Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A956CF057C111F1B30DB400CF1D38B0.roa
File: 1A956CF057C111F1B30DB400CF1D38B0.roa (raw, json)
Hash identifier: 4/xJB7tT+EOfnG9jk9XzETYw+9xk3KocDd3yy/yvJh0=
Subject key identifier: 16:10:E8:A8:36:55:EF:DB:3D:23:43:44:E7:98:B9:27:09:3A:EC:97
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B940
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A956CF057C111F1B30DB400CF1D38B0.roa
Signing time: Sun 24 May 2026 22:37:11 +0000
ROA not before: Mon 25 May 2026 22:37:06 +0000
ROA not after: Sun 20 May 2029 22:37:06 +0000
asID: 17561
IP address blocks: 156.245.164.0/24 maxlen: 24
156.245.165.0/24 maxlen: 24
156.245.166.0/24 maxlen: 24
156.245.167.0/24 maxlen: 24
156.245.172.0/24 maxlen: 24
156.245.173.0/24 maxlen: 24
156.245.174.0/24 maxlen: 24
156.245.175.0/24 maxlen: 24
156.249.124.0/24 maxlen: 24
156.249.125.0/24 maxlen: 24
156.249.126.0/24 maxlen: 24
156.249.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112960 (0x1b940)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 25 22:37:06 2026 GMT
Not After : May 20 22:37:06 2029 GMT
Subject: CN=6a137d97-db68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:46:75:1c:c3:72:50:c2:b5:d9:e2:b9:fc:b3:
a1:a9:dd:58:f0:f1:c5:5f:88:57:23:c6:b8:d9:a6:
e4:3a:db:a9:28:41:58:ec:f9:95:61:5b:62:ea:9d:
0c:7e:f7:93:3e:cf:8a:30:21:46:66:a0:58:bd:b6:
48:26:5d:54:23:d5:a9:05:66:53:8e:52:83:f5:ca:
c3:62:7a:ce:45:ac:04:d4:c5:b5:7c:8c:fc:85:66:
d3:5e:8d:46:f1:ca:b8:d0:13:63:91:0a:43:31:6d:
a4:6d:f1:57:53:91:91:4d:a0:59:9d:49:28:a2:48:
3f:b7:68:46:53:ce:f2:48:fc:c5:20:69:37:67:c5:
2d:45:91:5b:cd:e1:d1:25:b0:af:d9:0d:95:26:cd:
c5:34:d3:6e:42:5c:43:f5:73:47:8a:36:f2:a8:3f:
70:df:0a:98:00:81:c2:0d:3a:ee:61:c5:dc:ef:67:
14:36:9a:07:8f:14:b3:dc:9b:9b:ab:55:b9:66:70:
5d:b9:ee:56:d0:2c:db:d1:b2:e4:fd:10:21:ff:e1:
04:e0:20:6f:68:bc:55:1f:f9:37:1b:aa:e0:f6:c0:
47:61:f4:8d:af:46:63:45:87:70:c2:58:a7:37:a6:
ad:cf:3d:75:4c:d4:85:e3:3d:02:a8:d5:dc:89:c1:
9f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:10:E8:A8:36:55:EF:DB:3D:23:43:44:E7:98:B9:27:09:3A:EC:97
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A956CF057C111F1B30DB400CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.164.0/22
156.245.172.0/22
156.249.124.0/22
Signature Algorithm: sha256WithRSAEncryption
23:a7:14:d1:08:8f:17:49:45:6c:32:22:45:14:99:99:b7:67:
c2:ad:25:df:fd:f9:5c:34:bb:fd:39:2d:a0:03:78:4e:0b:db:
be:90:b6:c0:74:14:39:82:73:c8:25:14:f8:28:f0:9c:39:20:
3c:55:91:e5:58:8b:b9:b8:67:e2:66:24:0d:4e:31:99:43:0c:
cf:52:42:e3:23:47:ac:76:a6:e8:a3:0f:b4:bb:43:2d:7b:e4:
e8:a9:8d:1f:41:7c:af:1c:a8:de:56:0e:b8:9e:c7:79:9d:7e:
a3:45:53:ad:51:8a:8c:a2:ff:c4:db:e7:84:a2:c3:cc:e9:10:
da:8e:6d:6c:fd:31:6d:ea:45:07:6f:5a:84:bb:d7:c0:99:e2:
f2:c6:46:24:d0:3f:38:17:22:b9:6d:d2:56:bc:f4:48:f3:0a:
59:b6:93:d9:e5:e1:18:66:f8:b6:58:d6:05:bc:88:a7:df:46:
3b:ed:36:db:4c:27:f5:99:e8:7d:f7:61:40:5c:1e:69:32:0a:
cf:c8:24:e8:57:25:f0:a3:8f:10:0c:c3:d6:9d:09:ab:8e:e5:
01:bf:28:e9:0f:88:dd:61:81:52:8b:ce:17:3a:d3:a0:d3:14:
96:5e:c7:f9:02:2e:0c:bb:cf:c0:c0:49:e1:5b:d8:d0:7a:03:
0f:93:21:b0
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAblAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTI1MjIzNzA2WhcNMjkwNTIwMjIzNzA2WjAYMRYw
FAYDVQQDEw02YTEzN2Q5Ny1kYjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmEZ1HMNyUMK12eK5/LOhqd1Y8PHFX4hXI8a42abkOtupKEFY7PmVYVti
6p0MfveTPs+KMCFGZqBYvbZIJl1UI9WpBWZTjlKD9crDYnrORawE1MW1fIz8hWbT
Xo1G8cq40BNjkQpDMW2kbfFXU5GRTaBZnUkookg/t2hGU87ySPzFIGk3Z8UtRZFb
zeHRJbCv2Q2VJs3FNNNuQlxD9XNHijbyqD9w3wqYAIHCDTruYcXc72cUNpoHjxSz
3Jubq1W5ZnBdue5W0Czb0bLk/RAh/+EE4CBvaLxVH/k3G6rg9sBHYfSNr0ZjRYdw
wlinN6atzz11TNSF4z0CqNXcicGf2QIDAQABo4ICrjCCAqowHQYDVR0OBBYEFBYQ
6Kg2Ve/bPSNDROeYuScJOuyXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQTk1NkNGMDU3QzExMUYxQjMwREI0MDBDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCnPWkAwQCnPWsAwQCnPl8MA0G
CSqGSIb3DQEBCwUAA4IBAQAjpxTRCI8XSUVsMiJFFJmZt2fCrSXf/flcNLv9OS2g
A3hOC9u+kLbAdBQ5gnPIJRT4KPCcOSA8VZHlWIu5uGfiZiQNTjGZQwzPUkLjI0es
dqboow+0u0Mte+ToqY0fQXyvHKjeVg64nsd5nX6jRVOtUYqMov/E2+eEosPM6RDa
jm1s/TFt6kUHb1qEu9fAmeLyxkYk0D84FyK5bdJWvPRI8wpZtpPZ5eEYZvi2WNYF
vIin30Y77TbbTCf1meh992FAXB5pMgrPyCToVyXwo48QDMPWnQmrjuUBvyjpD4jd
YYFSi84XOtOg0xSWXsf5Ai4Mu8/AwEnhW9jQegMPkyGw
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:15 2026 by rpki-client