5d:60:7d:06:f0:6b:7b:8e:9c:
87:77:0a:51:fe:77:7a:57:87:11:ed:23:11:3e:57:
c0:44:27:5a:15:dd:6a:c9:43:1b:be:a4:86:70:d8:
07:8a:35:78:82:c6:8a:7a:f3:c3:13:ba:04:7e:e8:
a1:06:38:c0:cd:3c:ea:8d:9b:76:a3:ed:c8:3e:13:
53:93:f5:31:98:ea:68:33:e5:6d:50:ba:03:c8:33:
18:08:82:9c:52:c3:2f:ca:ae:84:46:f7:1b:8f:b7:
43:aa:d8:5b:7b:a9:33:28:35:16:77:45:18:b5:70:
68:99:9c:fb:5c:e5:e8:4d:09:d4:37:cc:98:84:18:
33:2f:c4:d9:0e:46:33:a0:b6:82:68:bd:35:d8:53:
fe:27:b5:70:2e:26:ed:cb:75:d0:e2:f9:e4:cc:49:
6f:b6:39:9f:7f:35:30:82:f4:86:14:d8:6f:12:82:
e0:e2:cf:95:c5:af:8e:69:76:4f:15:29:5c:43:56:
74:e2:63:fd:58:d2:bc:46:e3:6a:5c:d2:86:9c:e5:
2c:76:36:75:5c:4f:e5:be:60:70:0c:3d:63:5b:2c:
c9:3e:03:dd:ec:0e:ed:25:8b:97:b9:73:76:f3:ca:
40:99:dd:54:12:d7:c1:1d:ac:2c:0d:74:b7:e8:5d:
85:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AA:03:0A:D6:FC:0B:8F:D6:1F:BA:D2:5B:CA:2A:73:86:1D:22:76
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86D3B77A5A6211F19EE03A11CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.128.0/17
156.255.128.0/17
Signature Algorithm: sha256WithRSAEncryption
41:26:3d:e5:f3:16:3a:33:10:23:d4:71:fd:24:a7:ff:2d:49:
a2:45:ec:87:ed:c7:3b:27:14:f8:8b:48:2f:ca:24:e9:d6:88:
76:10:41:a8:89:7a:db:c3:b4:58:b9:11:fd:e8:9c:51:80:d2:
d7:c0:ff:09:8e:30:46:f1:97:5f:49:ff:f2:d1:47:8d:b6:a8:
f9:d6:b8:e3:13:3b:cb:30:06:eb:8f:8b:94:fb:46:b5:2c:ab:
36:5c:e6:9a:f2:02:46:7c:05:3e:1d:76:8d:d5:df:7b:b8:d6:
cd:38:95:68:5a:33:b1:c3:fc:19:4d:74:cd:f8:1f:3c:b2:71:
a2:bc:af:ae:9c:3b:9f:70:75:43:f9:01:04:88:b5:cf:d2:46:
89:be:9b:e6:92:58:10:7c:47:2e:9a:b1:ab:15:ce:fb:38:49:
77:b8:56:8a:b3:6b:65:57:3e:51:84:72:9a:0a:8a:eb:df:02:
11:93:de:5f:3a:3a:a1:96:81:12:fd:d2:2a:20:6a:8b:7d:63:
59:20:4a:28:ca:23:e5:75:39:0c:9d:bc:42:0a:fb:64:20:48:
a5:98:39:10:24:a1:de:9b:0a:50:6a:fe:54:6a:95:d7:d6:ab:
2d:b6:37:e2:00:4f:a1:85:93:2d:bb:8f:f8:2f:32:df:05:08:
e9:46:f7:1e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAbpOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTI4MDY1NzQwWhcNMjYwNjA4MDY1NzQwWjAYMRYw
FAYDVQQDEw02YTE3ZTc2OC0xZWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAts0bsABdYH0G8Gt7jpyHdwpR/nd6V4cR7SMRPlfARCdaFd1qyUMbvqSG
cNgHijV4gsaKevPDE7oEfuihBjjAzTzqjZt2o+3IPhNTk/UxmOpoM+VtULoDyDMY
CIKcUsMvyq6ERvcbj7dDqthbe6kzKDUWd0UYtXBomZz7XOXoTQnUN8yYhBgzL8TZ
DkYzoLaCaL012FP+J7VwLibty3XQ4vnkzElvtjmffzUwgvSGFNhvEoLg4s+Vxa+O
aXZPFSlcQ1Z04mP9WNK8RuNqXNKGnOUsdjZ1XE/lvmBwDD1jWyzJPgPd7A7tJYuX
uXN288pAmd1UEtfBHawsDXS36F2FBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJSq
AwrW/AuP1h+60lvKKnOGHSJ2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NkQzQjc3QTVBNjIxMUYxOUVFMDNBMTFDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHnPeAAwQHnP+AMA0GCSqGSIb3
DQEBCwUAA4IBAQBBJj3l8xY6MxAj1HH9JKf/LUmiReyH7cc7JxT4i0gvyiTp1oh2
EEGoiXrbw7RYuRH96JxRgNLXwP8JjjBG8ZdfSf/y0UeNtqj51rjjEzvLMAbrj4uU
+0a1LKs2XOaa8gJGfAU+HXaN1d97uNbNOJVoWjOxw/wZTXTN+B88snGivK+unDuf
cHVD+QEEiLXP0kaJvpvmklgQfEcumrGrFc77OEl3uFaKs2tlVz5RhHKaCorr3wIR
k95fOjqhloES/dIqIGqLfWNZIEooyiPldTkMnbxCCvtkIEilmDkQJKHemwpQav5U
apXX1qsttjfiAE+hhZMtu4/4LzLfBQjpRvce
-----END CERTIFICATE-----
Generated at Fri May 29 23:15:40 2026 by rpki-client