Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85410716562311F1838F6FAECE1D38B0.roa
File: 85410716562311F1838F6FAECE1D38B0.roa (raw, json)
Hash identifier: IhYcuFKxvFMRVPiqJI8Md52AggGvEPOfdmgw4SuP9r0=
Subject key identifier: 08:75:7E:08:B1:16:D4:F2:B7:17:33:E1:5D:EC:E9:71:CB:DA:93:5C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B84A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85410716562311F1838F6FAECE1D38B0.roa
Signing time: Fri 22 May 2026 21:16:39 +0000
ROA not before: Fri 22 May 2026 21:16:34 +0000
ROA not after: Tue 22 May 2029 21:16:34 +0000
asID: 17561
IP address blocks: 156.238.20.0/24 maxlen: 24
156.238.21.0/24 maxlen: 24
156.238.22.0/24 maxlen: 24
156.238.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112714 (0x1b84a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 22 21:16:34 2026 GMT
Not After : May 22 21:16:34 2029 GMT
Subject: CN=6a10c7b7-1605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5b:74:37:98:ce:6f:5a:e1:a9:84:ef:d1:e5:
a7:ef:b4:e5:da:c7:9e:db:63:1a:b7:7e:08:36:ee:
fb:69:d8:7e:89:44:21:7a:5d:01:29:d5:37:da:45:
65:13:c6:a0:46:84:68:9f:4b:f3:78:cd:56:8d:69:
d9:70:9f:df:3a:3e:7e:bd:fd:dc:a8:c8:90:30:56:
72:27:b2:e9:1c:90:d6:91:30:5b:c3:aa:80:3f:ee:
8e:b3:dc:33:e9:8e:bf:ad:95:e0:a1:c0:4e:07:34:
d3:6f:b5:62:f7:c0:39:9e:ba:38:bb:cc:ac:1a:7c:
6a:30:d6:d2:bd:37:d9:ca:93:29:d3:29:36:10:ce:
c7:08:d1:43:f4:86:98:95:d4:1d:fd:29:74:1e:b5:
8b:3a:85:99:0b:3d:fb:33:41:4b:3f:24:61:6d:82:
a3:1f:39:87:29:58:48:0a:6b:85:1f:89:04:5a:b1:
35:42:87:43:e4:a4:2a:7f:03:c7:ed:bf:9a:66:fc:
12:e1:e7:dd:02:9d:86:85:81:6e:f5:00:73:ec:de:
3e:3f:60:7c:39:3d:66:90:86:d8:50:c3:b1:f8:b6:
35:52:85:ae:d1:b5:97:f3:04:a7:65:b4:a5:9e:81:
69:fe:b3:69:ae:65:28:47:3c:cf:79:65:4e:db:e1:
ff:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:75:7E:08:B1:16:D4:F2:B7:17:33:E1:5D:EC:E9:71:CB:DA:93:5C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85410716562311F1838F6FAECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.20.0/22
Signature Algorithm: sha256WithRSAEncryption
01:d5:d1:9d:f3:72:83:fb:e3:86:20:b6:2b:e7:1b:f3:37:88:
1a:91:7d:84:93:d1:38:d6:4d:65:45:02:d1:eb:e7:1b:1a:9f:
4c:de:17:51:d7:ef:aa:98:18:2c:e2:70:06:9f:18:8e:46:73:
13:60:da:c1:38:ae:be:61:f4:33:53:19:8f:49:49:4d:dc:44:
1a:07:d4:a1:a5:64:44:ea:7a:df:a8:77:34:b3:eb:49:1f:d3:
9f:dc:41:62:89:a9:d7:f1:be:6c:f2:80:74:f2:9b:07:aa:33:
33:17:12:c9:c8:50:8c:52:e1:27:58:70:82:01:40:e0:e3:07:
a0:e5:6f:f0:2c:c8:73:22:fa:04:ef:40:01:aa:6b:a3:aa:a0:
70:38:4d:57:fd:5c:f4:30:64:08:a3:93:21:f6:df:16:6d:42:
38:e8:aa:77:3d:ac:db:29:df:c6:3d:47:39:15:1b:5b:94:38:
37:f7:23:a9:50:46:08:6e:76:cf:c1:d4:82:ca:0e:4a:0f:62:
07:15:d4:75:60:3c:31:ba:5e:95:3e:2f:bd:f2:cb:dd:81:86:
50:c0:71:aa:ef:48:82:91:f7:94:7a:16:f4:0d:a8:bf:45:bf:
32:6a:62:90:8b:57:8a:dd:33:9e:81:d8:4d:d6:57:55:a1:21:
88:fe:bd:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbhKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTIyMjExNjM0WhcNMjkwNTIyMjExNjM0WjAYMRYw
FAYDVQQDEw02YTEwYzdiNy0xNjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqVt0N5jOb1rhqYTv0eWn77Tl2see22Mat34INu77adh+iUQhel0BKdU3
2kVlE8agRoRon0vzeM1WjWnZcJ/fOj5+vf3cqMiQMFZyJ7LpHJDWkTBbw6qAP+6O
s9wz6Y6/rZXgocBOBzTTb7Vi98A5nro4u8ysGnxqMNbSvTfZypMp0yk2EM7HCNFD
9IaYldQd/Sl0HrWLOoWZCz37M0FLPyRhbYKjHzmHKVhICmuFH4kEWrE1QodD5KQq
fwPH7b+aZvwS4efdAp2GhYFu9QBz7N4+P2B8OT1mkIbYUMOx+LY1UoWu0bWX8wSn
ZbSlnoFp/rNprmUoRzzPeWVO2+H/rwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAh1
fgixFtTytxcz4V3s6XHL2pNcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NTQxMDcxNjU2MjMxMUYxODM4RjZGQUVDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnO4UMA0GCSqGSIb3DQEBCwUA
A4IBAQAB1dGd83KD++OGILYr5xvzN4gakX2Ek9E41k1lRQLR6+cbGp9M3hdR1++q
mBgs4nAGnxiORnMTYNrBOK6+YfQzUxmPSUlN3EQaB9ShpWRE6nrfqHc0s+tJH9Of
3EFiianX8b5s8oB08psHqjMzFxLJyFCMUuEnWHCCAUDg4weg5W/wLMhzIvoE70AB
qmujqqBwOE1X/Vz0MGQIo5Mh9t8WbUI46Kp3PazbKd/GPUc5FRtblDg39yOpUEYI
bnbPwdSCyg5KD2IHFdR1YDwxul6VPi+98svdgYZQwHGq70iCkfeUehb0Dai/Rb8y
amKQi1eK3TOegdhN1ldVoSGI/r3d
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:17 2026 by rpki-client