Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/505842CA590311F1BF1803BACE1D38B0.roa
File: 505842CA590311F1BF1803BACE1D38B0.roa (raw, json)
Hash identifier: xodVnlhE3KS0o18XIheXg4STqybM9dh5BCsRebTTAqc=
Subject key identifier: AB:AB:C0:F0:5F:B2:15:FA:E2:2F:B2:98:B0:2C:60:FB:9D:79:3F:F5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01BA06
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/505842CA590311F1BF1803BACE1D38B0.roa
Signing time: Tue 26 May 2026 13:03:40 +0000
ROA not before: Tue 26 May 2026 13:03:35 +0000
ROA not after: Fri 10 Jul 2026 13:03:35 +0000
asID: 401783
IP address blocks: 156.254.116.0/24 maxlen: 24
156.254.117.0/24 maxlen: 24
156.254.118.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113158 (0x1ba06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 26 13:03:35 2026 GMT
Not After : Jul 10 13:03:35 2026 GMT
Subject: CN=6a159a2b-4279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d8:e5:30:10:8f:99:ae:76:5f:1c:4a:cd:5f:
55:bd:39:e8:70:ed:18:56:61:f0:d0:b1:2a:07:bb:
42:9f:67:3f:7f:9d:21:d0:b2:0e:7f:f9:51:d3:c7:
64:48:c0:c5:21:c1:82:f4:ab:12:7b:67:1e:b0:89:
69:fd:43:7d:0d:11:a2:26:24:3c:0d:04:08:22:2e:
0e:94:bc:ef:30:61:f5:92:45:b4:b4:b0:69:5c:be:
6d:2b:8e:04:04:04:3d:4a:da:a0:3d:04:ba:c1:4e:
94:3c:a1:29:c5:4e:89:47:75:2e:39:80:32:0d:c7:
c4:cc:30:92:ea:93:d7:2e:76:f2:63:75:08:86:7a:
21:8f:ae:bf:8a:42:20:68:d9:52:a9:6b:55:d6:88:
fb:4a:dd:20:0f:72:ec:5f:63:9a:a4:48:b3:05:52:
d9:08:19:b8:68:bb:f3:26:2b:ba:2e:db:29:16:f3:
23:e7:f8:cc:9d:4f:d4:18:97:88:a2:79:aa:be:03:
bf:41:44:6a:f2:4e:4f:59:e9:8e:ba:31:92:f5:94:
29:33:87:a6:4c:c6:be:c2:64:4f:09:c6:cf:4b:d4:
0c:9c:37:7b:dc:e8:b7:97:40:a3:e8:ea:98:13:0b:
04:61:e2:b2:48:44:ec:69:23:c0:f7:b2:d3:6c:fc:
71:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AB:C0:F0:5F:B2:15:FA:E2:2F:B2:98:B0:2C:60:FB:9D:79:3F:F5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/505842CA590311F1BF1803BACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:7e:61:17:25:7f:da:76:81:b1:bb:71:65:3f:5a:2d:6e:61:
38:53:4b:47:16:e1:fa:87:05:ae:f5:9c:6f:7e:8a:e2:be:18:
83:4b:be:a6:20:54:5a:4d:10:64:9c:0f:42:86:80:af:ae:ca:
ba:a5:b6:a1:4c:4f:7d:7b:cd:9f:bb:50:9b:d1:19:e8:c9:12:
60:05:e0:52:57:72:06:97:d2:cf:d0:2b:20:8b:d8:8b:23:cf:
8c:e8:15:dd:11:c3:29:c7:6a:11:20:9a:69:f1:e2:c7:f5:f9:
25:5d:30:8e:92:af:f5:27:e9:12:9a:35:d6:ef:e1:86:ed:f5:
d7:22:f6:cd:ff:d3:e2:ec:0f:c9:f4:16:5f:a0:dc:f3:36:48:
c4:9e:1e:6b:27:bc:51:3f:92:e7:bd:dc:73:84:80:ca:5d:7d:
ed:fa:a8:47:94:4c:63:b8:88:5c:51:cb:36:dc:09:62:5f:af:
81:4d:f5:fa:3f:1e:bc:76:2f:9c:7c:c1:49:ed:71:42:c4:8f:
c2:09:25:28:fc:b9:cc:c2:91:ce:2c:1b:59:0e:ff:0a:3c:0a:
fa:57:e7:6c:9f:fa:18:e8:b5:f3:76:6f:10:3b:2f:01:a7:d2:
22:ae:2a:6c:05:8c:5c:30:ff:ba:b4:9a:09:88:bc:12:25:6d:
69:69:de:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAboGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTI2MTMwMzM1WhcNMjYwNzEwMTMwMzM1WjAYMRYw
FAYDVQQDEw02YTE1OWEyYi00Mjc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvtjlMBCPma52XxxKzV9VvTnocO0YVmHw0LEqB7tCn2c/f50h0LIOf/lR
08dkSMDFIcGC9KsSe2cesIlp/UN9DRGiJiQ8DQQIIi4OlLzvMGH1kkW0tLBpXL5t
K44EBAQ9StqgPQS6wU6UPKEpxU6JR3UuOYAyDcfEzDCS6pPXLnbyY3UIhnohj66/
ikIgaNlSqWtV1oj7St0gD3LsX2OapEizBVLZCBm4aLvzJiu6LtspFvMj5/jMnU/U
GJeIonmqvgO/QURq8k5PWemOujGS9ZQpM4emTMa+wmRPCcbPS9QMnDd73Oi3l0Cj
6OqYEwsEYeKySETsaSPA97LTbPxx1wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKur
wPBfshX64i+ymLAsYPudeT/1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MDU4NDJDQTU5MDMxMUYxQkYxODAzQkFDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnP50MA0GCSqGSIb3DQEBCwUA
A4IBAQCofmEXJX/adoGxu3FlP1otbmE4U0tHFuH6hwWu9ZxvforivhiDS76mIFRa
TRBknA9ChoCvrsq6pbahTE99e82fu1Cb0RnoyRJgBeBSV3IGl9LP0Csgi9iLI8+M
6BXdEcMpx2oRIJpp8eLH9fklXTCOkq/1J+kSmjXW7+GG7fXXIvbN/9Pi7A/J9BZf
oNzzNkjEnh5rJ7xRP5LnvdxzhIDKXX3t+qhHlExjuIhcUcs23AliX6+BTfX6Px68
di+cfMFJ7XFCxI/CCSUo/LnMwpHOLBtZDv8KPAr6V+dsn/oY6LXzdm8QOy8Bp9Ii
ripsBYxcMP+6tJoJiLwSJW1pad6L
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:25 2026 by rpki-client