Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17067636252811F19D73E4E9DAE4EC9C.roa
File: 17067636252811F19D73E4E9DAE4EC9C.roa (raw, json)
Hash identifier: WvuavDapmPZYCuQt6DipeRwNUX0hBmUuJ2ergnut6EM=
Subject key identifier: 5C:58:E4:A9:55:39:83:E4:52:46:8E:1E:06:BF:0D:BD:39:4A:34:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A65C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17067636252811F19D73E4E9DAE4EC9C.roa
Signing time: Sat 21 Mar 2026 13:15:55 +0000
ROA not before: Sat 21 Mar 2026 13:15:49 +0000
ROA not after: Mon 30 Mar 2026 13:15:49 +0000
asID: 136907
IP address blocks: 156.230.32.0/21 maxlen: 24
156.230.40.0/21 maxlen: 24
156.230.64.0/18 maxlen: 24
156.240.128.0/18 maxlen: 24
156.253.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108124 (0x1a65c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 21 13:15:49 2026 GMT
Not After : Mar 30 13:15:49 2026 GMT
Subject: CN=69be9a0a-2fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:16:64:71:9c:63:03:75:ec:c8:10:7f:c4:05:
7f:73:11:22:24:00:10:50:18:4a:b4:e3:ad:dd:f2:
d7:5a:e3:56:32:04:29:71:d2:d1:c8:07:19:a8:53:
ab:6e:57:43:6c:9d:e1:93:db:e3:63:0a:d2:17:8b:
aa:5c:c5:4e:d9:24:cc:c3:18:a4:e4:c3:b0:25:a9:
6b:43:b7:8d:4c:5f:af:c3:eb:6c:93:52:9d:74:12:
8c:21:35:af:74:43:dd:a0:f7:ea:98:4d:1d:6c:fa:
68:9b:95:c6:12:e7:b3:59:e7:ee:eb:d9:63:1b:9c:
82:32:c0:83:61:37:95:c8:a0:27:b1:3f:8d:e2:9c:
fe:40:77:b2:ba:24:e1:dc:3d:12:3d:71:7d:d5:07:
b4:74:f0:f7:d1:49:30:11:bb:5f:f4:59:ac:e5:48:
d4:bc:e9:7f:5b:79:65:3f:ea:7d:a5:12:3e:0b:ed:
a2:56:dc:e1:24:a5:74:22:ef:56:66:70:e0:cc:7f:
3e:20:9e:7c:97:26:94:ab:55:33:1b:38:8e:6b:c8:
22:c0:21:84:4b:6e:15:84:61:da:52:3c:22:02:08:
dd:1c:02:29:94:3d:cf:7f:b2:77:f3:ff:ab:1c:68:
d7:df:8e:4d:81:f9:8d:7f:4f:40:06:b3:b0:5f:10:
67:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:58:E4:A9:55:39:83:E4:52:46:8E:1E:06:BF:0D:BD:39:4A:34:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17067636252811F19D73E4E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.32.0/20
156.230.64.0/18
156.240.128.0/18
156.253.16.0/20
Signature Algorithm: sha256WithRSAEncryption
76:72:bf:ff:22:ba:8d:5d:d4:27:5b:14:e1:24:32:db:d6:c6:
a5:b6:93:80:59:35:89:b3:27:6d:df:e4:98:12:92:9c:d8:e0:
9b:25:12:4d:c3:03:0e:2b:3f:d1:f0:ad:24:8f:21:e9:a9:6b:
06:c4:45:00:df:88:75:4d:97:54:41:80:63:93:8f:ae:8f:d5:
6a:fb:a6:5d:11:d7:a9:f0:7c:9b:a7:d6:76:6f:44:f6:76:dd:
68:a4:18:fc:ad:f7:12:1e:f4:7b:74:0b:97:85:26:0c:6d:de:
62:64:55:aa:66:a5:61:78:17:35:f0:47:1b:df:2c:52:e7:44:
e6:39:d5:f3:e3:2a:24:bf:6e:50:f4:c2:eb:32:9c:15:ec:55:
51:2d:5b:4e:ca:f5:24:e3:87:2f:30:fc:bd:bc:2b:3a:97:6a:
89:87:ce:de:11:58:63:90:5e:9d:62:a0:92:65:fe:79:bd:70:
c3:3b:26:13:f3:d8:79:23:fb:97:4e:1b:89:51:cb:a5:23:09:
53:2e:62:aa:fb:d4:c3:b4:49:09:17:a6:6d:b2:e5:c9:c8:bf:
fb:6c:db:b2:5f:bb:e8:f0:3a:40:46:18:0b:7a:82:af:14:cf:
e7:ef:37:53:96:ff:e0:85:b8:33:4a:40:b2:88:3f:41:a2:51:
07:69:12:05
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAaZcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzIxMTMxNTQ5WhcNMjYwMzMwMTMxNTQ5WjAYMRYw
FAYDVQQDEw02OWJlOWEwYS0yZmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7RZkcZxjA3XsyBB/xAV/cxEiJAAQUBhKtOOt3fLXWuNWMgQpcdLRyAcZ
qFOrbldDbJ3hk9vjYwrSF4uqXMVO2STMwxik5MOwJalrQ7eNTF+vw+tsk1KddBKM
ITWvdEPdoPfqmE0dbPpom5XGEuezWefu69ljG5yCMsCDYTeVyKAnsT+N4pz+QHey
uiTh3D0SPXF91Qe0dPD30UkwEbtf9Fms5UjUvOl/W3llP+p9pRI+C+2iVtzhJKV0
Iu9WZnDgzH8+IJ58lyaUq1UzGziOa8giwCGES24VhGHaUjwiAgjdHAIplD3Pf7J3
8/+rHGjX345NgfmNf09ABrOwXxBn0QIDAQABo4ICtDCCArAwHQYDVR0OBBYEFFxY
5KlVOYPkUkaOHga/Db05SjT7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNzA2NzYzNjI1MjgxMUYxOUQ3M0U0RTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEnOYgAwQGnOZAAwQGnPCAAwQE
nP0QMA0GCSqGSIb3DQEBCwUAA4IBAQB2cr//IrqNXdQnWxThJDLb1saltpOAWTWJ
sydt3+SYEpKc2OCbJRJNwwMOKz/R8K0kjyHpqWsGxEUA34h1TZdUQYBjk4+uj9Vq
+6ZdEdep8Hybp9Z2b0T2dt1opBj8rfcSHvR7dAuXhSYMbd5iZFWqZqVheBc18Ecb
3yxS50TmOdXz4yokv25Q9MLrMpwV7FVRLVtOyvUk44cvMPy9vCs6l2qJh87eEVhj
kF6dYqCSZf55vXDDOyYT89h5I/uXThuJUculIwlTLmKq+9TDtEkJF6ZtsuXJyL/7
bNuyX7vo8DpARhgLeoKvFM/n7zdTlv/ghbgzSkCyiD9BolEHaRIF
-----END CERTIFICATE-----
Generated at Wed Mar 25 09:32:29 2026 by rpki-client