Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A74D84A8568A11F196873BB3CE1D38B0.roa
File: A74D84A8568A11F196873BB3CE1D38B0.roa (raw, json)
Hash identifier: VTaAp8d/hGgOSgejH/p+ygMuGx6K5yaeM0McgAvzMiw=
Subject key identifier: 56:CE:FF:45:75:CC:04:86:D8:4E:7D:50:23:8C:E9:A9:12:34:67:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B86E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A74D84A8568A11F196873BB3CE1D38B0.roa
Signing time: Sat 23 May 2026 09:34:54 +0000
ROA not before: Sat 23 May 2026 09:34:43 +0000
ROA not after: Thu 09 Jul 2026 09:34:43 +0000
asID: 3257
IP address blocks: 156.225.15.0/24 maxlen: 24
156.228.16.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112750 (0x1b86e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 09:34:43 2026 GMT
Not After : Jul 9 09:34:43 2026 GMT
Subject: CN=6a1174be-3536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6a:6d:c4:47:7a:ac:3d:13:89:24:0f:6f:1a:
df:53:76:eb:b8:d2:34:9e:f5:00:f3:64:d1:89:83:
d0:95:2d:6f:de:bc:d5:d7:26:bc:90:82:db:1d:55:
b5:77:81:9d:27:59:44:37:76:d0:9a:d2:99:eb:09:
91:70:39:77:2e:83:dc:cd:b1:60:98:f3:ef:06:30:
5d:9f:1e:92:41:21:0f:0f:d0:4c:d6:3d:f3:52:a5:
12:cd:d6:02:09:f9:04:6c:14:34:6b:d2:32:a6:e4:
33:e0:ee:b0:bb:5b:66:4d:18:60:fc:a3:d5:7a:75:
84:6c:d6:58:f1:b5:fd:3f:72:3b:58:8d:f8:04:ea:
f8:02:72:b9:4b:04:7f:66:bc:9c:2a:29:70:4a:47:
73:9f:e6:a4:e1:40:e4:8c:6c:7e:a4:c9:ff:9e:3f:
dc:93:83:db:48:5c:c8:7b:90:82:13:f1:9a:d6:e6:
80:ee:24:b7:88:2e:6b:11:8e:b4:57:03:bc:51:68:
67:0f:c3:9c:b2:26:c0:13:63:b6:07:fb:33:22:f9:
72:c1:40:f1:8d:be:9f:7a:f0:dd:63:0d:15:37:fe:
48:e6:cf:ff:0e:53:8d:26:09:98:8e:be:8b:90:32:
21:03:74:32:00:ee:05:07:09:91:d9:d7:2a:72:4b:
6e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:CE:FF:45:75:CC:04:86:D8:4E:7D:50:23:8C:E9:A9:12:34:67:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A74D84A8568A11F196873BB3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.15.0/24
156.228.16.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:8a:90:7f:b0:fa:04:25:27:b8:3f:3b:90:3b:7a:ab:b6:2e:
be:22:b1:0e:74:47:a1:b4:b4:db:d2:46:52:8b:83:ce:03:17:
41:ed:cd:fb:ee:60:a1:85:9c:f9:1b:30:ff:06:38:0a:ac:0e:
f7:07:1b:3c:bb:e7:66:97:55:11:b9:10:5d:8a:95:78:39:90:
20:db:76:e9:70:7a:ca:c7:a3:f9:64:b4:3b:5b:b5:c7:28:f5:
c3:43:fd:c7:2f:93:c0:a7:2f:73:0f:b8:4c:ab:6d:aa:ce:50:
03:22:63:53:d8:10:e5:7c:6d:ee:be:ee:ba:58:ef:ef:ab:9c:
78:52:af:f1:73:24:b7:c1:c8:23:c7:a4:e9:d2:6a:60:24:fe:
79:08:bc:ab:fa:8f:74:c7:c7:a9:ea:5f:5f:44:0a:99:5d:c4:
5b:2c:ff:12:62:66:d5:56:4c:c7:15:d1:76:ed:ef:8d:7e:7b:
68:1f:4b:06:e6:c1:40:59:16:5f:07:b3:9a:ca:01:79:c0:47:
3a:c9:b7:5f:4f:70:13:ae:d7:0a:7c:7f:ae:3e:a4:0a:90:93:
a3:1f:07:f1:92:84:ca:94:7f:fd:20:94:d1:04:21:e3:e9:37:
08:98:f0:0d:d1:99:3d:0a:cb:99:bd:07:b5:45:79:77:75:3b:
f1:3b:0f:88
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAbhuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTIzMDkzNDQzWhcNMjYwNzA5MDkzNDQzWjAYMRYw
FAYDVQQDEw02YTExNzRiZS0zNTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx2ptxEd6rD0TiSQPbxrfU3bruNI0nvUA82TRiYPQlS1v3rzV1ya8kILb
HVW1d4GdJ1lEN3bQmtKZ6wmRcDl3LoPczbFgmPPvBjBdnx6SQSEPD9BM1j3zUqUS
zdYCCfkEbBQ0a9IypuQz4O6wu1tmTRhg/KPVenWEbNZY8bX9P3I7WI34BOr4AnK5
SwR/ZrycKilwSkdzn+ak4UDkjGx+pMn/nj/ck4PbSFzIe5CCE/Ga1uaA7iS3iC5r
EY60VwO8UWhnD8OcsibAE2O2B/szIvlywUDxjb6fevDdYw0VN/5I5s//DlONJgmY
jr6LkDIhA3QyAO4FBwmR2dcqcktucwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFbO
/0V1zASG2E59UCOM6akSNGdOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNzREODRBODU2OEExMUYxOTY4NzNCQjNDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOEPAwQBnOQQMA0GCSqGSIb3
DQEBCwUAA4IBAQAdipB/sPoEJSe4PzuQO3qrti6+IrEOdEehtLTb0kZSi4POAxdB
7c377mChhZz5GzD/BjgKrA73Bxs8u+dml1URuRBdipV4OZAg23bpcHrKx6P5ZLQ7
W7XHKPXDQ/3HL5PApy9zD7hMq22qzlADImNT2BDlfG3uvu66WO/vq5x4Uq/xcyS3
wcgjx6Tp0mpgJP55CLyr+o90x8ep6l9fRAqZXcRbLP8SYmbVVkzHFdF27e+Nfnto
H0sG5sFAWRZfB7OaygF5wEc6ybdfT3ATrtcKfH+uPqQKkJOjHwfxkoTKlH/9IJTR
BCHj6TcImPAN0Zk9CsuZvQe1RXl3dTvxOw+I
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:14:38 2026 by rpki-client