Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4355766E535511F1A90B2219CF1D38B0.roa
File: 4355766E535511F1A90B2219CF1D38B0.roa (raw, json)
Hash identifier: +cGfTya/r1cOidjUOE+pLTIwN1Kp+W2UMab/4SkpTZk=
Subject key identifier: 9B:90:79:C1:67:29:C3:91:DA:BC:64:73:46:28:2D:64:57:6F:1C:56
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B5AD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4355766E535511F1A90B2219CF1D38B0.roa
Signing time: Tue 19 May 2026 07:35:09 +0000
ROA not before: Tue 19 May 2026 07:35:05 +0000
ROA not after: Wed 19 Aug 2026 07:35:05 +0000
asID: 152705
IP address blocks: 156.224.18.0/23 maxlen: 24
156.224.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112045 (0x1b5ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 19 07:35:05 2026 GMT
Not After : Aug 19 07:35:05 2026 GMT
Subject: CN=6a0c12ad-8930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:1b:8f:03:71:c1:f9:12:e8:26:20:8b:56:f5:
d1:f5:eb:f3:75:51:54:24:19:f9:f5:29:32:49:5d:
d6:c3:40:c1:ce:cc:26:89:44:65:06:5b:1a:c0:cd:
1e:b9:61:f2:f3:80:70:9e:ab:a4:7d:1e:9d:4d:28:
af:c9:3b:c0:3a:77:6f:62:62:7f:29:a6:19:f1:d7:
54:c4:31:bd:22:ac:94:c4:fd:6c:53:a0:07:51:10:
f2:d2:01:fb:f2:7a:25:91:5d:56:3c:e7:8c:88:bc:
e0:51:77:f6:5d:7f:86:d2:ee:17:ce:18:cd:d6:61:
0c:6b:aa:7a:22:8b:16:7b:ca:c9:6b:35:73:e3:50:
9d:85:52:d8:70:bf:b8:17:a7:61:12:a6:30:fc:67:
c0:ae:ab:66:a0:a1:cd:c1:d6:f8:63:4a:ed:8f:b2:
04:b2:bd:aa:a7:02:d1:e6:af:69:bc:26:c2:3b:0c:
7d:87:ab:bf:21:e8:3d:6b:df:ef:c6:96:4a:7b:4c:
19:af:e2:ea:b3:f3:70:33:f2:5e:47:9e:68:9c:0e:
cb:f8:b0:fe:35:26:0b:84:55:b8:44:1b:a2:eb:64:
c7:ff:52:28:0f:a1:a0:4a:bf:86:12:87:03:89:a8:
82:e6:72:7a:82:c0:54:30:f8:17:e3:a1:7c:72:d3:
ab:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:90:79:C1:67:29:C3:91:DA:BC:64:73:46:28:2D:64:57:6F:1C:56
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4355766E535511F1A90B2219CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.18.0/23
156.224.28.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:9e:7c:a4:e8:a2:40:79:fa:9c:1d:68:78:41:98:0e:92:c3:
cd:00:24:66:9a:24:f2:6b:bf:05:dc:58:ba:04:53:cf:7c:79:
b1:28:81:bd:f1:3e:e5:3c:a8:7d:26:e2:b8:9a:0d:b3:e2:76:
9c:ce:f1:c5:e4:fb:85:3a:95:98:22:53:d4:56:27:93:d9:b9:
15:04:d8:cc:7e:bb:42:8f:e2:2c:33:78:a1:e1:a3:93:66:9e:
e2:2a:fb:22:ad:d1:90:63:c2:b9:9f:a7:87:51:a0:d3:c1:2d:
47:26:71:e7:06:f6:99:f6:99:5f:36:60:9f:d9:a8:dc:8c:ca:
47:a5:eb:a6:d1:4b:2d:57:7d:8b:ec:24:ad:34:1a:f6:e1:53:
cd:42:e9:e9:8c:6b:ff:ff:53:5f:3f:4d:ed:29:5e:d6:59:0c:
d1:45:00:98:54:c7:df:0d:c3:01:2a:61:d5:bb:b4:f4:ad:04:
8b:15:2f:4b:7b:e7:4c:31:5e:fd:a1:42:db:4e:66:e4:3e:99:
35:ce:bd:95:f3:95:21:34:45:b2:99:16:bb:c8:9b:76:9c:dd:
16:03:a7:d9:f0:47:f8:50:fc:72:fa:bc:c0:88:66:0b:7e:fd:
fb:c2:c4:4f:80:75:8f:75:d6:bd:8d:bc:fb:4a:18:b0:b7:c2:
88:5f:0c:71
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAbWtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTE5MDczNTA1WhcNMjYwODE5MDczNTA1WjAYMRYw
FAYDVQQDEw02YTBjMTJhZC04OTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8xuPA3HB+RLoJiCLVvXR9evzdVFUJBn59SkySV3Ww0DBzswmiURlBlsa
wM0euWHy84BwnqukfR6dTSivyTvAOndvYmJ/KaYZ8ddUxDG9IqyUxP1sU6AHURDy
0gH78nolkV1WPOeMiLzgUXf2XX+G0u4XzhjN1mEMa6p6IosWe8rJazVz41CdhVLY
cL+4F6dhEqYw/GfArqtmoKHNwdb4Y0rtj7IEsr2qpwLR5q9pvCbCOwx9h6u/Ieg9
a9/vxpZKe0wZr+Lqs/NwM/JeR55onA7L+LD+NSYLhFW4RBui62TH/1IoD6GgSr+G
EocDiaiC5nJ6gsBUMPgX46F8ctOrtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJuQ
ecFnKcOR2rxkc0YoLWRXbxxWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MzU1NzY2RTUzNTUxMUYxQTkwQjIyMTlDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnOASAwQBnOAcMA0GCSqGSIb3
DQEBCwUAA4IBAQBqnnyk6KJAefqcHWh4QZgOksPNACRmmiTya78F3Fi6BFPPfHmx
KIG98T7lPKh9JuK4mg2z4naczvHF5PuFOpWYIlPUVieT2bkVBNjMfrtCj+IsM3ih
4aOTZp7iKvsirdGQY8K5n6eHUaDTwS1HJnHnBvaZ9plfNmCf2ajcjMpHpeum0Ust
V32L7CStNBr24VPNQunpjGv//1NfP03tKV7WWQzRRQCYVMffDcMBKmHVu7T0rQSL
FS9Le+dMMV79oULbTmbkPpk1zr2V85UhNEWymRa7yJt2nN0WA6fZ8Ef4UPxy+rzA
iGYLfv37wsRPgHWPdda9jbz7Shiwt8KIXwxx
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:23 2026 by rpki-client