Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBD3757219F311F1B9C61395DAE4EC9C.roa
File: CBD3757219F311F1B9C61395DAE4EC9C.roa (raw, json)
Hash identifier: Qsia4TsDFT0qtCAsuVlxw+wHMnJoE6N4L2/YcRsGLE4=
Subject key identifier: FE:BF:FF:B9:77:35:2B:78:8A:0E:A8:03:64:E6:5E:93:67:1C:45:8D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A320
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBD3757219F311F1B9C61395DAE4EC9C.roa
Signing time: Sat 07 Mar 2026 07:03:52 +0000
ROA not before: Sat 07 Mar 2026 07:03:45 +0000
ROA not after: Thu 04 Jun 2026 07:03:45 +0000
asID: 142403
IP address blocks: 156.236.66.0/24 maxlen: 24
156.236.70.0/24 maxlen: 24
156.236.71.0/24 maxlen: 24
156.236.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 00:26:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107296 (0x1a320)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 7 07:03:45 2026 GMT
Not After : Jun 4 07:03:45 2026 GMT
Subject: CN=69abcdd8-8450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:55:ec:c4:52:4e:90:6f:ec:b5:91:41:8c:2e:
ed:ae:2a:9f:27:ce:6e:54:be:75:71:a3:3b:e5:9e:
98:5c:38:2f:0b:84:df:40:34:ca:7a:08:05:c9:e1:
c2:fd:6f:6c:ed:bb:b3:e3:9f:08:29:89:35:ea:16:
76:09:4f:7c:00:22:d2:5f:a8:50:06:18:f6:74:58:
64:db:b3:39:27:59:89:34:9f:8c:3c:f8:cc:10:ab:
92:c9:c9:82:22:d2:36:a2:51:3f:e5:01:9d:c8:3b:
0a:e4:34:d8:c2:4f:9b:2c:06:91:56:45:3c:27:65:
06:8c:f0:e3:a7:15:8d:e0:8b:31:91:56:c2:65:e7:
b8:c9:3c:0a:93:ff:1f:bf:8d:3b:cd:c8:39:c9:a9:
9f:eb:9c:6b:7a:46:35:7e:72:47:2e:11:b0:ea:6e:
c7:36:ef:1c:60:53:b3:f5:55:f7:92:36:96:10:b9:
43:ea:e3:09:45:2f:02:bd:32:5e:21:dc:6c:64:75:
98:16:7b:82:a9:de:56:b1:f3:08:97:47:d3:35:41:
2f:b6:a9:c3:1e:ad:3c:e1:27:c5:da:5b:5d:50:d3:
f7:ee:23:ad:42:54:55:16:a7:60:e2:40:e4:55:33:
54:3e:6f:88:6e:b0:94:79:03:6d:fe:bd:c9:0b:13:
47:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:BF:FF:B9:77:35:2B:78:8A:0E:A8:03:64:E6:5E:93:67:1C:45:8D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBD3757219F311F1B9C61395DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.66.0/24
156.236.70.0-156.236.72.255
Signature Algorithm: sha256WithRSAEncryption
78:34:6f:21:38:0f:43:a5:7e:5e:30:93:e0:3e:1e:9d:33:6b:
d5:46:4d:f8:52:cb:a7:42:4d:8d:21:2f:cf:c2:e9:34:c8:4b:
b6:b3:89:53:11:b4:3e:9f:c5:7f:a1:06:cc:3d:ec:73:00:28:
92:47:64:a5:15:82:15:41:4f:ea:ae:12:2d:10:fc:2e:7b:1b:
fe:8e:f2:cd:dd:f9:61:f9:02:69:23:eb:a2:b5:9e:54:20:3e:
1b:15:bd:bc:ba:d1:d7:c4:24:20:a4:fa:b9:08:3d:72:a1:66:
f1:d4:10:5e:33:a4:fb:a0:22:f3:29:c2:0e:fd:28:92:84:03:
68:32:19:be:72:54:e2:a9:90:31:3b:db:59:de:9c:00:b2:a8:
a6:dc:ff:34:74:c5:0b:80:38:80:de:62:47:d2:de:a9:77:f0:
7e:cd:26:3f:9d:2f:91:b3:4f:9f:5d:5e:9d:d6:f8:d0:4e:3e:
09:ed:63:49:47:b4:48:a7:e4:6e:bb:22:26:96:72:7d:f9:fb:
1f:71:da:9c:cf:8d:2b:1a:76:c3:40:24:32:aa:20:0a:74:04:
54:79:01:b9:90:21:b4:78:ba:65:62:77:2a:81:50:5a:b0:2a:
2f:55:d8:fb:b1:f5:74:7f:bf:4c:32:96:60:b8:25:96:e4:b5:
bb:6e:43:5d
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAaMgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzA3MDcwMzQ1WhcNMjYwNjA0MDcwMzQ1WjAYMRYw
FAYDVQQDEw02OWFiY2RkOC04NDUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtVXsxFJOkG/stZFBjC7triqfJ85uVL51caM75Z6YXDgvC4TfQDTKeggF
yeHC/W9s7buz458IKYk16hZ2CU98ACLSX6hQBhj2dFhk27M5J1mJNJ+MPPjMEKuS
ycmCItI2olE/5QGdyDsK5DTYwk+bLAaRVkU8J2UGjPDjpxWN4IsxkVbCZee4yTwK
k/8fv407zcg5yamf65xrekY1fnJHLhGw6m7HNu8cYFOz9VX3kjaWELlD6uMJRS8C
vTJeIdxsZHWYFnuCqd5WsfMIl0fTNUEvtqnDHq084SfF2ltdUNP37iOtQlRVFqdg
4kDkVTNUPm+IbrCUeQNt/r3JCxNHsQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFP6/
/7l3NSt4ig6oA2TmXpNnHEWNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQkQzNzU3MjE5RjMxMUYxQjlDNjEzOTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAnOxCMAwDBAGc7EYDBACc7Egw
DQYJKoZIhvcNAQELBQADggEBAHg0byE4D0Olfl4wk+A+Hp0za9VGTfhSy6dCTY0h
L8/C6TTIS7aziVMRtD6fxX+hBsw97HMAKJJHZKUVghVBT+quEi0Q/C57G/6O8s3d
+WH5Amkj66K1nlQgPhsVvby60dfEJCCk+rkIPXKhZvHUEF4zpPugIvMpwg79KJKE
A2gyGb5yVOKpkDE721nenACyqKbc/zR0xQuAOIDeYkfS3ql38H7NJj+dL5GzT59d
Xp3W+NBOPgntY0lHtEin5G67IiaWcn35+x9x2pzPjSsadsNAJDKqIAp0BFR5AbmQ
IbR4umVidyqBUFqwKi9V2Pux9XR/v0wylmC4JZbktbtuQ10=
-----END CERTIFICATE-----
Generated at Tue Mar 24 18:53:54 2026 by rpki-client