Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/943784A8332211F1A55708E1CE1D38B0.roa
File: 943784A8332211F1A55708E1CE1D38B0.roa (raw, json)
Hash identifier: a+n2bzxxKBiT3WhRcO5S161ElgsjH0pi1ot/0CEco1c=
Subject key identifier: 59:CB:02:D9:A6:B8:82:F9:1C:70:AA:BE:52:8F:71:A3:90:A4:F9:F1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AAEE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/943784A8332211F1A55708E1CE1D38B0.roa
Signing time: Wed 08 Apr 2026 08:11:44 +0000
ROA not before: Wed 08 Apr 2026 08:11:35 +0000
ROA not after: Fri 08 May 2026 08:11:35 +0000
asID: 271907
IP address blocks: 156.238.73.0/24 maxlen: 24
156.238.74.0/24 maxlen: 24
156.238.75.0/24 maxlen: 24
156.238.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109294 (0x1aaee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 8 08:11:35 2026 GMT
Not After : May 8 08:11:35 2026 GMT
Subject: CN=69d60dc0-bcac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:74:73:e7:ef:9a:77:8b:cf:ef:5a:e7:e7:c5:
ce:7d:a2:25:68:4d:f7:e5:57:ed:47:8b:d1:ca:ae:
09:7b:f6:aa:88:98:7f:3c:2a:5e:e6:a6:25:6e:33:
ed:d2:93:4a:86:a9:84:f9:3b:60:b9:df:86:51:cf:
50:30:6a:fb:a8:bb:60:cc:fe:b1:74:f9:dd:86:df:
c6:97:c3:fa:55:b5:de:03:67:ba:41:c4:0b:07:8a:
f7:38:75:9b:9d:70:0b:9f:3c:a3:ff:2b:4a:6f:2e:
24:57:0b:6a:50:64:bd:f8:ca:d2:61:54:c6:9b:05:
05:d2:b3:4e:e1:2d:7c:95:84:5b:23:f7:58:bb:be:
53:af:99:45:60:bf:ed:79:7b:cf:2d:3c:b6:ac:23:
9f:56:48:ed:d5:44:d8:f5:b4:15:c2:dd:21:2f:ac:
e4:15:a2:b8:d5:8d:14:8b:ff:d9:ef:24:73:81:c7:
b3:36:1e:28:fd:e9:ec:b8:d8:ee:cd:2f:61:cc:39:
cc:de:db:17:bf:fa:60:94:17:40:c6:2d:10:e0:5e:
0a:15:48:6e:ae:dd:77:0b:ce:db:ed:65:ad:85:d0:
c2:3d:03:e0:59:79:bd:5c:a3:3c:e6:a0:1f:10:57:
2c:88:82:76:3b:3e:ce:0a:c7:39:37:7c:bc:12:56:
3c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:CB:02:D9:A6:B8:82:F9:1C:70:AA:BE:52:8F:71:A3:90:A4:F9:F1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/943784A8332211F1A55708E1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.73.0-156.238.76.255
Signature Algorithm: sha256WithRSAEncryption
48:ec:82:bd:5a:01:d9:57:a5:2a:8d:f8:17:01:18:4b:2a:e3:
f4:f0:e1:79:d3:19:d7:65:3a:ef:14:b5:31:71:f9:42:a8:94:
e4:64:9a:df:2a:ce:f9:c2:a4:f1:93:93:f7:11:dc:f4:7e:52:
2f:c2:11:a6:52:92:eb:9b:22:37:72:64:93:03:bc:18:ac:6f:
14:51:a3:84:2f:fb:25:d8:0e:30:a1:68:41:30:2d:77:72:27:
12:db:3d:e2:20:36:2a:dd:c7:37:18:c1:0a:c4:23:b6:4b:8d:
5d:c9:80:32:fa:bd:d6:81:cf:56:73:02:e7:c9:60:d3:cb:e0:
d3:cf:15:5a:7e:90:e9:18:06:ec:ef:f6:38:75:53:ba:f5:2a:
90:40:64:9d:ba:ad:45:02:cb:b8:80:17:63:85:a0:ee:09:a8:
f1:a3:15:70:a9:c6:f7:00:60:6b:30:84:11:17:7e:4e:84:13:
b3:11:64:be:8d:0f:4d:9c:3c:ce:17:5a:59:63:3f:5c:17:13:
35:22:de:37:d6:a5:88:95:e3:91:62:56:a4:1f:17:09:da:f7:
61:5d:a1:18:6e:49:63:1d:d4:76:7b:08:74:9d:cf:26:89:3b:
4d:ab:8e:a0:0c:8d:7b:91:58:f1:92:c9:3a:30:df:2d:c2:04:
dc:bc:17:d2
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAaruMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDA4MDgxMTM1WhcNMjYwNTA4MDgxMTM1WjAYMRYw
FAYDVQQDEw02OWQ2MGRjMC1iY2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3XRz5++ad4vP71rn58XOfaIlaE335VftR4vRyq4Je/aqiJh/PCpe5qYl
bjPt0pNKhqmE+Ttgud+GUc9QMGr7qLtgzP6xdPndht/Gl8P6VbXeA2e6QcQLB4r3
OHWbnXALnzyj/ytKby4kVwtqUGS9+MrSYVTGmwUF0rNO4S18lYRbI/dYu75Tr5lF
YL/teXvPLTy2rCOfVkjt1UTY9bQVwt0hL6zkFaK41Y0Ui//Z7yRzgcezNh4o/ens
uNjuzS9hzDnM3tsXv/pglBdAxi0Q4F4KFUhurt13C87b7WWthdDCPQPgWXm9XKM8
5qAfEFcsiIJ2Oz7OCsc5N3y8ElY8qQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFnL
AtmmuIL5HHCqvlKPcaOQpPnxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NDM3ODRBODMzMjIxMUYxQTU1NzA4RTFDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc7kkDBACc7kwwDQYJKoZI
hvcNAQELBQADggEBAEjsgr1aAdlXpSqN+BcBGEsq4/Tw4XnTGddlOu8UtTFx+UKo
lORkmt8qzvnCpPGTk/cR3PR+Ui/CEaZSkuubIjdyZJMDvBisbxRRo4Qv+yXYDjCh
aEEwLXdyJxLbPeIgNirdxzcYwQrEI7ZLjV3JgDL6vdaBz1ZzAufJYNPL4NPPFVp+
kOkYBuzv9jh1U7r1KpBAZJ26rUUCy7iAF2OFoO4JqPGjFXCpxvcAYGswhBEXfk6E
E7MRZL6ND02cPM4XWlljP1wXEzUi3jfWpYiV45FiVqQfFwna92FdoRhuSWMd1HZ7
CHSdzyaJO02rjqAMjXuRWPGSyTow3y3CBNy8F9I=
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:25:43 2026 by rpki-client