Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/429BEC88331D11F1B7F13DC1CE1D38B0.roa
File: 429BEC88331D11F1B7F13DC1CE1D38B0.roa (raw, json)
Hash identifier: 5uPeCdBlOV+jbH23EH007qeRfq3kFM87WFrPjH451MQ=
Subject key identifier: 50:D8:3B:37:2E:64:76:DE:1A:5B:C4:DB:62:20:7D:7B:2F:96:6A:5C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AAE5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/429BEC88331D11F1B7F13DC1CE1D38B0.roa
Signing time: Wed 08 Apr 2026 07:33:44 +0000
ROA not before: Wed 08 Apr 2026 07:33:30 +0000
ROA not after: Fri 08 May 2026 07:33:30 +0000
asID: 198247
IP address blocks: 156.238.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109285 (0x1aae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 8 07:33:30 2026 GMT
Not After : May 8 07:33:30 2026 GMT
Subject: CN=69d604d8-2b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1f:1f:b0:56:4a:53:55:5e:bf:9e:a6:7c:84:
f2:02:95:b0:b4:d6:84:b6:8c:c8:c6:a5:99:b6:c4:
c4:f5:c2:06:71:99:77:4a:9f:fa:0c:bd:bb:68:19:
47:27:09:f7:1c:46:0c:c9:ac:33:df:02:c0:80:54:
b4:f0:82:b2:18:fa:d8:55:f8:83:be:5d:7b:45:5f:
1c:58:d5:75:87:4a:d9:c4:82:bf:99:9a:13:04:66:
54:fe:8b:57:8e:31:45:07:25:4e:3d:d5:40:2d:d4:
ce:30:06:16:f8:bf:70:e4:52:ff:7a:2b:8c:b0:45:
f6:db:88:1f:26:fc:92:5b:3d:4f:65:8b:df:56:e3:
18:17:b8:4b:95:ed:a7:28:15:08:ab:2e:3c:06:53:
20:9c:93:4c:01:92:47:c1:1e:4c:3c:65:da:b3:01:
9d:70:dd:7c:a1:c9:bc:20:0f:8f:17:82:66:0c:9e:
19:49:0d:52:99:b2:a4:59:fb:66:8d:09:db:61:e6:
b0:ec:30:e0:bc:2c:a0:14:e5:dd:0b:8d:ef:de:2c:
11:43:05:b1:9d:79:26:eb:dd:22:64:1e:a3:c1:e3:
57:98:6c:a4:1a:72:ca:6b:c7:49:2f:e7:b3:1e:23:
37:22:4a:8c:e9:f7:cf:b7:fa:f9:ed:ec:81:a9:49:
85:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D8:3B:37:2E:64:76:DE:1A:5B:C4:DB:62:20:7D:7B:2F:96:6A:5C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/429BEC88331D11F1B7F13DC1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.84.0/24
Signature Algorithm: sha256WithRSAEncryption
92:50:d2:26:13:f1:f8:bb:4f:6e:da:63:a4:93:f9:e7:00:5e:
e9:1c:7f:79:72:66:76:18:4d:e9:dd:12:0f:55:6c:13:36:41:
b0:07:36:ee:45:88:58:f1:30:45:a3:b6:d0:0e:11:5b:7a:fa:
3e:72:10:a4:ee:f3:d8:a9:e2:8b:93:dc:91:e0:71:fc:e1:35:
15:fb:90:4e:d1:02:c4:e6:54:f8:a4:ec:6b:35:38:5c:2d:bc:
1c:e7:90:3a:f8:82:ea:46:7f:9c:21:6c:11:eb:fd:4f:e7:e2:
39:2e:ef:46:5b:db:62:c8:02:30:cc:59:38:13:fd:27:09:6f:
e6:ff:d8:41:5d:e1:b1:bd:9a:cd:a7:1b:f3:d4:ec:67:25:94:
39:24:ba:0e:c4:a0:ec:ff:35:91:e4:38:ab:20:85:21:8c:19:
4b:08:a6:6b:cd:88:6d:01:90:e0:6b:cc:ee:35:2a:bb:88:77:
cb:c0:ab:03:83:ea:df:4c:1d:61:c9:bd:fd:11:92:0d:5c:cc:
43:0d:8e:b0:81:99:d1:05:0b:0d:53:9c:c2:a5:39:20:86:51:
3a:9b:10:d6:66:64:6f:a3:17:cd:ed:1a:33:65:20:b2:c9:57:
bf:78:05:45:2b:13:df:c1:5e:85:53:b1:38:ff:25:f4:e7:55:
e8:21:24:9d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAarlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDA4MDczMzMwWhcNMjYwNTA4MDczMzMwWjAYMRYw
FAYDVQQDEw02OWQ2MDRkOC0yYjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1R8fsFZKU1Vev56mfITyApWwtNaEtozIxqWZtsTE9cIGcZl3Sp/6DL27
aBlHJwn3HEYMyawz3wLAgFS08IKyGPrYVfiDvl17RV8cWNV1h0rZxIK/mZoTBGZU
/otXjjFFByVOPdVALdTOMAYW+L9w5FL/eiuMsEX224gfJvySWz1PZYvfVuMYF7hL
le2nKBUIqy48BlMgnJNMAZJHwR5MPGXaswGdcN18ocm8IA+PF4JmDJ4ZSQ1SmbKk
WftmjQnbYeaw7DDgvCygFOXdC43v3iwRQwWxnXkm690iZB6jweNXmGykGnLKa8dJ
L+ezHiM3IkqM6ffPt/r57eyBqUmFDQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFDY
OzcuZHbeGlvE22IgfXsvlmpcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MjlCRUM4ODMzMUQxMUYxQjdGMTNEQzFDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5UMA0GCSqGSIb3DQEBCwUA
A4IBAQCSUNImE/H4u09u2mOkk/nnAF7pHH95cmZ2GE3p3RIPVWwTNkGwBzbuRYhY
8TBFo7bQDhFbevo+chCk7vPYqeKLk9yR4HH84TUV+5BO0QLE5lT4pOxrNThcLbwc
55A6+ILqRn+cIWwR6/1P5+I5Lu9GW9tiyAIwzFk4E/0nCW/m/9hBXeGxvZrNpxvz
1OxnJZQ5JLoOxKDs/zWR5DirIIUhjBlLCKZrzYhtAZDga8zuNSq7iHfLwKsDg+rf
TB1hyb39EZINXMxDDY6wgZnRBQsNU5zCpTkghlE6mxDWZmRvoxfN7RozZSCyyVe/
eAVFKxPfwV6FU7E4/yX051XoISSd
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:49:54 2026 by rpki-client