Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F5C628E8457211F1948689A5CE1D38B0.roa
File: F5C628E8457211F1948689A5CE1D38B0.roa (raw, json)
Hash identifier: 0wBNadMjnErrLSw1ADOzZYpZdfLtTajv/EcHHLJc23o=
Subject key identifier: E6:33:00:A1:A3:CB:65:A3:B5:C9:BC:EC:D6:8B:4E:CF:0F:E5:CD:1C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B0D6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F5C628E8457211F1948689A5CE1D38B0.roa
Signing time: Fri 01 May 2026 15:32:28 +0000
ROA not before: Fri 01 May 2026 15:32:23 +0000
ROA not after: Fri 05 Jun 2026 15:32:23 +0000
asID: 265721
IP address blocks: 156.248.128.0/20 maxlen: 24
156.248.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 13 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110806 (0x1b0d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 1 15:32:23 2026 GMT
Not After : Jun 5 15:32:23 2026 GMT
Subject: CN=69f4c78c-e7ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c0:27:ca:28:6e:31:46:fb:d5:8c:11:46:5e:
3d:fa:bb:c3:cd:6c:6e:b5:07:8a:d2:a4:8f:16:a4:
da:d3:4a:2c:0d:1b:4c:9d:14:90:1a:d5:90:d0:42:
93:6c:80:03:a8:67:02:31:6a:52:ce:c6:7f:a6:e4:
d8:85:14:49:71:58:00:98:26:a1:ec:3a:1c:5a:a0:
01:3c:61:ea:79:d1:19:57:89:3b:8f:ff:e2:ef:3a:
fb:f6:61:74:74:b8:29:40:31:25:7d:43:d7:b2:66:
3c:36:c1:5e:2d:f9:95:cd:b0:1e:8d:68:42:a9:42:
e8:63:0a:21:43:07:37:64:81:c9:c7:15:8b:18:bb:
45:33:8b:59:8e:5f:0d:47:1c:14:60:fb:12:42:80:
77:f3:28:7b:70:7a:e4:5f:da:7e:58:2d:fb:f1:a3:
1c:c1:f8:e2:93:40:7a:c5:02:7c:32:44:8d:0a:b0:
e5:9a:6a:1f:ff:8c:00:29:98:95:23:3d:93:c0:eb:
17:7f:9d:41:10:b8:8a:a3:08:b3:3e:42:76:66:58:
7f:b9:e0:09:1c:82:07:04:17:cc:ee:5d:92:cc:09:
13:09:34:d5:76:fb:bc:07:d5:f9:0a:1d:c7:c4:22:
5b:4c:85:48:3d:ab:7d:3a:76:bf:13:2d:38:50:57:
28:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:33:00:A1:A3:CB:65:A3:B5:C9:BC:EC:D6:8B:4E:CF:0F:E5:CD:1C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F5C628E8457211F1948689A5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.128.0/19
Signature Algorithm: sha256WithRSAEncryption
17:19:b7:c5:a0:6c:3d:b3:a2:5b:96:76:b1:be:fb:97:7a:31:
c0:cd:66:c5:06:e3:bd:2e:a7:2c:2c:b5:62:c2:21:61:85:2f:
43:8e:95:1c:3e:d6:03:6e:22:2b:b2:38:4a:23:bd:f9:8f:92:
26:be:08:66:e5:3e:40:dc:12:1b:8f:6d:18:2f:13:64:cc:63:
bf:0c:07:95:ae:8c:b6:dd:b4:73:3d:c5:22:e3:f4:23:0e:08:
2c:e1:e4:69:51:2b:68:94:a2:8c:c8:d9:c2:c9:01:9b:5d:21:
b9:34:7b:d4:59:c8:14:50:c5:52:ef:26:49:52:48:c4:39:58:
fd:a0:84:b7:23:73:e2:8e:bd:16:d8:96:8b:02:60:9e:f1:e6:
1a:20:a3:fc:cb:13:c7:71:dc:fa:8b:b3:4b:f3:fe:29:8c:ed:
4e:92:3e:b7:48:9c:13:77:4b:6a:93:aa:7e:10:29:b1:42:d2:
f5:c7:27:f7:6b:fb:68:2d:36:85:65:bc:88:c1:bd:ba:99:b2:
51:f8:64:bd:2a:09:1b:0f:a5:e6:6e:19:90:59:8a:b1:01:c7:
84:59:02:f8:21:cd:8e:fe:42:28:5b:bf:e6:1d:9b:30:bf:e6:
b2:21:de:63:bd:7b:cb:57:1d:27:4b:13:84:5b:db:98:c5:75:
1b:4e:6d:42
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbDWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTAxMTUzMjIzWhcNMjYwNjA1MTUzMjIzWjAYMRYw
FAYDVQQDEw02OWY0Yzc4Yy1lN2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtMAnyihuMUb71YwRRl49+rvDzWxutQeK0qSPFqTa00osDRtMnRSQGtWQ
0EKTbIADqGcCMWpSzsZ/puTYhRRJcVgAmCah7DocWqABPGHqedEZV4k7j//i7zr7
9mF0dLgpQDElfUPXsmY8NsFeLfmVzbAejWhCqULoYwohQwc3ZIHJxxWLGLtFM4tZ
jl8NRxwUYPsSQoB38yh7cHrkX9p+WC378aMcwfjik0B6xQJ8MkSNCrDlmmof/4wA
KZiVIz2TwOsXf51BELiKowizPkJ2Zlh/ueAJHIIHBBfM7l2SzAkTCTTVdvu8B9X5
Ch3HxCJbTIVIPat9Ona/Ey04UFcowwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOYz
AKGjy2Wjtcm87NaLTs8P5c0cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNUM2MjhFODQ1NzIxMUYxOTQ4Njg5QTVDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnPiAMA0GCSqGSIb3DQEBCwUA
A4IBAQAXGbfFoGw9s6JblnaxvvuXejHAzWbFBuO9LqcsLLViwiFhhS9DjpUcPtYD
biIrsjhKI735j5Imvghm5T5A3BIbj20YLxNkzGO/DAeVroy23bRzPcUi4/QjDggs
4eRpUStolKKMyNnCyQGbXSG5NHvUWcgUUMVS7yZJUkjEOVj9oIS3I3Pijr0W2JaL
AmCe8eYaIKP8yxPHcdz6i7NL8/4pjO1Okj63SJwTd0tqk6p+ECmxQtL1xyf3a/to
LTaFZbyIwb26mbJR+GS9KgkbD6XmbhmQWYqxAceEWQL4Ic2O/kIoW7/mHZswv+ay
Id5jvXvLVx0nSxOEW9uYxXUbTm1C
-----END CERTIFICATE-----
Generated at Mon May 11 10:42:36 2026 by rpki-client