Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07FDABA6582111F19A106CDBCE1D38B0.roa
File: 07FDABA6582111F19A106CDBCE1D38B0.roa (raw, json)
Hash identifier: NRwG0+qHgfCXIGCXqtbp1E9+5lGDzsx1HAH0ujkXgxU=
Subject key identifier: EF:90:76:22:5C:1B:B8:8E:1B:32:FC:06:FB:14:DA:CA:90:FA:DA:25
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B97C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07FDABA6582111F19A106CDBCE1D38B0.roa
Signing time: Mon 25 May 2026 10:03:52 +0000
ROA not before: Mon 25 May 2026 10:03:47 +0000
ROA not after: Fri 26 Feb 2027 10:03:47 +0000
asID: 140951
IP address blocks: 156.231.56.0/24 maxlen: 24
156.231.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113020 (0x1b97c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 25 10:03:47 2026 GMT
Not After : Feb 26 10:03:47 2027 GMT
Subject: CN=6a141e88-20b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6c:bf:df:3c:77:67:26:9d:2d:52:94:a9:de:
24:ea:a5:97:41:93:1e:ae:46:03:e3:88:41:c4:87:
53:3a:52:27:e3:13:d4:f4:5a:4f:86:aa:ad:2b:36:
e8:18:38:73:44:52:03:1d:22:5c:f3:bb:cb:57:52:
fb:9b:6b:77:cd:57:b3:31:48:42:f5:26:64:dd:38:
c5:3d:4b:4d:73:d3:69:2d:da:74:21:0c:9e:73:5c:
62:be:17:ec:06:e0:89:1c:59:4b:7a:dd:c6:b9:94:
1e:65:11:aa:98:9a:58:26:10:36:61:9b:9b:05:bd:
02:b7:13:5a:be:97:bd:d4:12:76:f8:73:e8:b9:0d:
7f:65:ee:1d:35:99:27:98:3b:66:87:db:d6:ec:94:
40:6b:3b:ff:db:e4:ab:9f:c2:b0:04:d7:d6:35:0e:
6b:c0:cd:07:da:9d:ec:92:4c:51:dd:93:b2:2c:ed:
be:c7:96:97:49:6d:b9:85:fd:20:ad:37:db:61:d4:
07:d9:64:f4:4b:1f:08:e3:df:fb:dc:f1:d6:58:ee:
c9:c4:30:62:9b:01:83:5a:41:84:5b:71:e7:17:35:
97:62:02:38:01:c4:2b:b4:9f:39:82:42:09:b1:47:
52:b6:3f:3a:df:1c:9a:a7:8d:81:ba:57:50:e7:44:
d1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:90:76:22:5C:1B:B8:8E:1B:32:FC:06:FB:14:DA:CA:90:FA:DA:25
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07FDABA6582111F19A106CDBCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.56.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:5e:05:54:5e:ce:dd:e7:84:9a:df:b4:85:f9:94:4b:05:cc:
dc:eb:b9:d1:6e:35:30:01:ef:5a:ed:ea:e3:d1:c0:a3:0a:7a:
67:76:c8:05:66:ec:80:d9:82:c6:4d:ec:c5:ac:e4:f7:bf:f0:
8a:d2:f3:04:45:74:e1:bc:f7:75:a4:39:3e:58:30:71:0e:00:
46:11:c0:8b:5c:16:96:41:f8:c3:e5:f4:f1:b6:6e:69:da:44:
52:c5:79:f6:3f:2e:46:7b:3b:0f:02:b5:e1:8b:63:34:3a:d0:
74:54:f1:3e:e2:5b:6e:f5:36:f4:85:b8:92:8e:0d:bf:eb:29:
39:74:a6:1f:7c:cf:e6:6f:c9:10:df:be:0c:47:17:a2:6f:0d:
f4:90:a4:27:a2:fb:dc:09:30:fd:aa:80:bc:71:c4:80:35:bb:
aa:e0:2b:b6:df:6e:4b:1f:85:c2:bf:9d:e2:32:3a:38:1e:3a:
2c:b5:c1:5a:9a:96:16:f7:18:bb:8b:44:fc:32:1c:2a:da:5a:
08:8e:e1:a3:8c:20:29:26:77:b0:07:02:36:69:87:06:35:05:
f2:81:7c:44:9a:3c:04:42:b8:00:0a:b4:2a:c2:97:25:00:8b:
a4:cc:e6:cc:da:87:03:68:19:53:f0:64:3a:68:2e:52:1f:99:
97:10:f6:1d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbl8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTI1MTAwMzQ3WhcNMjcwMjI2MTAwMzQ3WjAYMRYw
FAYDVQQDEw02YTE0MWU4OC0yMGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxmy/3zx3ZyadLVKUqd4k6qWXQZMerkYD44hBxIdTOlIn4xPU9FpPhqqt
KzboGDhzRFIDHSJc87vLV1L7m2t3zVezMUhC9SZk3TjFPUtNc9NpLdp0IQyec1xi
vhfsBuCJHFlLet3GuZQeZRGqmJpYJhA2YZubBb0CtxNavpe91BJ2+HPouQ1/Ze4d
NZknmDtmh9vW7JRAazv/2+Srn8KwBNfWNQ5rwM0H2p3skkxR3ZOyLO2+x5aXSW25
hf0grTfbYdQH2WT0Sx8I49/73PHWWO7JxDBimwGDWkGEW3HnFzWXYgI4AcQrtJ85
gkIJsUdStj863xyap42BuldQ50TR3QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO+Q
diJcG7iOGzL8BvsU2sqQ+tolMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wN0ZEQUJBNjU4MjExMUYxOUExMDZDREJDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOc4MA0GCSqGSIb3DQEBCwUA
A4IBAQC0XgVUXs7d54Sa37SF+ZRLBczc67nRbjUwAe9a7erj0cCjCnpndsgFZuyA
2YLGTezFrOT3v/CK0vMERXThvPd1pDk+WDBxDgBGEcCLXBaWQfjD5fTxtm5p2kRS
xXn2Py5GezsPArXhi2M0OtB0VPE+4ltu9Tb0hbiSjg2/6yk5dKYffM/mb8kQ374M
Rxeibw30kKQnovvcCTD9qoC8ccSANbuq4Cu2325LH4XCv53iMjo4HjostcFampYW
9xi7i0T8Mhwq2loIjuGjjCApJnewBwI2aYcGNQXygXxEmjwEQrgACrQqwpclAIuk
zObM2ocDaBlT8GQ6aC5SH5mXEPYd
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:14:07 2026 by rpki-client