Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/786EC3D41F9611F193C5267BDAE4EC9C.roa
File: 786EC3D41F9611F193C5267BDAE4EC9C.roa (raw, json)
Hash identifier: MCSdCF+w0JORiNpiNRl+LdUUopHvBa+SuRErnfbxVFA=
Subject key identifier: 66:30:5F:AF:28:56:40:F9:D2:8D:C0:EB:5C:7B:FF:15:8C:38:B8:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A51A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/786EC3D41F9611F193C5267BDAE4EC9C.roa
Signing time: Sat 14 Mar 2026 11:10:56 +0000
ROA not before: Sat 14 Mar 2026 11:10:46 +0000
ROA not after: Sun 31 May 2026 11:10:46 +0000
asID: 399077
IP address blocks: 156.240.221.0/24 maxlen: 24
156.240.222.0/24 maxlen: 24
156.240.223.0/24 maxlen: 24
156.240.224.0/24 maxlen: 24
156.240.225.0/24 maxlen: 24
156.240.226.0/24 maxlen: 24
156.240.227.0/24 maxlen: 24
156.240.228.0/24 maxlen: 24
156.240.229.0/24 maxlen: 24
156.240.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 23 Mar 2026 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107802 (0x1a51a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 14 11:10:46 2026 GMT
Not After : May 31 11:10:46 2026 GMT
Subject: CN=69b5423f-f764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ec:eb:53:55:b0:fe:f9:81:7a:95:0b:d6:0c:
09:7c:8a:70:d0:5d:21:d5:75:23:f8:3e:28:9d:80:
27:d5:f2:68:e0:a5:a7:25:8b:a4:fa:eb:39:c7:dd:
fb:04:41:22:e5:1e:9b:27:d8:9d:77:c7:1c:12:15:
62:08:8f:ce:e5:79:ba:2f:b7:8c:75:ab:3b:5c:df:
62:be:94:7d:4a:50:f8:b4:77:94:ba:c9:05:5c:50:
4c:9e:bd:bf:64:2e:a5:d8:be:e2:42:51:ca:50:5f:
73:2a:4d:31:9a:13:35:57:4d:16:f9:ae:49:54:cc:
eb:9c:c1:92:b3:70:cd:d4:c8:26:26:44:aa:7a:b4:
8e:06:95:4f:d5:f8:af:4c:63:51:49:dd:d5:f4:ca:
26:5a:38:cf:f6:63:2e:17:db:82:9c:df:1b:a3:51:
cd:67:4d:78:1c:ad:50:5f:09:68:ce:d4:8a:de:81:
fc:8b:4e:39:cb:95:85:c8:4e:84:e7:0a:c5:52:fd:
95:28:15:ef:9e:1d:b7:e6:94:7a:88:60:70:56:a7:
a8:dd:4b:12:20:c8:b6:f9:af:91:da:38:5b:11:e1:
85:a4:64:eb:cb:f0:15:19:94:fa:21:7e:70:85:24:
48:b5:d0:39:e9:bc:a8:54:2f:02:3d:6f:fb:6e:7f:
e7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:30:5F:AF:28:56:40:F9:D2:8D:C0:EB:5C:7B:FF:15:8C:38:B8:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/786EC3D41F9611F193C5267BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.221.0-156.240.230.255
Signature Algorithm: sha256WithRSAEncryption
95:aa:91:64:9d:12:d3:88:ca:c7:4d:1f:9a:60:e0:66:f6:a9:
47:ce:5c:0b:6d:2d:1a:77:8b:a2:7a:c1:d1:54:66:06:cb:e6:
ec:ba:87:ed:31:df:02:3d:aa:84:8e:a6:55:bb:c4:2b:93:83:
8d:c5:27:c6:2a:c2:d9:1f:00:3a:ab:36:37:17:49:66:a2:ac:
11:6b:6e:42:d1:4e:40:79:b2:d3:9a:8f:93:d8:ca:af:12:a9:
1b:0c:bb:2c:b9:c9:12:7e:b5:7c:05:00:96:70:82:3c:b7:bd:
ce:ab:7f:53:67:dd:e5:fe:3b:fd:cd:78:38:08:bb:e1:da:f1:
03:57:aa:7a:df:ae:04:0e:cd:df:f1:7b:73:6b:5b:26:44:0f:
5d:85:ba:57:33:90:c6:5e:68:39:e1:c0:56:2b:88:cf:66:b8:
a1:cd:90:e0:c2:2b:ca:07:dd:c3:ca:ef:c3:29:2c:6b:4a:60:
78:89:0b:4c:7d:64:64:37:73:cd:ee:79:06:f6:f6:21:44:f6:
0e:fb:a1:11:f5:5c:55:cf:36:5c:80:f1:47:43:1e:fd:0f:ee:
b7:e3:a8:32:7b:1f:be:15:a1:8d:66:b5:7d:43:12:c5:60:65:
6f:bf:0d:34:70:9e:b7:28:5f:72:38:22:4b:88:91:de:5c:51:
08:5a:3f:f2
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAaUaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzE0MTExMDQ2WhcNMjYwNTMxMTExMDQ2WjAYMRYw
FAYDVQQDEw02OWI1NDIzZi1mNzY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2OzrU1Ww/vmBepUL1gwJfIpw0F0h1XUj+D4onYAn1fJo4KWnJYuk+us5
x937BEEi5R6bJ9idd8ccEhViCI/O5Xm6L7eMdas7XN9ivpR9SlD4tHeUuskFXFBM
nr2/ZC6l2L7iQlHKUF9zKk0xmhM1V00W+a5JVMzrnMGSs3DN1MgmJkSqerSOBpVP
1fivTGNRSd3V9MomWjjP9mMuF9uCnN8bo1HNZ014HK1QXwloztSK3oH8i045y5WF
yE6E5wrFUv2VKBXvnh235pR6iGBwVqeo3UsSIMi2+a+R2jhbEeGFpGTry/AVGZT6
IX5whSRItdA56byoVC8CPW/7bn/nowIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGYw
X68oVkD50o3A61x7/xWMOLiLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83ODZFQzNENDFGOTYxMUYxOTNDNTI2N0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc8N0DBACc8OYwDQYJKoZI
hvcNAQELBQADggEBAJWqkWSdEtOIysdNH5pg4Gb2qUfOXAttLRp3i6J6wdFUZgbL
5uy6h+0x3wI9qoSOplW7xCuTg43FJ8YqwtkfADqrNjcXSWairBFrbkLRTkB5stOa
j5PYyq8SqRsMuyy5yRJ+tXwFAJZwgjy3vc6rf1Nn3eX+O/3NeDgIu+Ha8QNXqnrf
rgQOzd/xe3NrWyZED12FulczkMZeaDnhwFYriM9muKHNkODCK8oH3cPK78MpLGtK
YHiJC0x9ZGQ3c83ueQb29iFE9g77oRH1XFXPNlyA8UdDHv0P7rfjqDJ7H74VoY1m
tX1DEsVgZW+/DTRwnrcoX3I4IkuIkd5cUQhaP/I=
-----END CERTIFICATE-----
Generated at Sat Mar 21 21:28:14 2026 by rpki-client