Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8254675634AD11F1886FEEA7CE1D38B0.roa
File: 8254675634AD11F1886FEEA7CE1D38B0.roa (raw, json)
Hash identifier: w2sCo1H8LXo6sYhok9W9L5Wm8ErB4d3Y5oe4m6+sv3k=
Subject key identifier: 73:94:DC:8F:03:F5:B3:A1:BC:F1:E1:B9:9D:86:CB:2D:EA:40:EC:98
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AB9A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8254675634AD11F1886FEEA7CE1D38B0.roa
Signing time: Fri 10 Apr 2026 07:18:45 +0000
ROA not before: Fri 10 Apr 2026 07:18:40 +0000
ROA not after: Sat 17 Apr 2027 07:18:40 +0000
asID: 46071
IP address blocks: 156.238.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109466 (0x1ab9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 10 07:18:40 2026 GMT
Not After : Apr 17 07:18:40 2027 GMT
Subject: CN=69d8a455-3e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cf:14:9d:d5:36:be:4e:81:10:e2:0f:ae:7e:
d7:18:8f:50:18:8f:87:73:fb:f7:4d:00:23:26:f5:
0c:57:33:b5:c9:ab:26:7e:6c:e8:ec:a1:30:c6:0a:
d7:5d:42:ec:bd:cf:90:2b:d6:db:2e:e6:6e:dd:85:
d4:2a:47:a6:30:61:0d:13:b1:89:aa:02:6d:fc:9e:
e3:76:c3:47:b4:f6:c7:32:dc:d8:fa:3e:21:e9:58:
b6:50:6b:25:9a:8f:36:f0:4d:39:e2:b2:55:89:b0:
0f:29:19:07:1d:65:ac:19:dc:ba:4a:7e:64:a7:f4:
72:6c:b0:81:b1:4f:d7:7b:65:d5:2f:cb:da:cd:61:
71:02:e8:1d:cb:3f:4c:77:5e:7a:cf:34:d8:52:fb:
80:a4:f0:f3:b9:0e:c4:25:55:f8:76:34:f5:4a:35:
fd:ce:e5:06:48:2a:0b:89:0d:a7:f2:74:71:cd:9d:
58:28:17:cc:f0:de:2d:a4:0b:29:b9:5f:87:65:73:
5b:73:d4:0d:27:c2:0c:7a:90:1b:c1:3d:a5:20:fe:
bf:c4:02:6f:72:87:55:2f:4b:fd:2a:8e:df:bf:6d:
f6:6d:10:1a:e0:f0:d6:1a:0d:1b:2b:98:77:84:8c:
9a:ad:f6:1b:7d:3a:ef:c4:97:6a:26:e2:dd:b0:bc:
4a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:94:DC:8F:03:F5:B3:A1:BC:F1:E1:B9:9D:86:CB:2D:EA:40:EC:98
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8254675634AD11F1886FEEA7CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.17.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:2b:63:3d:66:43:61:3d:2d:9c:ec:50:73:2d:a3:f9:0a:1d:
af:32:61:f6:98:20:b2:e0:b3:31:2f:e1:ae:a0:4a:f8:c2:f2:
04:39:d0:88:25:41:06:7f:d7:79:d9:76:42:24:83:d9:8b:78:
9c:09:80:4f:51:47:9b:00:06:81:29:0c:dd:cc:52:cf:b7:57:
d1:5c:3f:2d:3a:c1:bf:0d:71:e5:c5:88:7b:45:de:24:0f:ba:
5b:dd:5d:4d:9e:10:53:d0:36:13:0f:94:82:03:7d:83:ec:41:
c7:10:9a:91:64:bf:b8:77:0f:c8:84:45:f1:65:61:9b:af:2d:
eb:5c:47:71:57:d5:89:5d:b0:97:b7:c8:8d:0c:e5:00:37:57:
38:6d:a9:42:c6:64:22:fb:78:9a:ad:5c:8f:e7:72:5c:6e:57:
14:9e:96:62:56:66:6c:8e:52:96:51:61:e4:8d:8d:74:80:16:
66:a7:c3:08:a0:b3:fe:4d:e3:21:94:61:1d:7c:24:8f:2b:27:
27:20:d7:9d:70:92:fd:77:4c:c4:12:c4:10:da:79:35:39:c6:
fd:48:ed:f4:0d:39:f3:9d:33:25:23:14:dc:cb:0e:f8:d9:ef:
a5:75:52:c0:cc:2b:19:07:8e:28:f1:8d:60:1e:9f:a9:56:0b:
28:86:48:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAauaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDEwMDcxODQwWhcNMjcwNDE3MDcxODQwWjAYMRYw
FAYDVQQDEw02OWQ4YTQ1NS0zZTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqM8UndU2vk6BEOIPrn7XGI9QGI+Hc/v3TQAjJvUMVzO1yasmfmzo7KEw
xgrXXULsvc+QK9bbLuZu3YXUKkemMGENE7GJqgJt/J7jdsNHtPbHMtzY+j4h6Vi2
UGslmo828E054rJVibAPKRkHHWWsGdy6Sn5kp/RybLCBsU/Xe2XVL8vazWFxAugd
yz9Md156zzTYUvuApPDzuQ7EJVX4djT1SjX9zuUGSCoLiQ2n8nRxzZ1YKBfM8N4t
pAspuV+HZXNbc9QNJ8IMepAbwT2lIP6/xAJvcodVL0v9Ko7fv232bRAa4PDWGg0b
K5h3hIyarfYbfTrvxJdqJuLdsLxK/QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHOU
3I8D9bOhvPHhuZ2Gyy3qQOyYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MjU0Njc1NjM0QUQxMUYxODg2RkVFQTdDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO4RMA0GCSqGSIb3DQEBCwUA
A4IBAQBvK2M9ZkNhPS2c7FBzLaP5Ch2vMmH2mCCy4LMxL+GuoEr4wvIEOdCIJUEG
f9d52XZCJIPZi3icCYBPUUebAAaBKQzdzFLPt1fRXD8tOsG/DXHlxYh7Rd4kD7pb
3V1NnhBT0DYTD5SCA32D7EHHEJqRZL+4dw/IhEXxZWGbry3rXEdxV9WJXbCXt8iN
DOUAN1c4balCxmQi+3iarVyP53JcblcUnpZiVmZsjlKWUWHkjY10gBZmp8MIoLP+
TeMhlGEdfCSPKycnINedcJL9d0zEEsQQ2nk1Ocb9SO30DTnznTMlIxTcyw742e+l
dVLAzCsZB44o8Y1gHp+pVgsohkhV
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:10:55 2026 by rpki-client