Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BA117CA3EDD11F19D4D130DCF1D38B0.roa
File: 8BA117CA3EDD11F19D4D130DCF1D38B0.roa (raw, json)
Hash identifier: KjcevNIYkPnyhzcqfI4rgCBowVzuZtoo7n+g7mN/Bi0=
Subject key identifier: C5:19:46:F0:38:98:B3:ED:C4:74:D3:20:55:F9:96:1A:59:70:E4:61
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AE8B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BA117CA3EDD11F19D4D130DCF1D38B0.roa
Signing time: Thu 23 Apr 2026 06:27:48 +0000
ROA not before: Thu 23 Apr 2026 06:27:43 +0000
ROA not after: Mon 08 Jun 2026 06:27:43 +0000
asID: 32043
IP address blocks: 156.228.48.0/22 maxlen: 24
156.228.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 26 Apr 2026 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110219 (0x1ae8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 23 06:27:43 2026 GMT
Not After : Jun 8 06:27:43 2026 GMT
Subject: CN=69e9bbe4-f8c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0f:49:13:a9:7b:62:d0:c5:82:fc:15:f0:a9:
94:56:ef:54:a9:39:7f:48:52:5b:5d:d1:44:08:87:
88:34:64:20:35:49:fb:5d:de:ae:d5:5f:14:28:83:
12:96:31:06:ca:0f:54:7a:20:f0:61:d4:f4:3e:da:
cf:2e:cd:6d:a5:27:26:05:21:66:24:39:49:72:1a:
d9:ce:ee:87:39:45:41:ab:df:03:08:71:2b:9f:91:
1d:ee:c7:80:2d:bf:16:1c:39:9f:6d:7a:3c:cf:de:
3a:8d:8e:3b:4c:ea:a3:16:0d:2e:4f:28:5f:47:c1:
a6:c2:47:e5:a6:5e:71:be:7f:7b:cc:71:19:a2:00:
19:57:84:28:77:27:ad:3a:b7:0b:ea:2f:0d:7a:f0:
c0:5a:62:29:f3:2a:8d:ac:6a:3e:db:7f:72:8d:5c:
dc:f9:83:94:bb:29:25:53:a3:98:d1:e9:e6:31:68:
6c:09:7c:94:1b:6a:91:49:a4:59:a7:44:9b:ab:9a:
47:7f:de:27:52:cd:e2:f3:39:76:49:2e:82:ed:f5:
c1:1c:12:23:52:60:ad:20:5e:bb:ec:24:2e:04:53:
03:a0:c1:5a:32:52:78:e2:0c:09:6a:9c:fb:72:fe:
67:d5:0c:41:eb:16:d3:9c:b2:98:fe:50:7f:61:e4:
ba:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:19:46:F0:38:98:B3:ED:C4:74:D3:20:55:F9:96:1A:59:70:E4:61
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BA117CA3EDD11F19D4D130DCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.48.0/21
Signature Algorithm: sha256WithRSAEncryption
94:eb:0d:6a:2d:98:1b:d0:b3:c3:d0:66:dc:23:24:de:04:02:
88:d0:f3:82:63:7b:85:bd:7b:a0:62:10:6d:ed:41:35:08:26:
bd:d1:1d:9f:d5:89:96:ef:f4:bd:04:56:eb:d8:26:2d:8f:30:
25:be:12:af:7a:d3:60:4d:cc:7d:fb:0c:50:33:51:91:4b:89:
f9:f7:83:e0:e5:6f:28:84:90:0a:af:20:a3:12:4f:59:8a:03:
88:ad:cd:10:a0:04:ab:ca:9b:5e:cd:96:c1:5b:a5:bb:8a:94:
99:2a:81:bb:e4:b6:65:19:a9:4e:81:d5:da:8a:e8:d0:63:f4:
7c:c6:cc:7a:16:37:82:e5:d1:4a:ef:e2:ed:8e:50:a1:92:63:
ec:7c:4a:75:ae:30:c3:46:e5:4f:f4:fd:55:27:94:20:03:0b:
b7:03:89:ea:c6:41:19:81:d5:db:e5:31:1b:ab:fa:09:0b:eb:
e8:3a:5d:d6:c1:60:fb:5a:50:cb:c7:b2:00:a4:1b:e5:39:45:
d4:75:f6:8b:0a:7b:aa:3c:55:26:77:97:a5:a7:7d:cb:b1:8f:
90:4b:b4:1e:4a:1a:6b:ad:fe:e6:12:32:21:7f:d4:a0:29:79:
ff:79:ad:83:4b:6d:3d:ab:7b:48:f7:1b:91:e8:cc:e3:59:c3:
1c:f3:b1:38
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAa6LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDIzMDYyNzQzWhcNMjYwNjA4MDYyNzQzWjAYMRYw
FAYDVQQDEw02OWU5YmJlNC1mOGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwQ9JE6l7YtDFgvwV8KmUVu9UqTl/SFJbXdFECIeINGQgNUn7Xd6u1V8U
KIMSljEGyg9UeiDwYdT0PtrPLs1tpScmBSFmJDlJchrZzu6HOUVBq98DCHErn5Ed
7seALb8WHDmfbXo8z946jY47TOqjFg0uTyhfR8Gmwkflpl5xvn97zHEZogAZV4Qo
dyetOrcL6i8NevDAWmIp8yqNrGo+239yjVzc+YOUuyklU6OY0enmMWhsCXyUG2qR
SaRZp0Sbq5pHf94nUs3i8zl2SS6C7fXBHBIjUmCtIF677CQuBFMDoMFaMlJ44gwJ
apz7cv5n1QxB6xbTnLKY/lB/YeS6lQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMUZ
RvA4mLPtxHTTIFX5lhpZcORhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QkExMTdDQTNFREQxMUYxOUQ0RDEzMERDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOQwMA0GCSqGSIb3DQEBCwUA
A4IBAQCU6w1qLZgb0LPD0GbcIyTeBAKI0POCY3uFvXugYhBt7UE1CCa90R2f1YmW
7/S9BFbr2CYtjzAlvhKvetNgTcx9+wxQM1GRS4n594Pg5W8ohJAKryCjEk9ZigOI
rc0QoASryptezZbBW6W7ipSZKoG75LZlGalOgdXaiujQY/R8xsx6FjeC5dFK7+Lt
jlChkmPsfEp1rjDDRuVP9P1VJ5QgAwu3A4nqxkEZgdXb5TEbq/oJC+voOl3WwWD7
WlDLx7IApBvlOUXUdfaLCnuqPFUmd5elp33LsY+QS7QeShprrf7mEjIhf9SgKXn/
ea2DS209q3tI9xuR6MzjWcMc87E4
-----END CERTIFICATE-----
Generated at Fri Apr 24 18:36:19 2026 by rpki-client