Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF1817EE359111F1B2D35719CF1D38B0.roa
File: FF1817EE359111F1B2D35719CF1D38B0.roa (raw, json)
Hash identifier: dyjVmNgm9+O/bUHUatM2YNJ6yivTtoPBWXyvs9O9wU8=
Subject key identifier: 11:86:96:BF:17:D9:BB:AA:C0:F8:74:35:6E:52:4E:6F:96:53:1C:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AC0A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF1817EE359111F1B2D35719CF1D38B0.roa
Signing time: Sat 11 Apr 2026 10:34:19 +0000
ROA not before: Sat 11 Apr 2026 10:34:15 +0000
ROA not after: Sun 24 May 2026 10:34:15 +0000
asID: 214413
IP address blocks: 156.229.56.0/22 maxlen: 24
156.233.216.0/22 maxlen: 24
156.239.128.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109578 (0x1ac0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 11 10:34:15 2026 GMT
Not After : May 24 10:34:15 2026 GMT
Subject: CN=69da23ab-2cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:00:c9:95:bd:d1:d5:2b:c9:98:76:01:df:f3:
ea:5e:23:71:8c:d0:05:1d:9e:f6:fa:48:fa:7e:c3:
ff:4c:04:e7:62:4f:2d:0b:7e:6f:d1:00:00:ad:7c:
f3:b7:28:de:31:ff:2a:dd:86:07:e7:cc:eb:d7:dd:
0f:57:cc:bf:1d:3e:aa:47:4a:8c:32:b4:79:be:0d:
59:07:b5:6c:a5:92:32:c4:3a:00:2b:c4:bc:52:8e:
9e:bf:fe:f9:91:23:b8:76:99:2c:77:31:7a:5d:03:
4f:2b:aa:43:d2:c8:06:98:d3:28:86:4d:7d:1a:d1:
8e:96:bb:fa:1b:75:78:2c:0d:4c:26:47:65:8f:99:
22:eb:d4:3a:f2:11:0e:ef:a8:ad:23:73:5d:cf:0f:
27:df:44:9e:f4:66:5e:10:bc:87:19:0b:87:ce:c9:
98:34:00:96:fa:ad:2a:77:1d:1e:1d:83:1d:d3:2a:
fa:cb:4f:ee:34:5a:81:73:b4:42:f4:0f:e6:2d:4c:
14:6c:89:2e:c2:e3:5e:be:6f:4f:f5:7e:14:ef:2e:
53:63:70:01:2f:d6:ce:8d:31:95:0c:12:84:45:77:
c4:82:5f:62:a0:7a:5c:f4:12:23:4d:4b:66:fb:da:
cc:75:5b:6b:44:e2:4a:4d:31:b2:f6:82:41:55:e2:
23:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:86:96:BF:17:D9:BB:AA:C0:F8:74:35:6E:52:4E:6F:96:53:1C:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF1817EE359111F1B2D35719CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.56.0/22
156.233.216.0/22
156.239.128.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:a4:7a:05:e8:6f:9e:26:54:2a:6b:67:2b:d5:b8:23:41:42:
60:71:ff:ca:3c:64:b3:df:f8:41:73:67:69:15:ab:50:33:61:
c9:32:69:46:fa:45:d1:41:32:31:5a:fc:13:e3:4c:60:81:85:
80:14:23:29:90:4f:fa:c9:28:28:ce:7c:e4:08:fb:be:1d:a5:
32:c3:9e:e0:53:05:a5:a9:0e:58:16:ae:3c:72:12:5c:88:d3:
7b:e5:c1:55:d2:30:ad:f2:0e:e7:e0:0f:75:10:da:36:13:90:
d6:c4:a5:3e:f4:9e:7d:28:d1:16:e9:1c:6b:c3:6d:d2:5e:a3:
b3:75:91:a8:07:bd:7a:31:f6:c4:a4:7a:87:8b:33:58:a1:e9:
2a:b5:65:3e:1b:4a:bc:4f:25:80:a5:c5:e0:84:16:5a:24:59:
22:8c:3d:8e:9a:fe:1e:fc:a6:85:cc:38:54:7e:08:3e:3a:8a:
87:dd:0f:a7:31:13:f6:aa:16:1c:ed:12:ef:85:5f:dd:79:8e:
60:b4:46:57:6c:25:8d:25:b1:b2:2a:dd:d9:ea:59:b4:4e:8e:
bf:53:17:a9:c7:c1:05:fb:2d:85:5c:cd:9a:0e:2b:23:2f:6f:
6c:bb:38:ec:92:3d:b5:67:9e:e3:f5:16:ec:dd:29:ee:4f:ad:
83:1c:86:83
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAawKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDExMTAzNDE1WhcNMjYwNTI0MTAzNDE1WjAYMRYw
FAYDVQQDEw02OWRhMjNhYi0yY2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQDJlb3R1SvJmHYB3/PqXiNxjNAFHZ72+kj6fsP/TATnYk8tC35v0QAA
rXzztyjeMf8q3YYH58zr190PV8y/HT6qR0qMMrR5vg1ZB7VspZIyxDoAK8S8Uo6e
v/75kSO4dpksdzF6XQNPK6pD0sgGmNMohk19GtGOlrv6G3V4LA1MJkdlj5ki69Q6
8hEO76itI3Ndzw8n30Se9GZeELyHGQuHzsmYNACW+q0qdx0eHYMd0yr6y0/uNFqB
c7RC9A/mLUwUbIkuwuNevm9P9X4U7y5TY3ABL9bOjTGVDBKERXfEgl9ioHpc9BIj
TUtm+9rMdVtrROJKTTGy9oJBVeIjnQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFBGG
lr8X2buqwPh0NW5STm+WUxxUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRjE4MTdFRTM1OTExMUYxQjJEMzU3MTlDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCnOU4AwQCnOnYAwQCnO+AMA0G
CSqGSIb3DQEBCwUAA4IBAQB+pHoF6G+eJlQqa2cr1bgjQUJgcf/KPGSz3/hBc2dp
FatQM2HJMmlG+kXRQTIxWvwT40xggYWAFCMpkE/6ySgoznzkCPu+HaUyw57gUwWl
qQ5YFq48chJciNN75cFV0jCt8g7n4A91ENo2E5DWxKU+9J59KNEW6Rxrw23SXqOz
dZGoB716MfbEpHqHizNYoekqtWU+G0q8TyWApcXghBZaJFkijD2Omv4e/KaFzDhU
fgg+OoqH3Q+nMRP2qhYc7RLvhV/deY5gtEZXbCWNJbGyKt3Z6lm0To6/Uxepx8EF
+y2FXM2aDisjL29suzjskj21Z57j9Rbs3SnuT62DHIaD
-----END CERTIFICATE-----
Generated at Sat Apr 18 14:28:29 2026 by rpki-client