Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0D42D8E2C0D11F1B102A6EADAE4EC9C.roa
File: C0D42D8E2C0D11F1B102A6EADAE4EC9C.roa (raw, json)
Hash identifier: dNEERTQi62UfF6B+qQOJA8ith/vJpgMHpfAh4uxwHGs=
Subject key identifier: DF:71:69:F0:DE:03:65:2A:38:31:7F:9D:9F:0B:CF:71:29:1B:59:CF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A8B2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0D42D8E2C0D11F1B102A6EADAE4EC9C.roa
Signing time: Mon 30 Mar 2026 07:55:01 +0000
ROA not before: Mon 30 Mar 2026 07:54:56 +0000
ROA not after: Sat 25 Apr 2026 07:54:56 +0000
asID: 139613
IP address blocks: 156.226.208.0/23 maxlen: 24
156.233.205.0/24 maxlen: 24
156.233.206.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108722 (0x1a8b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 30 07:54:56 2026 GMT
Not After : Apr 25 07:54:56 2026 GMT
Subject: CN=69ca2c55-5b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4c:5a:52:a6:3a:87:74:d0:f1:d5:12:e4:80:
88:db:fa:b8:2b:1c:66:fc:8f:2b:f1:99:0e:ae:87:
fd:1a:fa:ec:e9:83:8b:1f:d0:ee:e7:a2:6d:62:81:
a2:2a:65:c5:83:37:b8:49:dc:bd:56:aa:36:b6:3e:
36:a2:ad:48:43:c2:e3:d2:de:af:37:57:db:8c:7f:
6d:b2:a1:80:f0:4d:93:98:c5:db:55:35:3b:7e:1a:
aa:6c:ed:0e:77:28:2a:41:68:38:10:10:a8:65:97:
8c:e1:fc:12:72:bf:68:d0:10:f5:bb:3d:86:80:aa:
e5:40:76:43:eb:0a:49:ab:91:c4:05:84:9b:30:fd:
4c:35:d8:1b:be:87:7e:a0:55:eb:6a:56:29:db:22:
2d:50:b4:39:1a:49:85:7c:9f:f7:2e:63:6d:05:66:
6b:c3:28:05:1b:fb:4f:86:0d:db:ab:8e:8c:8b:dd:
62:e9:a9:37:45:3a:8e:18:10:28:10:15:4b:bb:57:
90:a5:07:59:38:92:1f:03:98:98:d9:a1:bd:f1:d7:
c6:ce:c9:c8:d9:f5:e5:3f:52:e5:5e:1d:64:da:4e:
e0:5b:60:f2:a1:a7:61:57:bf:d5:22:ec:93:62:b3:
25:15:c9:a7:81:65:8e:f1:35:10:e9:a7:2c:fe:0f:
82:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:71:69:F0:DE:03:65:2A:38:31:7F:9D:9F:0B:CF:71:29:1B:59:CF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0D42D8E2C0D11F1B102A6EADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.208.0/23
156.233.205.0-156.233.207.255
Signature Algorithm: sha256WithRSAEncryption
95:5c:3d:4f:25:5d:31:8b:7c:13:75:e9:7f:76:7f:fc:bf:d2:
d6:ca:1d:22:b6:88:dd:21:09:42:97:e3:44:a0:95:e0:10:de:
ad:10:60:ee:f8:83:ec:f6:cc:78:f4:07:29:39:a0:13:66:bf:
18:8e:08:e1:c7:e0:6f:21:3e:ae:3c:5b:9c:54:f9:d8:36:47:
22:46:79:a3:04:ab:39:69:c0:2a:55:25:80:ae:19:38:70:9c:
a7:2b:f3:94:f2:ce:9a:e6:b2:ca:c7:32:8b:ae:7d:77:bd:b4:
99:e5:f7:fd:2a:ba:29:00:29:e0:bb:ea:e6:3b:c1:e0:0a:70:
14:5b:35:9a:f3:5c:90:ed:e1:e6:f8:ba:29:e2:e8:54:7b:15:
45:35:d7:5f:9f:b8:f5:49:38:5f:d1:28:6b:c9:0f:12:49:cd:
9f:f7:0f:5d:d1:97:53:b7:11:31:6a:f3:7b:56:73:77:d5:cb:
77:09:1d:70:e3:8e:70:94:ba:35:cc:fd:ca:b0:5a:e3:95:ae:
34:a7:16:03:6b:51:de:96:7d:1e:fe:b8:9c:cb:59:76:1f:a5:
52:bd:df:8c:99:93:4d:7f:51:5a:8b:1f:51:04:e1:0d:bc:c2:
7b:ca:ae:28:97:40:6e:2b:01:e3:be:16:5e:5d:fd:d6:99:b0:
b7:36:51:ae
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAaiyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzMwMDc1NDU2WhcNMjYwNDI1MDc1NDU2WjAYMRYw
FAYDVQQDEw02OWNhMmM1NS01Yjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArkxaUqY6h3TQ8dUS5ICI2/q4Kxxm/I8r8ZkOrof9Gvrs6YOLH9Du56Jt
YoGiKmXFgze4Sdy9Vqo2tj42oq1IQ8Lj0t6vN1fbjH9tsqGA8E2TmMXbVTU7fhqq
bO0OdygqQWg4EBCoZZeM4fwScr9o0BD1uz2GgKrlQHZD6wpJq5HEBYSbMP1MNdgb
vod+oFXralYp2yItULQ5GkmFfJ/3LmNtBWZrwygFG/tPhg3bq46Mi91i6ak3RTqO
GBAoEBVLu1eQpQdZOJIfA5iY2aG98dfGzsnI2fXlP1LlXh1k2k7gW2DyoadhV7/V
IuyTYrMlFcmngWWO8TUQ6acs/g+CCwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFN9x
afDeA2UqODF/nZ8Lz3EpG1nPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMEQ0MkQ4RTJDMEQxMUYxQjEwMkE2RUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBnOLQMAwDBACc6c0DBASc6cAw
DQYJKoZIhvcNAQELBQADggEBAJVcPU8lXTGLfBN16X92f/y/0tbKHSK2iN0hCUKX
40SgleAQ3q0QYO74g+z2zHj0Byk5oBNmvxiOCOHH4G8hPq48W5xU+dg2RyJGeaME
qzlpwCpVJYCuGThwnKcr85TyzprmssrHMouufXe9tJnl9/0quikAKeC76uY7weAK
cBRbNZrzXJDt4eb4uini6FR7FUU111+fuPVJOF/RKGvJDxJJzZ/3D13Rl1O3ETFq
83tWc3fVy3cJHXDjjnCUujXM/cqwWuOVrjSnFgNrUd6WfR7+uJzLWXYfpVK934yZ
k01/UVqLH1EE4Q28wnvKriiXQG4rAeO+Fl5d/daZsLc2Ua4=
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:01:39 2026 by rpki-client