Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8260DA833FF11F1B0B8F5A0CE1D38B0.roa
File: A8260DA833FF11F1B0B8F5A0CE1D38B0.roa (raw, json)
Hash identifier: UdFyv6pcJyq4GEw+tOh0yIpfNu0gpqSOCoEMvsQkZPo=
Subject key identifier: 57:4E:AA:06:CE:04:73:22:C5:7C:4D:7B:12:65:CA:7E:E3:4F:3A:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AB42
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8260DA833FF11F1B0B8F5A0CE1D38B0.roa
Signing time: Thu 09 Apr 2026 10:34:16 +0000
ROA not before: Thu 09 Apr 2026 10:34:11 +0000
ROA not after: Sat 23 May 2026 10:34:11 +0000
asID: 21859
IP address blocks: 156.233.48.0/24 maxlen: 24
156.238.162.0/24 maxlen: 24
156.239.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109378 (0x1ab42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 9 10:34:11 2026 GMT
Not After : May 23 10:34:11 2026 GMT
Subject: CN=69d780a8-ed20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b7:7c:43:b5:a6:25:55:cd:ac:78:36:35:f9:
81:07:5a:78:fd:4b:c7:ec:25:91:b5:d9:ec:6e:36:
ee:fa:e1:9f:46:30:37:1a:6a:05:8b:6b:6a:0a:b7:
61:c3:9e:72:67:a2:94:92:3e:a7:bf:9f:0c:ee:42:
8c:f5:0b:c6:ac:89:0e:25:dc:be:69:6b:72:5e:2d:
8a:55:e2:d1:e8:7e:25:0c:ce:70:21:2f:fd:a9:5f:
2d:27:4f:df:5a:dc:d5:15:d8:62:ae:c1:81:23:de:
71:44:46:7d:10:82:82:31:93:b8:d1:f5:c1:c3:6e:
88:de:1f:42:9e:8d:43:41:a5:c7:f6:da:66:67:09:
b7:ee:19:e5:4d:a2:e5:ec:d9:1f:86:67:99:63:f1:
b1:65:bb:de:d4:d1:b8:47:4d:c1:7e:32:6b:64:bb:
0e:87:48:55:ea:2d:9f:71:a3:a6:cd:36:97:bc:d2:
dd:b5:a7:8c:ce:56:69:8b:81:5e:00:f0:0e:e3:73:
ed:57:37:41:17:34:31:13:aa:91:0a:73:5c:80:70:
20:35:f0:b2:aa:2d:ed:4e:88:81:66:5d:a7:b0:56:
d5:47:80:20:c4:09:5e:32:3f:64:6d:b8:dc:db:45:
03:10:d5:ad:e8:e2:7d:33:40:00:4b:14:3d:81:04:
18:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:4E:AA:06:CE:04:73:22:C5:7C:4D:7B:12:65:CA:7E:E3:4F:3A:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8260DA833FF11F1B0B8F5A0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.48.0/24
156.238.162.0/24
156.239.134.0/24
Signature Algorithm: sha256WithRSAEncryption
87:41:7c:5d:5c:0d:f6:c2:f2:ed:61:b8:68:f3:a7:98:8b:5b:
9f:eb:12:01:dd:1b:38:f6:1e:59:45:a2:ca:3c:2d:10:bc:a5:
dc:a3:20:32:a4:25:57:23:44:71:c7:7c:b0:8b:39:1c:dd:41:
42:c0:a9:bf:a2:9d:fc:de:59:a6:e1:7c:36:21:b4:4d:04:00:
14:8f:94:1a:7a:8e:e3:6f:16:17:64:e2:ee:ec:79:58:34:d9:
99:84:a2:87:5d:8a:74:0f:f0:14:63:cc:e5:50:54:aa:69:2c:
43:4c:4d:46:29:e7:c3:b8:23:43:ce:ff:67:61:66:32:79:77:
c2:21:5b:3a:10:a3:88:e9:3d:98:44:04:33:af:f8:66:8c:32:
c4:4b:bb:d2:3e:21:49:2f:43:02:3f:47:1e:8f:d2:dd:fc:5e:
18:20:d4:e6:88:49:8b:24:b9:25:66:16:06:ad:c3:19:29:74:
b0:44:15:5b:33:8d:d5:54:dd:d8:2b:ac:ce:71:35:79:e0:52:
d0:bb:67:da:c4:76:93:09:c6:cb:61:90:3a:89:ca:87:42:c3:
04:5d:db:ef:ee:96:6d:c2:3f:96:da:cf:82:c7:a5:e1:fd:d1:
28:50:9f:96:f3:19:fb:1e:77:e0:4b:07:eb:8b:c3:c4:9e:e6:
56:23:b0:b9
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAatCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDA5MTAzNDExWhcNMjYwNTIzMTAzNDExWjAYMRYw
FAYDVQQDEw02OWQ3ODBhOC1lZDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn7d8Q7WmJVXNrHg2NfmBB1p4/UvH7CWRtdnsbjbu+uGfRjA3GmoFi2tq
Crdhw55yZ6KUkj6nv58M7kKM9QvGrIkOJdy+aWtyXi2KVeLR6H4lDM5wIS/9qV8t
J0/fWtzVFdhirsGBI95xREZ9EIKCMZO40fXBw26I3h9Cno1DQaXH9tpmZwm37hnl
TaLl7NkfhmeZY/GxZbve1NG4R03BfjJrZLsOh0hV6i2fcaOmzTaXvNLdtaeMzlZp
i4FeAPAO43PtVzdBFzQxE6qRCnNcgHAgNfCyqi3tToiBZl2nsFbVR4AgxAleMj9k
bbjc20UDENWt6OJ9M0AASxQ9gQQYVwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFFdO
qgbOBHMixXxNexJlyn7jTzr7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BODI2MERBODMzRkYxMUYxQjBCOEY1QTBDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnOkwAwQAnO6iAwQAnO+GMA0G
CSqGSIb3DQEBCwUAA4IBAQCHQXxdXA32wvLtYbho86eYi1uf6xIB3Rs49h5ZRaLK
PC0QvKXcoyAypCVXI0Rxx3ywizkc3UFCwKm/op383lmm4Xw2IbRNBAAUj5Qaeo7j
bxYXZOLu7HlYNNmZhKKHXYp0D/AUY8zlUFSqaSxDTE1GKefDuCNDzv9nYWYyeXfC
IVs6EKOI6T2YRAQzr/hmjDLES7vSPiFJL0MCP0cej9Ld/F4YINTmiEmLJLklZhYG
rcMZKXSwRBVbM43VVN3YK6zOcTV54FLQu2faxHaTCcbLYZA6icqHQsMEXdvv7pZt
wj+W2s+Cx6Xh/dEoUJ+W8xn7HnfgSwfri8PEnuZWI7C5
-----END CERTIFICATE-----
Generated at Sat Apr 18 14:29:36 2026 by rpki-client