Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCEED94A430311F1B2A375DACE1D38B0.roa
File: CCEED94A430311F1B2A375DACE1D38B0.roa (raw, json)
Hash identifier: PaS/Tc5tTUlS2BP6O0GSjbWyVmmKNjbzdqJ85c9yLnM=
Subject key identifier: 8D:62:E4:1B:0C:27:19:EE:3F:65:C9:6B:2F:30:6D:17:1E:F9:4B:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AFA8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCEED94A430311F1B2A375DACE1D38B0.roa
Signing time: Tue 28 Apr 2026 13:11:43 +0000
ROA not before: Tue 28 Apr 2026 13:11:37 +0000
ROA not after: Fri 05 Jun 2026 13:11:37 +0000
asID: 401701
IP address blocks: 156.238.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 May 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110504 (0x1afa8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 28 13:11:37 2026 GMT
Not After : Jun 5 13:11:37 2026 GMT
Subject: CN=69f0b20f-3d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:60:2c:f8:33:65:65:08:5f:b0:ed:6d:f1:f4:
a7:aa:2f:d1:d9:e8:e0:42:f6:26:13:1e:1d:2e:86:
0d:a1:0b:d6:da:03:55:e6:04:92:8e:2b:81:93:86:
44:fb:ff:42:27:47:0c:c0:8a:94:59:73:40:ac:e9:
07:76:23:ba:e7:d9:71:a4:02:c7:cb:2d:8e:cc:f8:
81:d9:26:25:f8:25:b8:d3:e4:c3:1f:a3:b0:d2:6a:
c8:2b:fd:f5:17:c8:ee:d9:63:26:9f:62:b3:2b:bc:
f5:40:6e:0b:16:52:9f:72:e1:97:b5:d3:9d:16:60:
05:58:f8:07:b9:64:1d:aa:1a:b6:ac:19:20:9f:2f:
76:9a:df:19:68:f2:fb:6c:1a:40:8e:6e:96:6f:4a:
43:80:d7:3f:2d:58:2e:66:c2:0c:b1:59:61:cc:40:
d7:d3:7f:b6:ad:8a:b9:b0:00:13:0d:22:f2:f7:f8:
f5:05:8d:c2:91:a5:ad:91:de:94:8b:2a:c6:88:c5:
7a:8f:aa:ad:91:cc:01:c1:8c:59:47:49:6a:62:57:
80:4d:5e:ac:3a:72:f9:85:5b:4b:d7:47:90:8c:67:
da:2a:67:02:87:3a:7b:c8:8e:bf:40:57:bf:a7:da:
90:67:8f:c3:da:eb:a1:d8:9c:d6:d1:b7:a9:46:16:
d4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:62:E4:1B:0C:27:19:EE:3F:65:C9:6B:2F:30:6D:17:1E:F9:4B:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCEED94A430311F1B2A375DACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.224.0/19
Signature Algorithm: sha256WithRSAEncryption
24:56:c4:65:50:e6:06:f8:28:6a:ff:b7:4e:b1:b6:3c:55:4a:
20:4b:e9:df:9f:e2:12:28:9b:02:99:7a:63:ec:dc:94:12:4a:
6b:1c:14:e4:9a:5f:f1:63:b9:0b:4c:a0:e7:58:61:99:1a:7f:
be:11:62:f9:41:48:14:ef:bf:ef:2b:b1:2d:d0:35:aa:e1:eb:
11:55:37:ed:04:47:98:21:c1:18:60:c8:f2:12:ac:f2:8b:13:
36:43:4e:a8:f6:6a:ea:7a:b2:2b:3d:74:ce:51:b9:ff:4e:34:
31:7f:49:13:05:af:fe:8e:45:8e:0f:73:e6:64:d6:57:3d:f1:
52:9f:01:8b:23:39:66:1c:b0:af:20:e8:c3:71:f8:f2:b0:34:
0d:3b:12:04:cf:31:d4:a8:0a:c0:9e:8c:9e:f0:05:1d:70:3c:
d4:6a:d3:4d:bb:b7:d4:81:f1:37:ef:48:db:b5:0b:b6:67:3f:
a5:83:9b:0f:6f:e4:e2:12:3a:69:59:de:a0:c7:bd:7f:ae:23:
68:dc:88:1f:4e:74:bf:60:21:d4:82:0d:d6:e5:4c:7a:f8:2d:
cd:6a:ef:fc:70:e4:76:92:c2:1d:80:cc:b8:92:ee:28:a8:dd:
72:1f:1e:2f:a0:56:03:5e:95:ed:10:ec:0c:e8:da:1d:d0:26:
b1:c2:8a:48
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAa+oMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDI4MTMxMTM3WhcNMjYwNjA1MTMxMTM3WjAYMRYw
FAYDVQQDEw02OWYwYjIwZi0zZDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyWAs+DNlZQhfsO1t8fSnqi/R2ejgQvYmEx4dLoYNoQvW2gNV5gSSjiuB
k4ZE+/9CJ0cMwIqUWXNArOkHdiO659lxpALHyy2OzPiB2SYl+CW40+TDH6Ow0mrI
K/31F8ju2WMmn2KzK7z1QG4LFlKfcuGXtdOdFmAFWPgHuWQdqhq2rBkgny92mt8Z
aPL7bBpAjm6Wb0pDgNc/LVguZsIMsVlhzEDX03+2rYq5sAATDSLy9/j1BY3CkaWt
kd6UiyrGiMV6j6qtkcwBwYxZR0lqYleATV6sOnL5hVtL10eQjGfaKmcChzp7yI6/
QFe/p9qQZ4/D2uuh2JzW0bepRhbU2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI1i
5BsMJxnuP2XJay8wbRce+UuoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQ0VFRDk0QTQzMDMxMUYxQjJBMzc1REFDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO7gMA0GCSqGSIb3DQEBCwUA
A4IBAQAkVsRlUOYG+Chq/7dOsbY8VUogS+nfn+ISKJsCmXpj7NyUEkprHBTkml/x
Y7kLTKDnWGGZGn++EWL5QUgU77/vK7Et0DWq4esRVTftBEeYIcEYYMjyEqzyixM2
Q06o9mrqerIrPXTOUbn/TjQxf0kTBa/+jkWOD3PmZNZXPfFSnwGLIzlmHLCvIOjD
cfjysDQNOxIEzzHUqArAnoye8AUdcDzUatNNu7fUgfE370jbtQu2Zz+lg5sPb+Ti
EjppWd6gx71/riNo3IgfTnS/YCHUgg3W5Ux6+C3Nau/8cOR2ksIdgMy4ku4oqN1y
Hx4voFYDXpXtEOwM6Nod0CaxwopI
-----END CERTIFICATE-----
Generated at Wed May 6 05:35:45 2026 by rpki-client