Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7CFAA0CC4A0611F1865AC501CF1D38B0.roa
File: 7CFAA0CC4A0611F1865AC501CF1D38B0.roa (raw, json)
Hash identifier: pSiwWtSt2jsJQrU/X+D+7An+d8U1YnDPcWGlJ9Cp538=
Subject key identifier: EA:67:EC:CA:60:E7:5B:48:E1:B0:8F:18:5B:7F:1F:BF:B4:94:BB:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B240
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7CFAA0CC4A0611F1865AC501CF1D38B0.roa
Signing time: Thu 07 May 2026 11:18:35 +0000
ROA not before: Thu 07 May 2026 11:18:31 +0000
ROA not after: Fri 22 May 2026 11:18:31 +0000
asID: 395886
IP address blocks: 156.233.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111168 (0x1b240)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 7 11:18:31 2026 GMT
Not After : May 22 11:18:31 2026 GMT
Subject: CN=69fc750b-02ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c8:45:cd:4d:1b:ea:55:46:bf:ec:88:2b:9a:
2a:9f:f7:3d:8b:fa:bd:72:8d:bc:21:4f:c3:78:d6:
62:a5:cc:cc:80:d3:0c:d3:8f:56:62:93:66:4f:f2:
37:a9:03:c9:09:bc:68:9e:3a:18:74:4e:02:a5:c0:
5f:a1:56:af:7b:26:b4:cc:05:22:da:af:36:18:66:
80:4c:d7:57:95:d8:37:41:fb:8d:6f:95:4c:dc:cb:
e0:2c:ad:3d:42:5d:50:06:0d:cf:47:f7:73:c4:40:
db:35:fb:c6:46:e6:89:df:a7:c4:78:67:1c:34:88:
3c:7c:96:0f:19:47:fc:a7:f9:8e:60:82:26:a9:ff:
9d:d7:ad:c9:c4:02:a0:3d:e8:e0:0d:3c:2a:93:11:
c5:be:d8:15:6f:84:3c:5d:be:59:36:95:04:9c:78:
0e:41:0c:3e:2e:89:11:bc:dc:ef:04:44:3b:24:06:
8e:61:17:e7:7b:90:51:5d:a7:50:31:8d:61:ce:65:
6a:ba:24:9a:f0:26:ab:c1:a7:a7:38:dc:a3:8b:72:
52:89:65:4a:90:71:11:13:e4:39:d0:b4:c9:a1:45:
ae:90:a7:72:4b:61:6b:8e:f5:74:ad:1c:64:e6:8a:
d7:10:b9:b6:c3:d6:2e:ef:5f:e1:1f:19:96:ba:37:
68:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:67:EC:CA:60:E7:5B:48:E1:B0:8F:18:5B:7F:1F:BF:B4:94:BB:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7CFAA0CC4A0611F1865AC501CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.224.0/20
Signature Algorithm: sha256WithRSAEncryption
1b:62:72:ad:9b:48:c3:72:16:42:9b:f1:04:7f:51:dc:4e:30:
98:4f:e4:50:07:6c:8a:5e:4e:3c:c1:8d:b6:6d:55:27:2f:f0:
c0:32:cd:a5:2f:c0:84:83:9c:59:18:06:00:43:f8:50:78:ed:
ab:63:b0:e4:fd:1b:24:7f:98:03:46:85:b6:ea:19:26:5f:67:
be:70:d1:45:22:62:12:75:b1:98:aa:56:d8:fe:b0:7d:4b:b3:
f6:7f:c5:d4:43:f1:c4:b6:8c:9d:cb:09:ad:5a:56:87:12:56:
93:56:25:9d:0e:0b:82:bc:f0:94:8b:c6:37:6b:85:d5:b8:a5:
e3:73:b9:c2:15:2c:54:d9:f4:4a:3c:4e:87:89:69:75:d0:c6:
53:eb:4c:83:48:e5:47:fd:b8:6a:0a:cf:c9:b3:db:12:45:b3:
d2:c2:68:e2:62:e2:ef:c8:6d:a7:7e:a2:ad:6e:6f:67:e3:e0:
9d:65:68:ad:b4:1b:6e:bc:3a:90:6e:65:af:b2:49:cd:1f:af:
35:2f:7d:a6:c5:fe:f1:f3:6e:4c:5f:af:79:31:88:b1:0b:ac:
88:f7:3d:9d:01:7f:d8:d9:e1:1c:ca:fd:b4:ae:37:06:15:03:
f2:c7:ac:4e:39:1c:3a:92:cd:94:34:ab:b0:05:d6:fd:37:54:
bf:58:fa:56
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbJAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTA3MTExODMxWhcNMjYwNTIyMTExODMxWjAYMRYw
FAYDVQQDEw02OWZjNzUwYi0wMmFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxshFzU0b6lVGv+yIK5oqn/c9i/q9co28IU/DeNZipczMgNMM049WYpNm
T/I3qQPJCbxonjoYdE4CpcBfoVaveya0zAUi2q82GGaATNdXldg3QfuNb5VM3Mvg
LK09Ql1QBg3PR/dzxEDbNfvGRuaJ36fEeGccNIg8fJYPGUf8p/mOYIImqf+d163J
xAKgPejgDTwqkxHFvtgVb4Q8Xb5ZNpUEnHgOQQw+LokRvNzvBEQ7JAaOYRfne5BR
XadQMY1hzmVquiSa8CarwaenONyji3JSiWVKkHERE+Q50LTJoUWukKdyS2FrjvV0
rRxk5orXELm2w9Yu71/hHxmWujdo2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOpn
7Mpg51tI4bCPGFt/H7+0lLsiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83Q0ZBQTBDQzRBMDYxMUYxODY1QUM1MDFDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOngMA0GCSqGSIb3DQEBCwUA
A4IBAQAbYnKtm0jDchZCm/EEf1HcTjCYT+RQB2yKXk48wY22bVUnL/DAMs2lL8CE
g5xZGAYAQ/hQeO2rY7Dk/Rskf5gDRoW26hkmX2e+cNFFImISdbGYqlbY/rB9S7P2
f8XUQ/HEtoydywmtWlaHElaTViWdDguCvPCUi8Y3a4XVuKXjc7nCFSxU2fRKPE6H
iWl10MZT60yDSOVH/bhqCs/Js9sSRbPSwmjiYuLvyG2nfqKtbm9n4+CdZWittBtu
vDqQbmWvsknNH681L32mxf7x825MX695MYixC6yI9z2dAX/Y2eEcyv20rjcGFQPy
x6xOORw6ks2UNKuwBdb9N1S/WPpW
-----END CERTIFICATE-----
Generated at Sat May 9 12:31:46 2026 by rpki-client