Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7AA1582366911F18EF00BC0CE1D38B0.roa
File: B7AA1582366911F18EF00BC0CE1D38B0.roa (raw, json)
Hash identifier: pO3ywo45vCO4vanF16O5hzwI8koDhqvO+jwjEWQCTVI=
Subject key identifier: 37:BE:D8:F9:3F:DD:32:48:C5:12:0C:8B:2E:07:18:F7:AB:D8:5A:98
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AC17
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7AA1582366911F18EF00BC0CE1D38B0.roa
Signing time: Sun 12 Apr 2026 12:18:31 +0000
ROA not before: Sun 12 Apr 2026 12:18:26 +0000
ROA not after: Thu 12 Apr 2029 12:18:26 +0000
asID: 17561
IP address blocks: 156.232.208.0/24 maxlen: 24
156.232.209.0/24 maxlen: 24
156.232.210.0/24 maxlen: 24
156.232.211.0/24 maxlen: 24
156.232.212.0/24 maxlen: 24
156.232.213.0/24 maxlen: 24
156.232.214.0/24 maxlen: 24
156.232.215.0/24 maxlen: 24
156.232.216.0/24 maxlen: 24
156.232.217.0/24 maxlen: 24
156.232.218.0/24 maxlen: 24
156.232.219.0/24 maxlen: 24
156.232.220.0/24 maxlen: 24
156.232.221.0/24 maxlen: 24
156.232.222.0/24 maxlen: 24
156.232.223.0/24 maxlen: 24
156.232.224.0/24 maxlen: 24
156.232.225.0/24 maxlen: 24
156.232.226.0/24 maxlen: 24
156.232.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109591 (0x1ac17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 12 12:18:26 2026 GMT
Not After : Apr 12 12:18:26 2029 GMT
Subject: CN=69db8d97-ad77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a8:50:f6:f5:b7:35:0a:34:f2:6c:ec:17:72:
2a:d0:a0:fb:cc:0e:e8:e9:fa:be:e6:2d:ba:54:34:
7a:31:99:b1:c3:d1:32:0a:31:2f:58:b5:cb:ac:d4:
cc:ea:1a:bb:9d:37:f1:aa:77:a2:4a:01:ed:16:f2:
07:c2:73:b6:74:f8:a1:c8:7a:9b:6a:7b:11:1f:04:
be:aa:6a:e5:06:0f:fe:27:18:67:ce:91:71:8f:9d:
d3:f3:a3:ca:24:17:65:3a:3a:dd:46:2e:9e:d7:f8:
83:92:6b:87:d3:07:68:85:ab:00:66:c8:50:46:c6:
78:4f:b2:03:2b:d3:2a:6c:ed:7a:4a:2d:c2:07:af:
8c:aa:cd:98:ec:d9:81:cf:0a:eb:dc:f1:e6:70:07:
2a:36:85:25:4f:35:3c:9d:6b:5f:47:71:81:c8:c7:
97:d2:a1:68:1b:06:9c:ee:97:fc:dc:a8:4a:2f:a9:
93:d0:c3:e3:d3:50:67:62:61:78:80:28:e1:5c:fc:
34:9a:dd:f6:5e:c1:fd:b4:ca:6f:c1:35:c0:f5:9c:
db:b1:09:6a:71:0c:e1:d8:e0:e3:4f:e0:5b:be:0f:
c6:c4:11:d5:ba:3a:bd:c0:0f:3b:e0:9b:fa:92:79:
14:89:19:f1:93:2c:cc:18:b5:cc:26:cb:04:fe:3d:
a4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BE:D8:F9:3F:DD:32:48:C5:12:0C:8B:2E:07:18:F7:AB:D8:5A:98
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7AA1582366911F18EF00BC0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.208.0-156.232.227.255
Signature Algorithm: sha256WithRSAEncryption
92:38:42:17:d2:79:d5:2e:ad:c9:5e:b1:c2:f3:32:86:4c:e6:
14:93:8d:c8:0f:20:5e:1e:93:a5:7b:41:59:89:84:a0:f4:bd:
a6:66:d1:6f:3f:e9:80:50:7c:14:ee:b5:a5:18:de:35:57:59:
8d:ac:01:12:ff:6b:57:7a:a5:80:84:f1:0c:21:ac:be:c2:91:
27:6d:a1:c3:cf:20:4e:10:b0:2a:11:c0:60:9b:a2:72:95:65:
f8:d2:5d:bb:94:f9:5a:95:2a:92:5f:01:46:c3:76:1f:a4:77:
ca:07:45:3b:90:7b:23:d5:ec:6a:0d:71:02:6d:1b:27:d7:28:
bb:0e:7b:52:9f:51:94:11:e8:f0:16:c0:d3:e0:4c:83:35:d0:
1b:aa:d0:3c:ce:ae:79:39:0b:5e:0c:94:6c:7e:5c:e8:ce:00:
25:f0:3c:e6:01:53:44:98:62:a9:7f:ae:70:e2:c2:d7:4a:e9:
40:6a:27:07:91:b1:fe:b8:82:92:82:d7:7a:7d:2b:7c:08:d4:
bc:04:d3:f4:78:6e:5c:8c:0a:63:53:bd:e4:f2:15:1c:8f:a2:
e7:7c:39:d6:50:f1:bb:f9:f6:67:e9:d0:e0:09:bb:3a:25:d2:
ef:b8:97:47:de:ab:fc:e0:50:71:4e:e1:76:2f:dd:72:9c:6d:
ed:dd:cf:ed
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAawXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDEyMTIxODI2WhcNMjkwNDEyMTIxODI2WjAYMRYw
FAYDVQQDEw02OWRiOGQ5Ny1hZDc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmKhQ9vW3NQo08mzsF3Iq0KD7zA7o6fq+5i26VDR6MZmxw9EyCjEvWLXL
rNTM6hq7nTfxqneiSgHtFvIHwnO2dPihyHqbansRHwS+qmrlBg/+JxhnzpFxj53T
86PKJBdlOjrdRi6e1/iDkmuH0wdohasAZshQRsZ4T7IDK9MqbO16Si3CB6+Mqs2Y
7NmBzwrr3PHmcAcqNoUlTzU8nWtfR3GByMeX0qFoGwac7pf83KhKL6mT0MPj01Bn
YmF4gCjhXPw0mt32XsH9tMpvwTXA9ZzbsQlqcQzh2ODjT+Bbvg/GxBHVujq9wA87
4Jv6knkUiRnxkyzMGLXMJssE/j2kzwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDe+
2Pk/3TJIxRIMiy4HGPer2FqYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CN0FBMTU4MjM2NjkxMUYxOEVGMDBCQzBDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASc6NADBAKc6OAwDQYJKoZI
hvcNAQELBQADggEBAJI4QhfSedUurclescLzMoZM5hSTjcgPIF4ek6V7QVmJhKD0
vaZm0W8/6YBQfBTutaUY3jVXWY2sARL/a1d6pYCE8QwhrL7CkSdtocPPIE4QsCoR
wGCbonKVZfjSXbuU+VqVKpJfAUbDdh+kd8oHRTuQeyPV7GoNcQJtGyfXKLsOe1Kf
UZQR6PAWwNPgTIM10Buq0DzOrnk5C14MlGx+XOjOACXwPOYBU0SYYql/rnDiwtdK
6UBqJweRsf64gpKC13p9K3wI1LwE0/R4blyMCmNTveTyFRyPoud8OdZQ8bv59mfp
0OAJuzol0u+4l0feq/zgUHFO4XYv3XKcbe3dz+0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:09:52 2026 by rpki-client