Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA70F10C17C111F1BE26F88CDAE4EC9C.roa
File: CA70F10C17C111F1BE26F88CDAE4EC9C.roa (raw, json)
Hash identifier: 1QnzR7BtlZ4BLwMfA2z2Tg9hkkSbW3fwS0DAj8ccoJM=
Subject key identifier: B9:1F:F0:D0:1D:27:94:5E:24:E7:A4:87:21:62:41:61:AC:A5:DE:43
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A248
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA70F10C17C111F1BE26F88CDAE4EC9C.roa
Signing time: Wed 04 Mar 2026 12:00:52 +0000
ROA not before: Wed 04 Mar 2026 12:00:47 +0000
ROA not after: Fri 10 Apr 2026 12:00:47 +0000
asID: 401701
IP address blocks: 156.233.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 23 Mar 2026 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107080 (0x1a248)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 4 12:00:47 2026 GMT
Not After : Apr 10 12:00:47 2026 GMT
Subject: CN=69a81ef4-c9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c2:80:24:c3:4f:de:bf:f6:ab:95:b0:10:ea:
df:c7:16:35:7a:db:38:73:a6:35:b5:fe:69:77:0b:
c5:08:b0:f2:67:21:db:55:f8:65:f8:12:a5:6f:67:
1d:82:fc:f6:d9:eb:97:5a:51:7d:d7:e6:fc:4c:f4:
07:4d:81:ca:c0:85:e1:d8:3b:95:2c:26:89:3e:95:
6f:bc:46:29:0b:28:02:2a:04:ce:fb:94:d5:d3:2e:
8e:5b:f3:3e:c8:6a:a0:d0:de:7c:7c:6b:e2:09:7f:
40:87:ac:40:0e:cb:17:42:71:b4:72:8d:cb:46:9c:
e1:73:02:39:83:79:d3:5b:99:c8:d1:88:bc:d5:46:
8f:f2:fc:40:ba:0a:ed:e0:b6:aa:5f:41:71:93:67:
52:08:6d:53:5b:63:96:67:11:a1:c8:76:c0:1e:c6:
02:f3:70:09:51:8e:b6:b6:d3:65:74:51:ca:b6:7b:
83:f0:87:10:f5:df:63:77:48:87:55:74:d4:05:48:
f3:31:30:fd:4f:0c:44:85:7c:a5:f7:36:d5:41:80:
bb:e3:ee:b9:a8:67:2b:7a:b2:e4:63:52:c1:92:cd:
1d:41:6c:3a:ac:de:1a:de:59:9a:6d:c9:94:0d:b7:
2c:64:70:67:48:80:65:8c:f4:7a:72:8d:f0:19:05:
fe:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1F:F0:D0:1D:27:94:5E:24:E7:A4:87:21:62:41:61:AC:A5:DE:43
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA70F10C17C111F1BE26F88CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.224.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:be:6e:26:da:17:38:a2:f0:1c:91:12:b2:63:0b:e9:37:96:
5c:c6:13:76:63:ca:60:09:93:89:70:93:39:d7:41:8d:08:0e:
5d:ea:7b:19:7c:ae:a9:5b:e2:cb:c2:5a:e2:ff:7e:80:fb:af:
28:0b:0e:91:cc:d8:a2:2d:0a:96:dc:49:8d:ee:22:75:3b:c6:
f1:5d:a2:e8:17:1a:56:52:eb:13:58:a0:85:55:bc:5f:96:34:
46:15:7f:7d:f9:df:57:2e:54:b1:a2:04:1e:b4:cc:ba:14:06:
59:ef:5d:6b:b8:f8:7a:6d:04:d6:a9:6b:09:36:0d:d4:c6:a9:
8f:d6:1e:3f:41:74:53:b1:95:eb:ef:f3:ec:74:50:9a:8c:8c:
db:dd:12:1c:cd:d1:15:d3:0f:36:82:a0:d6:d2:7d:dc:f7:14:
c2:82:24:c2:3c:ac:bf:a5:1c:c3:bf:e5:c7:c5:a9:a6:bf:b2:
23:f0:c2:48:a4:ac:4e:58:e0:69:85:bb:8a:ef:94:82:e7:2a:
ad:d0:f1:43:c9:38:07:2b:09:f0:3d:26:e9:62:f5:c1:37:2c:
b1:43:f1:3d:97:89:d6:ec:e1:00:a9:64:04:3d:cd:c8:02:43:
3b:c9:b7:2d:1d:c6:4a:1b:cb:92:2c:85:7e:45:1c:cc:32:13:
ba:91:c9:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaJIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzA0MTIwMDQ3WhcNMjYwNDEwMTIwMDQ3WjAYMRYw
FAYDVQQDEw02OWE4MWVmNC1jOWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8KAJMNP3r/2q5WwEOrfxxY1ets4c6Y1tf5pdwvFCLDyZyHbVfhl+BKl
b2cdgvz22euXWlF91+b8TPQHTYHKwIXh2DuVLCaJPpVvvEYpCygCKgTO+5TV0y6O
W/M+yGqg0N58fGviCX9Ah6xADssXQnG0co3LRpzhcwI5g3nTW5nI0Yi81UaP8vxA
ugrt4LaqX0Fxk2dSCG1TW2OWZxGhyHbAHsYC83AJUY62ttNldFHKtnuD8IcQ9d9j
d0iHVXTUBUjzMTD9TwxEhXyl9zbVQYC74+65qGcrerLkY1LBks0dQWw6rN4a3lma
bcmUDbcsZHBnSIBljPR6co3wGQX+qQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLkf
8NAdJ5ReJOekhyFiQWGspd5DMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQTcwRjEwQzE3QzExMUYxQkUyNkY4OENEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOngMA0GCSqGSIb3DQEBCwUA
A4IBAQA+vm4m2hc4ovAckRKyYwvpN5ZcxhN2Y8pgCZOJcJM510GNCA5d6nsZfK6p
W+LLwlri/36A+68oCw6RzNiiLQqW3EmN7iJ1O8bxXaLoFxpWUusTWKCFVbxfljRG
FX99+d9XLlSxogQetMy6FAZZ711ruPh6bQTWqWsJNg3UxqmP1h4/QXRTsZXr7/Ps
dFCajIzb3RIczdEV0w82gqDW0n3c9xTCgiTCPKy/pRzDv+XHxammv7Ij8MJIpKxO
WOBphbuK75SC5yqt0PFDyTgHKwnwPSbpYvXBNyyxQ/E9l4nW7OEAqWQEPc3IAkM7
ybctHcZKG8uSLIV+RRzMMhO6kcmY
-----END CERTIFICATE-----
Generated at Sat Mar 21 17:17:13 2026 by rpki-client