Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7996E15656C811F1BD4DBE1ECF1D38B0.roa
File: 7996E15656C811F1BD4DBE1ECF1D38B0.roa (raw, json)
Hash identifier: Y6OBJkuOZcf8fzUz6/CSoi/DuI/d4KiPO6UYLG+4vgI=
Subject key identifier: BE:F6:B5:8A:A7:B1:58:B2:47:9B:88:FC:A3:2A:0E:6C:79:C5:C5:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B89F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7996E15656C811F1BD4DBE1ECF1D38B0.roa
Signing time: Sat 23 May 2026 16:57:26 +0000
ROA not before: Sat 23 May 2026 16:57:22 +0000
ROA not after: Sat 27 Jun 2026 16:57:22 +0000
asID: 213690
IP address blocks: 156.235.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 May 2026 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112799 (0x1b89f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 16:57:22 2026 GMT
Not After : Jun 27 16:57:22 2026 GMT
Subject: CN=6a11dc76-d6a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8e:70:ae:73:52:3b:13:fe:b4:e8:7c:84:a2:
35:dd:84:d5:50:6a:a0:0a:a0:4b:9b:4c:cc:35:03:
5d:11:b8:bc:d9:64:f6:37:3d:7e:e0:3a:52:c5:f0:
1c:8a:db:56:5d:0a:bb:ce:80:c6:90:28:79:87:4d:
4c:e5:37:ed:6d:f5:d5:f5:29:37:92:21:a8:68:d7:
a4:e9:1a:f5:8e:5f:21:f4:fe:be:b4:0d:e8:a1:4a:
95:42:be:b9:8a:b2:ba:ee:d2:fd:f0:9a:c3:32:72:
86:1a:b4:36:98:61:38:de:34:b3:20:8c:09:15:63:
7d:6e:7b:4e:26:29:08:bc:f6:ef:75:ab:be:3a:26:
e5:7f:3d:3d:79:76:df:98:82:5c:65:e7:ad:eb:49:
83:12:73:27:39:ab:96:55:0e:ad:52:61:b0:4f:94:
b5:8f:cc:f1:24:5a:6a:cb:be:75:0c:d6:ad:af:6a:
fb:bf:cf:6e:9a:86:05:81:4b:73:4a:93:3a:ef:d9:
92:cb:78:1d:5f:14:4c:fc:91:cd:d1:da:fd:89:88:
1a:1d:f4:83:ad:84:4f:0e:29:c3:10:eb:dc:0c:ca:
6a:11:93:e2:cb:44:19:a8:88:93:15:85:70:99:68:
68:88:33:0b:2c:db:7f:c0:65:99:d3:b4:b4:90:d1:
1e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F6:B5:8A:A7:B1:58:B2:47:9B:88:FC:A3:2A:0E:6C:79:C5:C5:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7996E15656C811F1BD4DBE1ECF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.16.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:17:34:48:65:49:8c:42:29:7e:3f:65:af:58:74:fc:4b:b5:
2b:cc:31:79:c7:0d:b5:66:44:10:19:48:33:26:25:02:9d:0c:
aa:cf:8d:50:fd:1a:ce:f7:00:de:1f:ff:96:c9:28:58:9e:23:
8d:10:b5:a9:25:26:14:d9:74:91:7d:7d:2a:a9:1e:27:b2:43:
76:34:a1:6b:3e:9c:5d:02:d9:4a:07:47:9f:82:1b:8e:1a:f3:
d6:e2:3f:ca:d4:f9:c8:0c:5c:06:b0:7c:ea:60:d5:59:cf:ee:
f9:39:9b:21:b7:e2:b1:d1:fe:73:85:a2:23:48:67:3b:18:7e:
12:0c:39:e1:ae:72:38:2c:c3:2f:b0:5d:47:38:84:d6:be:ad:
37:e0:3d:48:ef:9e:06:5b:3f:9e:34:7b:8a:5f:d0:0d:a8:18:
ea:82:92:da:7d:b0:60:4a:ff:0c:a9:84:c7:54:ed:c2:94:0b:
f6:09:0a:a0:2f:d2:de:e5:a4:56:56:fc:19:09:4f:ed:2b:7d:
74:66:bd:82:21:fb:e1:7e:9d:59:72:8e:64:da:2e:a9:f7:e0:
13:a4:d2:71:06:13:1a:16:6f:cd:cf:6b:82:8c:44:cf:1b:33:
ec:83:ec:64:76:df:e9:c5:dd:d1:ff:9c:2d:2d:cc:36:be:ea:
2a:f3:f9:99
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbifMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTIzMTY1NzIyWhcNMjYwNjI3MTY1NzIyWjAYMRYw
FAYDVQQDEw02YTExZGM3Ni1kNmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxo5wrnNSOxP+tOh8hKI13YTVUGqgCqBLm0zMNQNdEbi82WT2Nz1+4DpS
xfAcittWXQq7zoDGkCh5h01M5TftbfXV9Sk3kiGoaNek6Rr1jl8h9P6+tA3ooUqV
Qr65irK67tL98JrDMnKGGrQ2mGE43jSzIIwJFWN9bntOJikIvPbvdau+Oiblfz09
eXbfmIJcZeet60mDEnMnOauWVQ6tUmGwT5S1j8zxJFpqy751DNatr2r7v89umoYF
gUtzSpM679mSy3gdXxRM/JHN0dr9iYgaHfSDrYRPDinDEOvcDMpqEZPiy0QZqIiT
FYVwmWhoiDMLLNt/wGWZ07S0kNEegwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL72
tYqnsViyR5uI/KMqDmx5xcVOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OTk2RTE1NjU2QzgxMUYxQkQ0REJFMUVDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOsQMA0GCSqGSIb3DQEBCwUA
A4IBAQCxFzRIZUmMQil+P2WvWHT8S7UrzDF5xw21ZkQQGUgzJiUCnQyqz41Q/RrO
9wDeH/+WyShYniONELWpJSYU2XSRfX0qqR4nskN2NKFrPpxdAtlKB0efghuOGvPW
4j/K1PnIDFwGsHzqYNVZz+75OZsht+Kx0f5zhaIjSGc7GH4SDDnhrnI4LMMvsF1H
OITWvq034D1I754GWz+eNHuKX9ANqBjqgpLafbBgSv8MqYTHVO3ClAv2CQqgL9Le
5aRWVvwZCU/tK310Zr2CIfvhfp1Zco5k2i6p9+ATpNJxBhMaFm/Nz2uCjETPGzPs
g+xkdt/pxd3R/5wtLcw2vuoq8/mZ
-----END CERTIFICATE-----
Generated at Sun May 24 13:09:20 2026 by rpki-client