Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C8B6AA83A5C11F184AAADDFCE1D38B0.roa
File: 3C8B6AA83A5C11F184AAADDFCE1D38B0.roa (raw, json)
Hash identifier: De/nt6HZhACsd0HKj7w/D11QEWMnTsq/5TRo3rFcA9s=
Subject key identifier: 4B:E0:24:C8:E1:AA:47:D8:27:98:D0:D0:44:F8:33:BC:D7:85:BB:9B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AD70
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C8B6AA83A5C11F184AAADDFCE1D38B0.roa
Signing time: Fri 17 Apr 2026 12:52:06 +0000
ROA not before: Fri 17 Apr 2026 12:52:00 +0000
ROA not after: Sun 24 May 2026 12:52:00 +0000
asID: 8796
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109936 (0x1ad70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 17 12:52:00 2026 GMT
Not After : May 24 12:52:00 2026 GMT
Subject: CN=69e22cf5-acda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c1:f9:1d:6d:5e:f7:34:36:5d:65:ae:aa:e8:
fc:00:ae:7a:3a:16:a9:e1:51:ea:b9:82:b9:b2:e2:
ca:76:c8:1a:b0:6c:7f:7f:02:27:5c:19:66:3d:96:
cc:0f:fd:fa:c9:47:c3:41:e4:f5:54:3d:a0:7d:31:
f9:c5:68:9c:06:5f:79:f4:4a:cc:1e:e1:a8:80:a6:
0d:03:46:fb:1c:5c:3d:cd:47:2e:06:c6:c2:81:1b:
d0:05:36:1b:f9:ab:05:81:46:37:c1:bf:2d:89:cd:
ad:ef:38:30:30:16:fa:9a:4f:32:d0:51:54:fc:cd:
83:33:39:70:18:4d:d6:95:af:6d:a6:10:da:64:9d:
ea:f0:fc:a1:ac:d9:c3:76:13:d5:76:17:28:19:69:
cb:87:a7:eb:34:f3:e0:74:1f:0a:d3:7b:82:ca:0e:
13:7f:55:f8:ba:40:41:f9:fa:10:4c:57:e4:1a:35:
0a:20:69:03:f8:49:eb:1a:3b:d5:f6:b6:07:9b:ea:
9b:05:af:86:48:68:92:8d:9b:3e:da:43:40:6c:e3:
9d:62:71:d6:37:7b:26:12:d8:32:6d:e1:cb:fb:d3:
55:3d:fb:1d:b2:c7:ab:9d:05:34:2d:db:0e:57:b3:
2b:34:d8:21:18:16:e3:1a:d8:92:92:e8:6f:6b:b5:
c4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E0:24:C8:E1:AA:47:D8:27:98:D0:D0:44:F8:33:BC:D7:85:BB:9B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C8B6AA83A5C11F184AAADDFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
Signature Algorithm: sha256WithRSAEncryption
75:94:15:66:e1:a4:49:77:3d:7e:63:bc:f3:13:87:64:d7:c4:
60:91:1a:3c:29:58:24:8e:87:9d:ae:9b:c2:18:65:bf:39:01:
d5:51:d9:73:56:34:71:96:03:8f:d0:c8:d7:c4:b9:2c:36:6a:
81:b3:10:32:d3:fa:87:d4:b0:4c:48:d1:c8:0e:8e:8f:6f:7d:
38:ba:58:e2:14:74:8e:0a:fa:33:26:55:55:72:90:b0:c1:39:
1e:9c:b9:9e:b8:b2:52:53:38:c2:1b:a4:c0:43:93:a3:3d:b0:
66:02:20:4b:57:1f:36:67:74:2b:b1:5f:fa:a7:d3:fa:b3:56:
c1:48:4c:1e:cc:45:de:dd:c5:2b:14:72:2b:d4:36:86:3f:d6:
b8:a9:d4:c3:36:dc:11:aa:e1:dd:3e:75:8e:c2:ee:71:a2:ae:
96:a6:02:e1:9f:04:44:df:4e:a9:eb:0f:d4:97:42:75:5c:23:
94:47:89:5a:5a:ca:50:2f:7e:1a:5c:d9:79:76:fd:fc:ea:64:
a4:fa:61:bb:86:35:df:50:3b:72:15:ac:d0:5d:7b:f4:c4:7a:
fd:d1:66:86:be:b0:f4:f0:84:31:5b:3e:09:98:11:50:80:02:
a2:c3:8d:92:9e:69:89:34:48:83:be:c7:a3:5b:68:ff:1a:a6:
95:64:31:1c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAa1wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDE3MTI1MjAwWhcNMjYwNTI0MTI1MjAwWjAYMRYw
FAYDVQQDEw02OWUyMmNmNS1hY2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnMH5HW1e9zQ2XWWuquj8AK56Ohap4VHquYK5suLKdsgasGx/fwInXBlm
PZbMD/36yUfDQeT1VD2gfTH5xWicBl959ErMHuGogKYNA0b7HFw9zUcuBsbCgRvQ
BTYb+asFgUY3wb8tic2t7zgwMBb6mk8y0FFU/M2DMzlwGE3Wla9tphDaZJ3q8Pyh
rNnDdhPVdhcoGWnLh6frNPPgdB8K03uCyg4Tf1X4ukBB+foQTFfkGjUKIGkD+Enr
GjvV9rYHm+qbBa+GSGiSjZs+2kNAbOOdYnHWN3smEtgybeHL+9NVPfsdssernQU0
LdsOV7MrNNghGBbjGtiSkuhva7XEfwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEvg
JMjhqkfYJ5jQ0ET4M7zXhbubMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQzhCNkFBODNBNUMxMUYxODRBQUFEREZDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAGc7zQwDQYJKoZI
hvcNAQELBQADggEBAHWUFWbhpEl3PX5jvPMTh2TXxGCRGjwpWCSOh52um8IYZb85
AdVR2XNWNHGWA4/QyNfEuSw2aoGzEDLT+ofUsExI0cgOjo9vfTi6WOIUdI4K+jMm
VVVykLDBOR6cuZ64slJTOMIbpMBDk6M9sGYCIEtXHzZndCuxX/qn0/qzVsFITB7M
Rd7dxSsUcivUNoY/1rip1MM23BGq4d0+dY7C7nGirpamAuGfBETfTqnrD9SXQnVc
I5RHiVpaylAvfhpc2Xl2/fzqZKT6YbuGNd9QO3IVrNBde/TEev3RZoa+sPTwhDFb
PgmYEVCAAqLDjZKeaYk0SIO+x6NbaP8appVkMRw=
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:01:37 2026 by rpki-client