Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B433BE984A6011F198A29E18CF1D38B0.roa
File: B433BE984A6011F198A29E18CF1D38B0.roa (raw, json)
Hash identifier: z8IkdelSfH3WqtuO0qxdcfy0H0XPmGjf/wBZZo1WgIo=
Subject key identifier: 22:BC:61:FD:81:6E:4A:86:EC:5A:A3:04:4B:84:30:55:32:0A:55:A9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B284
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B433BE984A6011F198A29E18CF1D38B0.roa
Signing time: Thu 07 May 2026 22:04:23 +0000
ROA not before: Thu 07 May 2026 22:04:18 +0000
ROA not after: Fri 22 May 2026 22:04:18 +0000
asID: 395886
IP address blocks: 156.233.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111236 (0x1b284)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 7 22:04:18 2026 GMT
Not After : May 22 22:04:18 2026 GMT
Subject: CN=69fd0c67-f294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9f:8c:c6:c8:4e:51:60:40:07:2e:8b:f0:65:
36:9b:17:df:f0:46:dd:de:7f:39:e9:f0:1f:8b:4a:
80:5a:f0:6c:de:88:a1:f3:a4:16:2b:7a:31:07:57:
72:ba:7c:20:b8:9b:2d:63:08:49:bb:85:2e:92:bf:
01:d4:ae:61:2f:23:c8:03:fb:e5:71:3a:e1:c8:a3:
d8:bd:1b:1a:61:bb:21:fd:65:ed:92:49:a1:bd:18:
54:c4:ff:ff:71:e5:55:f8:31:93:fb:d0:78:d3:44:
a5:76:25:9d:76:82:eb:4c:ca:ad:7b:23:22:88:37:
29:54:39:0d:d1:29:c0:4a:5f:93:b6:10:2c:aa:3d:
de:4f:02:12:9a:20:0f:80:6c:fe:29:c4:36:7a:96:
14:f7:f4:35:9c:35:18:15:2f:c5:c3:c4:75:ff:e7:
aa:20:6e:da:cc:80:44:75:a3:b1:f6:17:09:d5:63:
a9:88:b9:b0:6e:7c:33:57:1e:b0:b3:0e:f4:59:fe:
f3:41:df:23:e8:ce:91:d0:c0:a4:05:4e:d6:ed:61:
34:83:0f:ab:81:95:1a:f8:3d:18:f4:39:f3:8f:74:
24:43:97:f6:31:67:a1:3c:b0:47:43:f9:98:32:8c:
cf:67:00:79:9f:3e:9a:a7:1c:c7:74:28:15:86:0c:
8a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BC:61:FD:81:6E:4A:86:EC:5A:A3:04:4B:84:30:55:32:0A:55:A9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B433BE984A6011F198A29E18CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.224.0/20
Signature Algorithm: sha256WithRSAEncryption
07:53:46:02:ef:db:03:68:53:fb:36:bd:9e:4f:8f:f5:f8:35:
af:a8:7a:51:cd:2e:b4:3b:ca:57:40:5b:a6:4c:12:f5:72:a0:
b7:2c:34:be:74:b2:5a:b5:4d:e6:2b:a1:54:2e:35:ff:41:84:
d2:1e:3e:cc:e3:55:03:0a:d2:ba:31:73:c2:55:4e:fd:05:2d:
fc:bd:1b:95:98:2d:27:a4:9a:1b:43:70:05:9d:4e:c0:7a:7b:
99:72:85:8f:f8:5f:17:56:35:d4:ff:63:94:47:31:d9:bc:00:
63:3e:70:14:da:b8:04:51:f8:36:5f:ce:97:7a:1b:70:61:2d:
58:6c:31:27:6a:47:ea:19:0e:6a:a2:c2:15:68:27:5e:e1:21:
17:9f:5c:6e:5d:85:82:14:58:60:9f:42:35:f1:a0:79:fa:2a:
30:d1:4b:ba:8f:d0:fb:28:30:da:6a:ca:36:f6:19:de:b2:3f:
bb:81:a6:87:41:bd:6f:06:e9:57:ff:37:d6:fe:d8:59:30:05:
72:6a:e2:46:1a:55:79:2f:c6:de:16:dc:e6:04:51:8b:c5:2f:
f5:e6:86:0b:65:8b:42:df:77:3f:12:ae:9c:3d:4e:dd:5a:ea:
04:81:ed:9e:71:ef:d7:65:1d:7f:9c:86:2a:f6:77:49:8a:be:
98:01:9d:47
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbKEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTA3MjIwNDE4WhcNMjYwNTIyMjIwNDE4WjAYMRYw
FAYDVQQDEw02OWZkMGM2Ny1mMjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv5+MxshOUWBABy6L8GU2mxff8Ebd3n856fAfi0qAWvBs3oih86QWK3ox
B1dyunwguJstYwhJu4Uukr8B1K5hLyPIA/vlcTrhyKPYvRsaYbsh/WXtkkmhvRhU
xP//ceVV+DGT+9B400SldiWddoLrTMqteyMiiDcpVDkN0SnASl+TthAsqj3eTwIS
miAPgGz+KcQ2epYU9/Q1nDUYFS/Fw8R1/+eqIG7azIBEdaOx9hcJ1WOpiLmwbnwz
Vx6wsw70Wf7zQd8j6M6R0MCkBU7W7WE0gw+rgZUa+D0Y9Dnzj3QkQ5f2MWehPLBH
Q/mYMozPZwB5nz6apxzHdCgVhgyKUwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCK8
Yf2BbkqG7FqjBEuEMFUyClWpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNDMzQkU5ODRBNjAxMUYxOThBMjlFMThDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOngMA0GCSqGSIb3DQEBCwUA
A4IBAQAHU0YC79sDaFP7Nr2eT4/1+DWvqHpRzS60O8pXQFumTBL1cqC3LDS+dLJa
tU3mK6FULjX/QYTSHj7M41UDCtK6MXPCVU79BS38vRuVmC0npJobQ3AFnU7AenuZ
coWP+F8XVjXU/2OURzHZvABjPnAU2rgEUfg2X86XehtwYS1YbDEnakfqGQ5qosIV
aCde4SEXn1xuXYWCFFhgn0I18aB5+iow0Uu6j9D7KDDaaso29hnesj+7gaaHQb1v
BulX/zfW/thZMAVyauJGGlV5L8beFtzmBFGLxS/15oYLZYtC33c/Eq6cPU7dWuoE
ge2ece/XZR1/nIYq9ndJir6YAZ1H
-----END CERTIFICATE-----
Generated at Sat May 9 12:31:59 2026 by rpki-client