Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A695E18578C11F18143AACACE1D38B0.roa
File: 3A695E18578C11F18143AACACE1D38B0.roa (raw, json)
Hash identifier: AaNvbYurR525atBu35/PndAITUlD0j0j1z+d4G8XKdA=
Subject key identifier: 57:F4:BA:9A:20:C0:DB:D9:31:74:11:31:21:E4:C3:82:BF:C7:70:29
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B920
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A695E18578C11F18143AACACE1D38B0.roa
Signing time: Sun 24 May 2026 16:18:41 +0000
ROA not before: Sun 24 May 2026 16:18:37 +0000
ROA not after: Thu 02 Jul 2026 16:18:37 +0000
asID: 11427
IP address blocks: 156.229.180.0/22 maxlen: 24
156.229.232.0/22 maxlen: 24
156.229.240.0/22 maxlen: 24
156.233.4.0/22 maxlen: 24
156.233.152.0/21 maxlen: 24
156.241.8.0/21 maxlen: 24
156.248.96.0/21 maxlen: 24
156.249.72.0/21 maxlen: 24
156.249.88.0/21 maxlen: 24
156.249.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112928 (0x1b920)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 24 16:18:37 2026 GMT
Not After : Jul 2 16:18:37 2026 GMT
Subject: CN=6a1324e1-e703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d6:62:5a:75:0b:52:1e:1b:fa:88:db:b0:9c:
ae:d8:0f:08:a2:bc:d0:3c:92:04:4b:e3:81:ac:fc:
70:60:1a:5f:90:53:15:b8:de:96:c5:15:ea:d4:6a:
5b:0b:7e:d1:b1:86:1d:37:74:9f:30:b5:86:eb:b4:
ff:7d:9e:ff:64:73:fc:54:32:02:ad:c5:ce:e1:a5:
37:e6:6e:a2:fe:9d:1c:d5:02:a3:50:1d:8b:59:73:
ad:e3:0f:db:a6:4b:9b:3e:15:e2:8e:2b:c2:8d:50:
28:70:b8:52:97:86:14:c5:48:c0:6f:3f:c7:ca:8b:
0b:fb:71:81:74:aa:49:66:3e:76:71:50:08:fc:f7:
b0:df:36:b3:7f:99:b6:65:46:81:64:44:41:e9:24:
1f:b1:a9:ad:6b:d4:40:db:7e:c9:87:74:1d:ac:ed:
d3:7a:ee:72:19:89:0d:98:97:be:54:bc:af:63:d0:
29:c2:19:7e:08:e0:ee:e3:92:aa:fd:45:d5:d6:8c:
e6:9c:ca:9b:f9:01:73:69:cb:0e:e7:20:5e:ad:09:
d6:06:6a:b6:66:5e:97:56:8d:fb:89:7d:46:ab:9f:
a6:57:f2:ba:da:a0:ca:63:1e:c8:6c:50:31:c2:43:
2a:bd:2c:bd:6a:6d:4d:6e:aa:dc:06:54:c9:35:16:
88:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:F4:BA:9A:20:C0:DB:D9:31:74:11:31:21:E4:C3:82:BF:C7:70:29
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A695E18578C11F18143AACACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.180.0/22
156.229.232.0/22
156.229.240.0/22
156.233.4.0/22
156.233.152.0/21
156.241.8.0/21
156.248.96.0/21
156.249.72.0/21
156.249.88.0/21
156.249.104.0/21
Signature Algorithm: sha256WithRSAEncryption
97:23:39:4a:77:32:eb:02:7e:bf:ea:29:a2:b1:33:bb:3b:2d:
c4:19:b3:bf:55:ed:1f:6b:f5:9a:8b:45:6c:ee:50:73:a3:df:
20:a6:a7:c8:a8:71:d1:1c:32:60:1e:e8:f9:e8:96:c7:51:f5:
18:ef:82:06:d4:a1:dc:1e:40:59:3b:c8:74:a5:a0:73:56:32:
e1:3e:8b:a9:b6:1a:18:96:61:e9:f1:af:16:3a:0e:3e:fe:2a:
1e:5b:1e:71:95:23:eb:8a:71:1d:0b:a5:8a:f9:fd:74:29:c8:
41:57:66:f1:e5:d0:b0:15:f4:4a:37:b9:0b:a0:52:26:5b:a8:
fc:b5:54:81:4d:00:db:28:8b:c1:97:6a:3b:13:72:6e:77:cd:
9d:6f:12:7b:a2:1e:2b:50:04:bc:8f:09:82:e8:39:8a:11:5a:
9a:29:e1:c7:50:b5:5b:df:da:87:f5:d1:f6:4e:ec:0d:ac:c2:
31:b1:8d:ef:46:89:77:85:a4:46:b3:45:d2:a7:93:a2:0d:64:
a1:1b:2e:1b:dd:18:95:26:96:e4:ae:26:a6:8a:ac:a1:ba:7c:
77:30:90:7d:f3:a9:5f:31:bb:e5:fb:3f:85:93:a5:f6:f2:cb:
20:a5:8e:b6:12:c3:09:0b:00:d7:0b:e6:78:32:1a:65:87:ef:
66:44:a6:d3
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgIDAbkgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTI0MTYxODM3WhcNMjYwNzAyMTYxODM3WjAYMRYw
FAYDVQQDEw02YTEzMjRlMS1lNzAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1dZiWnULUh4b+ojbsJyu2A8IorzQPJIES+OBrPxwYBpfkFMVuN6WxRXq
1GpbC37RsYYdN3SfMLWG67T/fZ7/ZHP8VDICrcXO4aU35m6i/p0c1QKjUB2LWXOt
4w/bpkubPhXijivCjVAocLhSl4YUxUjAbz/HyosL+3GBdKpJZj52cVAI/Pew3zaz
f5m2ZUaBZERB6SQfsamta9RA237Jh3QdrO3Teu5yGYkNmJe+VLyvY9Apwhl+CODu
45Kq/UXV1ozmnMqb+QFzacsO5yBerQnWBmq2Zl6XVo37iX1Gq5+mV/K62qDKYx7I
bFAxwkMqvSy9am1NbqrcBlTJNRaIswIDAQABo4IC2DCCAtQwHQYDVR0OBBYEFFf0
upogwNvZMXQRMSHkw4K/x3ApMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTY5NUUxODU3OEMxMUYxODE0M0FBQ0FDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCnOW0AwQCnOXoAwQCnOXwAwQC
nOkEAwQDnOmYAwQDnPEIAwQDnPhgAwQDnPlIAwQDnPlYAwQDnPloMA0GCSqGSIb3
DQEBCwUAA4IBAQCXIzlKdzLrAn6/6imisTO7Oy3EGbO/Ve0fa/Wai0Vs7lBzo98g
pqfIqHHRHDJgHuj56JbHUfUY74IG1KHcHkBZO8h0paBzVjLhPoupthoYlmHp8a8W
Og4+/ioeWx5xlSPrinEdC6WK+f10KchBV2bx5dCwFfRKN7kLoFImW6j8tVSBTQDb
KIvBl2o7E3Jud82dbxJ7oh4rUAS8jwmC6DmKEVqaKeHHULVb39qH9dH2TuwNrMIx
sY3vRol3haRGs0XSp5OiDWShGy4b3RiVJpbkriamiqyhunx3MJB986lfMbvl+z+F
k6X28ssgpY62EsMJCwDXC+Z4Mhplh+9mRKbT
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:28:51 2026 by rpki-client