Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A7F1682578311F1879BE112CF1D38B0.roa
File: 1A7F1682578311F1879BE112CF1D38B0.roa (raw, json)
Hash identifier: fkdFPeSBlHzeTFv1p6SiT2uejquJLpQba5Ao5KfM96M=
Subject key identifier: 4B:A3:6F:56:47:09:4F:E2:9E:BA:61:72:86:56:53:72:C3:E4:7E:36
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B90A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A7F1682578311F1879BE112CF1D38B0.roa
Signing time: Sun 24 May 2026 15:13:22 +0000
ROA not before: Sun 24 May 2026 15:13:18 +0000
ROA not after: Wed 01 Jul 2026 15:13:18 +0000
asID: 202656
IP address blocks: 156.236.105.0/24 maxlen: 24
156.236.106.0/24 maxlen: 24
156.236.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112906 (0x1b90a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 24 15:13:18 2026 GMT
Not After : Jul 1 15:13:18 2026 GMT
Subject: CN=6a131592-860b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ca:26:ef:9a:4f:44:48:21:36:3d:94:9d:d2:
14:52:72:56:93:e7:2a:43:ac:87:95:f0:77:7e:06:
01:7b:a5:c4:73:bb:54:cf:c4:91:49:a3:3d:64:8b:
d5:b4:32:72:ae:5c:8e:25:99:dc:ef:dd:85:ec:6a:
32:c3:62:6e:18:2c:ab:fb:ee:17:c3:00:0c:7e:08:
4b:f0:c8:f8:50:a0:a0:b8:45:49:77:80:ab:1e:ae:
04:55:a0:c1:8b:a4:96:fd:d7:52:6d:c6:30:4f:32:
fe:42:d4:46:5e:6c:25:23:80:ee:e1:90:2f:20:7f:
c9:c0:08:ee:82:4d:f3:32:76:79:a0:e1:10:96:10:
4c:f4:80:9d:97:b4:54:6f:2e:e1:db:cb:b2:14:9a:
60:62:b7:e3:f9:6d:3e:89:5d:9a:27:32:8c:35:1b:
14:2f:51:cc:9c:a5:09:f4:8c:5b:c4:1c:f3:ba:91:
f9:16:03:10:ad:13:88:b5:a4:f4:6f:38:87:cb:50:
f3:26:7d:76:f1:80:88:0f:4e:36:47:ac:64:4c:a9:
86:e2:42:89:ad:6c:eb:ae:3b:1f:36:68:04:22:2c:
3e:e2:de:8f:42:53:56:ec:80:76:7c:43:10:2d:ea:
18:c6:a6:33:5c:83:d6:c4:11:cf:d5:ad:b0:be:c9:
a9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A3:6F:56:47:09:4F:E2:9E:BA:61:72:86:56:53:72:C3:E4:7E:36
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A7F1682578311F1879BE112CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.105.0-156.236.107.255
Signature Algorithm: sha256WithRSAEncryption
05:07:1f:64:e7:a1:ce:36:ac:78:8b:48:f6:e5:fd:7b:a1:e4:
5a:c3:0c:f6:07:f1:33:fa:c1:7b:e4:a5:fe:fb:15:01:5f:bc:
58:41:f0:e2:e7:2f:1e:80:4b:54:31:87:64:a2:b7:a3:44:ff:
5c:d4:8c:03:da:fc:35:b0:9a:55:47:41:46:3a:7e:e3:d5:64:
ca:af:43:2a:f6:2b:f9:34:d5:9c:10:4d:63:e9:4a:ea:ca:e9:
20:5c:4d:17:07:49:21:83:35:e8:73:15:f0:90:35:27:c9:e5:
6d:0f:db:f4:61:e9:d6:48:97:b9:4d:8e:83:61:0b:3e:b4:e2:
54:51:c1:94:6a:28:8a:19:69:ea:0a:b5:23:bc:f8:6f:d6:7b:
2d:19:72:6b:b6:89:2b:29:7d:96:fb:10:14:bf:a0:66:dd:a8:
e8:83:32:67:49:ea:63:6c:c8:96:3e:ae:d3:78:57:0c:1e:4c:
0a:2e:3d:f4:5d:91:5a:ab:60:27:ca:20:e4:78:ff:1d:d7:ce:
7e:8e:b8:19:cf:f1:3a:74:39:b1:6c:ca:1a:01:8f:ae:4b:6c:
8f:21:7d:aa:f8:31:8d:13:1f:4f:50:59:ff:36:19:bf:1e:ea:
5a:0b:1b:47:93:e6:29:b0:af:f6:b9:6e:a1:be:2b:4a:60:5c:
a0:1f:59:cb
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAbkKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTI0MTUxMzE4WhcNMjYwNzAxMTUxMzE4WjAYMRYw
FAYDVQQDEw02YTEzMTU5Mi04NjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvMom75pPREghNj2UndIUUnJWk+cqQ6yHlfB3fgYBe6XEc7tUz8SRSaM9
ZIvVtDJyrlyOJZnc792F7Goyw2JuGCyr++4XwwAMfghL8Mj4UKCguEVJd4CrHq4E
VaDBi6SW/ddSbcYwTzL+QtRGXmwlI4Du4ZAvIH/JwAjugk3zMnZ5oOEQlhBM9ICd
l7RUby7h28uyFJpgYrfj+W0+iV2aJzKMNRsUL1HMnKUJ9IxbxBzzupH5FgMQrROI
taT0bziHy1DzJn128YCID042R6xkTKmG4kKJrWzrrjsfNmgEIiw+4t6PQlNW7IB2
fEMQLeoYxqYzXIPWxBHP1a2wvsmppwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEuj
b1ZHCU/inrphcoZWU3LD5H42MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQTdGMTY4MjU3ODMxMUYxODc5QkUxMTJDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc7GkDBAKc7GgwDQYJKoZI
hvcNAQELBQADggEBAAUHH2Tnoc42rHiLSPbl/Xuh5FrDDPYH8TP6wXvkpf77FQFf
vFhB8OLnLx6AS1Qxh2Sit6NE/1zUjAPa/DWwmlVHQUY6fuPVZMqvQyr2K/k01ZwQ
TWPpSurK6SBcTRcHSSGDNehzFfCQNSfJ5W0P2/Rh6dZIl7lNjoNhCz604lRRwZRq
KIoZaeoKtSO8+G/Wey0Zcmu2iSspfZb7EBS/oGbdqOiDMmdJ6mNsyJY+rtN4Vwwe
TAouPfRdkVqrYCfKIOR4/x3Xzn6OuBnP8Tp0ObFsyhoBj65LbI8hfar4MY0TH09Q
Wf82Gb8e6loLG0eT5imwr/a5bqG+K0pgXKAfWcs=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:29 2026 by rpki-client