Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/663A1C02551211F194F697B2CE1D38B0.roa
File: 663A1C02551211F194F697B2CE1D38B0.roa (raw, json)
Hash identifier: tbAUQlTOqy7O7CyX0ehTPrr0WGR7BdDDvM/P9YxCCDM=
Subject key identifier: 1A:0B:AF:84:66:3A:3E:B4:43:FB:AA:EA:CA:51:2F:DB:DD:67:C8:C7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B701
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/663A1C02551211F194F697B2CE1D38B0.roa
Signing time: Thu 21 May 2026 12:41:34 +0000
ROA not before: Thu 21 May 2026 12:41:30 +0000
ROA not after: Wed 19 Aug 2026 12:41:30 +0000
asID: 152849
IP address blocks: 156.235.96.0/21 maxlen: 24
156.235.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112385 (0x1b701)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 21 12:41:30 2026 GMT
Not After : Aug 19 12:41:30 2026 GMT
Subject: CN=6a0efd7e-fe0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2c:da:ab:73:df:62:b2:d9:0d:d8:17:e7:13:
6c:c4:78:66:ac:c5:49:79:50:a6:ba:1a:f9:54:63:
fd:be:45:c5:fc:1c:f2:25:63:ce:85:d2:cc:aa:79:
9c:dc:58:7c:3a:22:5f:5f:40:33:87:35:24:09:05:
fb:17:76:a8:e3:a5:b4:f1:b8:78:31:3e:50:2f:b1:
76:89:ff:70:6b:82:c4:75:cb:11:2b:0e:81:a3:88:
79:d8:06:cb:34:33:da:5e:c3:70:20:73:e2:11:24:
f3:92:51:3e:74:c5:2b:28:a9:8b:08:e7:81:ad:e9:
37:62:ed:10:85:75:63:af:41:bf:79:63:13:07:e8:
e3:75:1f:11:ef:a8:84:ce:ac:e6:9f:4a:6d:de:0c:
24:90:e3:68:cc:ef:69:3e:22:99:48:2d:cc:0b:73:
52:cf:e2:5c:bc:33:74:13:1b:25:f9:93:a7:6e:5b:
ce:65:98:68:62:d6:b8:fe:e4:a6:e7:47:36:9d:74:
ff:39:ac:41:6a:09:d7:d8:8d:00:91:94:55:54:70:
e9:1a:ee:10:9d:6b:7d:dd:7c:20:10:6f:79:48:a9:
b2:b9:38:05:4d:dd:95:94:98:dd:0e:07:f5:ce:24:
90:78:17:d5:c5:18:72:32:69:ee:97:8f:fa:25:02:
0b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:0B:AF:84:66:3A:3E:B4:43:FB:AA:EA:CA:51:2F:DB:DD:67:C8:C7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/663A1C02551211F194F697B2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.96.0/20
Signature Algorithm: sha256WithRSAEncryption
ae:08:b8:cc:b4:3e:c1:48:b7:91:d4:ae:20:fc:a4:9d:7e:f9:
cf:92:35:54:54:c7:04:f8:c4:04:f6:00:c0:cb:d0:ac:29:fa:
fc:1e:9d:49:c4:63:de:e0:b6:89:f0:84:1d:13:63:0e:29:a3:
39:cb:30:37:4f:27:f3:40:dc:f5:41:7f:aa:d3:f8:16:99:83:
77:c5:b2:e2:a4:92:58:13:96:02:6e:5e:d7:43:0a:d9:d4:9e:
19:9d:ea:ba:71:ec:eb:d1:3e:7e:47:b9:68:aa:0d:ac:63:53:
6f:bf:ab:90:3d:6b:64:68:54:4f:84:3b:0f:9c:db:d8:1f:c0:
3e:8e:6b:a5:a7:22:f6:5c:7a:e8:61:d6:6b:d0:40:f2:76:5b:
bc:47:5b:55:f0:b8:6f:57:fc:96:cc:de:93:b7:f9:7f:31:8c:
71:2b:99:3f:47:2e:b4:09:9a:2c:05:03:7c:e1:c2:b1:21:0d:
cc:34:5e:a4:cc:f5:06:44:69:8b:a6:a3:b4:18:9b:6a:f7:31:
d8:9e:e8:72:c8:28:61:b7:ea:e1:9f:db:52:38:c8:f3:0e:b6:
f3:c7:c4:73:35:de:c0:d7:cc:20:2f:fa:f5:8a:cd:b8:de:9d:
57:34:1b:30:fb:9a:ff:b9:92:fd:ff:53:da:5a:17:65:19:5a:
7a:a7:a3:59
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbcBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTIxMTI0MTMwWhcNMjYwODE5MTI0MTMwWjAYMRYw
FAYDVQQDEw02YTBlZmQ3ZS1mZTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuSzaq3PfYrLZDdgX5xNsxHhmrMVJeVCmuhr5VGP9vkXF/BzyJWPOhdLM
qnmc3Fh8OiJfX0AzhzUkCQX7F3ao46W08bh4MT5QL7F2if9wa4LEdcsRKw6Bo4h5
2AbLNDPaXsNwIHPiESTzklE+dMUrKKmLCOeBrek3Yu0QhXVjr0G/eWMTB+jjdR8R
76iEzqzmn0pt3gwkkONozO9pPiKZSC3MC3NSz+JcvDN0Exsl+ZOnblvOZZhoYta4
/uSm50c2nXT/OaxBagnX2I0AkZRVVHDpGu4QnWt93XwgEG95SKmyuTgFTd2VlJjd
Dgf1ziSQeBfVxRhyMmnul4/6JQILUwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBoL
r4RmOj60Q/uq6spRL9vdZ8jHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NjNBMUMwMjU1MTIxMUYxOTRGNjk3QjJDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOtgMA0GCSqGSIb3DQEBCwUA
A4IBAQCuCLjMtD7BSLeR1K4g/KSdfvnPkjVUVMcE+MQE9gDAy9CsKfr8Hp1JxGPe
4LaJ8IQdE2MOKaM5yzA3TyfzQNz1QX+q0/gWmYN3xbLipJJYE5YCbl7XQwrZ1J4Z
neq6cezr0T5+R7loqg2sY1Nvv6uQPWtkaFRPhDsPnNvYH8A+jmulpyL2XHroYdZr
0EDydlu8R1tV8LhvV/yWzN6Tt/l/MYxxK5k/Ry60CZosBQN84cKxIQ3MNF6kzPUG
RGmLpqO0GJtq9zHYnuhyyChht+rhn9tSOMjzDrbzx8RzNd7A18wgL/r1is243p1X
NBsw+5r/uZL9/1PaWhdlGVp6p6NZ
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:07 2026 by rpki-client