Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A6838E6A535011F18685B7FCCE1D38B0.roa
File: A6838E6A535011F18685B7FCCE1D38B0.roa (raw, json)
Hash identifier: CID0e+uK8slUaaIpqC4bd2vapXKO7VMRzQ+dyvW4bzU=
Subject key identifier: DD:2B:6B:CA:61:72:09:32:56:69:41:F2:CB:A5:A7:65:E6:08:7C:D2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B59A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A6838E6A535011F18685B7FCCE1D38B0.roa
Signing time: Tue 19 May 2026 07:02:08 +0000
ROA not before: Tue 19 May 2026 07:02:04 +0000
ROA not after: Wed 19 Aug 2026 07:02:04 +0000
asID: 152849
IP address blocks: 156.235.96.0/21 maxlen: 24
156.235.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112026 (0x1b59a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 19 07:02:04 2026 GMT
Not After : Aug 19 07:02:04 2026 GMT
Subject: CN=6a0c0af0-2bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8b:41:94:e8:c5:c7:c7:e5:7f:eb:dd:10:23:
f4:15:00:41:e3:3c:06:83:7c:2a:fd:02:ef:24:9f:
ee:ea:ba:b9:bc:96:4c:6b:c2:43:8d:3d:88:29:59:
dd:6b:e4:61:58:43:ab:b1:e2:1c:38:f3:3e:55:fb:
ca:5d:9b:e7:06:02:02:1a:e9:a0:1f:6d:b1:4b:c4:
87:d8:66:c6:59:8e:16:6c:ec:63:89:37:ce:1e:8e:
b4:ab:9d:44:28:19:a1:45:d6:d0:26:aa:68:51:29:
4c:9c:ad:4c:3b:e1:56:da:f0:78:0c:46:8c:54:17:
a7:e9:19:ee:b3:ff:d0:aa:73:39:73:6b:71:d0:0a:
7a:87:f3:86:fe:fb:45:36:c8:df:b8:7a:7a:17:50:
09:90:f0:12:4c:ce:21:a4:46:b3:48:9f:6c:5d:3b:
5f:bf:e2:e7:f7:9e:c4:ad:c1:10:9c:82:f5:96:cd:
21:f2:6c:67:64:76:44:27:c9:9f:d6:8b:45:c3:6d:
c8:27:24:b5:92:01:8d:0c:f8:4a:35:a1:65:cf:09:
b4:98:6b:09:d5:b0:c4:e3:a0:b8:f0:e1:d6:ef:f4:
95:14:bd:ba:79:4a:cc:cc:5e:fe:85:9a:b1:de:fc:
05:9a:0e:df:93:62:33:b6:36:09:55:77:cf:40:d7:
2e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2B:6B:CA:61:72:09:32:56:69:41:F2:CB:A5:A7:65:E6:08:7C:D2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A6838E6A535011F18685B7FCCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.96.0/20
Signature Algorithm: sha256WithRSAEncryption
21:dc:5b:cf:e3:a4:b5:ca:f1:b1:cf:7d:27:cb:47:0b:2d:f8:
69:52:3b:1b:2e:d3:e1:11:c1:5a:bc:e6:a5:01:67:07:58:55:
03:19:41:4b:a1:2d:93:73:4a:1d:e6:13:2a:ce:62:c3:79:bd:
6c:e0:16:a6:b0:b7:ae:33:20:86:e0:f0:be:47:ca:06:b4:da:
f9:1e:51:7c:0f:9c:f1:86:05:22:e6:88:9a:1e:90:3e:a4:62:
32:7b:13:e5:0c:bb:40:3f:bf:4d:f9:07:ae:2e:5b:37:76:3b:
ad:57:06:8e:86:1c:f0:bd:67:10:9c:fa:1b:76:b7:4c:04:94:
99:35:19:7b:e6:2d:b6:81:4a:b7:12:55:c8:21:fd:96:9e:a7:
66:d7:af:c7:07:7a:41:b5:09:f9:cd:20:b7:82:ab:d3:50:c2:
dc:15:7c:e1:79:b2:e9:17:aa:30:55:d3:64:27:96:78:01:39:
c8:ce:a8:37:d8:f0:cf:5b:f6:a3:dd:86:d6:10:fa:0d:a3:41:
8b:a9:55:57:57:b9:70:52:32:9a:c9:11:29:9e:37:24:d3:a0:
75:6f:5e:85:d7:ba:aa:cf:e7:7e:e2:90:82:f6:83:ef:b9:09:
65:1d:5b:b8:9a:bd:f0:0a:7c:3e:7a:0a:ad:3c:37:87:c6:58:
19:77:96:bd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbWaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTE5MDcwMjA0WhcNMjYwODE5MDcwMjA0WjAYMRYw
FAYDVQQDEw02YTBjMGFmMC0yYmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqotBlOjFx8flf+vdECP0FQBB4zwGg3wq/QLvJJ/u6rq5vJZMa8JDjT2I
KVnda+RhWEOrseIcOPM+VfvKXZvnBgICGumgH22xS8SH2GbGWY4WbOxjiTfOHo60
q51EKBmhRdbQJqpoUSlMnK1MO+FW2vB4DEaMVBen6Rnus//QqnM5c2tx0Ap6h/OG
/vtFNsjfuHp6F1AJkPASTM4hpEazSJ9sXTtfv+Ln957ErcEQnIL1ls0h8mxnZHZE
J8mf1otFw23IJyS1kgGNDPhKNaFlzwm0mGsJ1bDE46C48OHW7/SVFL26eUrMzF7+
hZqx3vwFmg7fk2IztjYJVXfPQNcuZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN0r
a8phcgkyVmlB8sulp2XmCHzSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNjgzOEU2QTUzNTAxMUYxODY4NUI3RkNDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOtgMA0GCSqGSIb3DQEBCwUA
A4IBAQAh3FvP46S1yvGxz30ny0cLLfhpUjsbLtPhEcFavOalAWcHWFUDGUFLoS2T
c0od5hMqzmLDeb1s4BamsLeuMyCG4PC+R8oGtNr5HlF8D5zxhgUi5oiaHpA+pGIy
exPlDLtAP79N+QeuLls3djutVwaOhhzwvWcQnPobdrdMBJSZNRl75i22gUq3ElXI
If2Wnqdm16/HB3pBtQn5zSC3gqvTUMLcFXzhebLpF6owVdNkJ5Z4ATnIzqg32PDP
W/aj3YbWEPoNo0GLqVVXV7lwUjKayREpnjck06B1b16F17qqz+d+4pCC9oPvuQll
HVu4mr3wCnw+egqtPDeHxlgZd5a9
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:26 2026 by rpki-client