Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D68238F43A5B11F1AF2448DFCE1D38B0.roa
File: D68238F43A5B11F1AF2448DFCE1D38B0.roa (raw, json)
Hash identifier: osuXOPKdD0fL5jnIOb79+4yRme/B8vHpcwcKEYgsB8Y=
Subject key identifier: 8E:7C:63:43:29:6D:78:B7:F6:02:A2:BC:8E:CD:33:30:C8:A1:61:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AD6E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D68238F43A5B11F1AF2448DFCE1D38B0.roa
Signing time: Fri 17 Apr 2026 12:49:14 +0000
ROA not before: Fri 17 Apr 2026 12:49:10 +0000
ROA not after: Sun 24 May 2026 12:49:10 +0000
asID: 395886
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109934 (0x1ad6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 17 12:49:10 2026 GMT
Not After : May 24 12:49:10 2026 GMT
Subject: CN=69e22c4a-f6d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:64:d4:6e:d1:ea:07:9d:50:88:43:86:3f:f4:
f2:4b:f7:7c:d9:4f:82:7f:a0:c1:12:ce:32:f1:4a:
df:3c:5c:d7:ad:42:62:03:1a:4f:df:0f:37:af:db:
d3:ee:02:78:a1:25:a6:5e:8a:53:10:5b:60:2e:75:
ca:b5:8b:53:36:aa:a1:26:ea:2b:d3:b2:9d:09:b2:
90:93:c0:93:83:87:10:7f:df:9c:d8:3d:f4:64:7c:
f2:5f:69:9c:3a:62:a8:b6:49:cd:44:73:e6:a4:14:
e0:42:d6:e4:de:8e:13:ff:22:99:8a:8b:d8:e5:f8:
4c:57:54:6e:2c:03:44:b7:e6:b1:26:49:fa:fc:7b:
2e:fe:d1:06:bb:4a:7b:e6:dc:9b:3c:dd:02:41:a5:
fd:74:66:a0:80:07:04:17:f2:11:53:7b:07:ae:1c:
94:1c:8e:29:01:7e:d1:aa:8a:08:f4:ae:d5:1e:92:
64:01:39:46:50:3a:39:44:2b:29:96:21:69:0b:8d:
08:54:85:54:e3:54:14:bf:fe:dd:35:65:24:09:ae:
c8:e9:5f:84:d8:89:8b:0e:06:1c:3a:60:6c:41:b4:
58:9d:8a:0e:62:46:a8:e4:00:51:24:57:60:af:f6:
5a:89:f1:ea:c1:c7:73:df:69:53:a9:c7:4b:e7:6d:
f8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:7C:63:43:29:6D:78:B7:F6:02:A2:BC:8E:CD:33:30:C8:A1:61:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D68238F43A5B11F1AF2448DFCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.51.255
Signature Algorithm: sha256WithRSAEncryption
2b:65:90:a8:65:50:58:16:e8:b9:8e:94:2a:9e:83:12:9e:4b:
f8:ae:38:c7:90:a1:d6:b2:cd:aa:95:dc:7b:67:9e:c8:49:c4:
07:d1:82:73:08:d2:b9:b7:fd:b1:91:01:94:75:69:77:93:fc:
86:91:07:0c:2d:d6:c3:13:b5:fe:90:d9:62:c7:bc:a4:bf:26:
55:80:1d:74:75:37:38:af:89:9d:79:37:db:de:0e:55:23:e3:
f8:03:59:be:8d:d4:1f:e9:b2:d2:eb:48:e5:ce:cb:34:b8:84:
0b:a6:0f:09:f3:4b:77:27:c7:b1:4c:43:22:df:36:11:2f:ae:
eb:e3:d8:b2:7d:41:17:8f:61:cd:6e:ed:16:91:ce:7f:0f:ee:
6c:ee:d7:77:5b:cc:b3:4d:c0:96:9d:78:16:4f:52:97:4b:33:
25:0d:c1:6c:05:e6:8a:24:31:1e:57:bc:eb:e4:0a:5c:15:ad:
6f:91:d2:7d:86:b5:6a:ac:34:ec:8e:ad:00:69:e7:99:84:25:
20:50:c8:29:8f:68:31:78:c5:7b:bb:43:82:1b:0d:ad:35:a5:
15:32:e4:5e:04:da:2f:96:0c:a4:f2:19:f2:70:72:68:23:7c:
c8:ab:67:1e:5e:0a:5d:d7:a0:dc:f3:82:74:49:36:d8:f2:67:
3e:ec:a5:15
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAa1uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDE3MTI0OTEwWhcNMjYwNTI0MTI0OTEwWjAYMRYw
FAYDVQQDEw02OWUyMmM0YS1mNmQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0WTUbtHqB51QiEOGP/TyS/d82U+Cf6DBEs4y8UrfPFzXrUJiAxpP3w83
r9vT7gJ4oSWmXopTEFtgLnXKtYtTNqqhJuor07KdCbKQk8CTg4cQf9+c2D30ZHzy
X2mcOmKotknNRHPmpBTgQtbk3o4T/yKZiovY5fhMV1RuLANEt+axJkn6/Hsu/tEG
u0p75tybPN0CQaX9dGaggAcEF/IRU3sHrhyUHI4pAX7RqooI9K7VHpJkATlGUDo5
RCspliFpC40IVIVU41QUv/7dNWUkCa7I6V+E2ImLDgYcOmBsQbRYnYoOYkao5ABR
JFdgr/ZaifHqwcdz32lTqcdL5234swIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI58
Y0MpbXi39gKivI7NMzDIoWFJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENjgyMzhGNDNBNUIxMUYxQUYyNDQ4REZDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAKc7zAwDQYJKoZI
hvcNAQELBQADggEBACtlkKhlUFgW6LmOlCqegxKeS/iuOMeQodayzaqV3HtnnshJ
xAfRgnMI0rm3/bGRAZR1aXeT/IaRBwwt1sMTtf6Q2WLHvKS/JlWAHXR1NziviZ15
N9veDlUj4/gDWb6N1B/pstLrSOXOyzS4hAumDwnzS3cnx7FMQyLfNhEvruvj2LJ9
QRePYc1u7RaRzn8P7mzu13dbzLNNwJadeBZPUpdLMyUNwWwF5ookMR5XvOvkClwV
rW+R0n2GtWqsNOyOrQBp55mEJSBQyCmPaDF4xXu7Q4IbDa01pRUy5F4E2i+WDKTy
GfJwcmgjfMirZx5eCl3XoNzzgnRJNtjyZz7spRU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:55:48 2026 by rpki-client