Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8B89C38331311F1984F7006CF1D38B0.roa
File: E8B89C38331311F1984F7006CF1D38B0.roa (raw, json)
Hash identifier: 26xBTQT7+tS/2ZWJwE+dcGlvHS56RP944WbtPcx8zNY=
Subject key identifier: 22:02:78:FC:0C:B6:46:2B:7A:FA:81:DC:08:A9:BE:D2:1C:B8:A1:FD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AAD9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8B89C38331311F1984F7006CF1D38B0.roa
Signing time: Wed 08 Apr 2026 06:26:44 +0000
ROA not before: Wed 08 Apr 2026 06:26:37 +0000
ROA not after: Fri 08 May 2026 06:26:37 +0000
asID: 131471
IP address blocks: 156.238.64.0/24 maxlen: 24
156.238.65.0/24 maxlen: 24
156.238.66.0/24 maxlen: 24
156.238.67.0/24 maxlen: 24
156.238.68.0/24 maxlen: 24
156.238.69.0/24 maxlen: 24
156.238.70.0/24 maxlen: 24
156.238.71.0/24 maxlen: 24
156.238.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109273 (0x1aad9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 8 06:26:37 2026 GMT
Not After : May 8 06:26:37 2026 GMT
Subject: CN=69d5f523-17be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:15:92:44:98:36:42:8d:1d:1c:6b:d8:68:7d:
a8:12:0a:8a:12:d1:03:0e:0d:b1:e1:bb:21:5f:71:
3b:d3:10:c8:07:2d:62:24:40:cd:b3:09:f1:b0:c1:
72:01:15:02:67:b7:fd:2d:45:9e:36:5e:d8:c9:21:
f9:08:fc:8b:e9:5f:11:77:d5:cb:d9:dd:d0:66:54:
3c:b1:6c:cd:04:c1:3b:55:d0:10:4c:12:38:be:ff:
a8:96:c7:9c:28:a1:71:0e:a5:11:62:5d:21:47:a5:
d0:ce:43:3a:b6:42:4c:1d:77:91:5a:b3:73:0f:31:
05:c0:e9:93:8c:7c:e8:d6:b9:46:87:8a:5d:81:9f:
9d:f1:d4:a3:ce:8b:a4:95:fd:04:63:9b:c3:90:ea:
76:7f:da:2c:89:ba:bc:22:9b:96:2b:9f:80:1d:c9:
82:54:0b:d1:29:99:96:4d:d5:1e:60:ba:3d:89:41:
92:39:3a:e0:68:83:84:99:43:ee:c2:0a:eb:b6:95:
f2:1f:0f:cc:e5:71:7c:aa:19:79:49:fa:78:09:0a:
70:e7:f1:1f:76:70:82:25:04:e5:30:83:4a:25:29:
87:1a:7a:5f:c1:38:5c:68:85:2b:e5:41:9a:4c:e2:
a7:49:6c:e4:37:24:ba:ac:e1:1e:ef:1a:f0:c1:76:
cc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:02:78:FC:0C:B6:46:2B:7A:FA:81:DC:08:A9:BE:D2:1C:B8:A1:FD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8B89C38331311F1984F7006CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.64.0-156.238.72.255
Signature Algorithm: sha256WithRSAEncryption
1e:c2:f2:c4:ec:c9:e8:06:e4:e5:10:c8:83:4a:df:0e:54:e8:
89:cd:66:4c:71:9f:f4:69:2f:d0:11:c3:c3:21:00:38:8d:97:
8b:64:0b:9b:34:1c:85:32:9e:7e:50:9d:19:92:49:68:29:67:
4b:ab:d2:59:b3:df:4d:6a:dd:22:8f:a6:38:23:1f:81:c1:44:
61:eb:ce:03:64:5c:ed:ed:08:d6:5b:59:d6:1f:bd:7d:81:7c:
9e:18:c1:9b:07:d5:da:96:14:19:9f:88:29:28:50:90:bb:69:
7e:62:98:39:03:00:c7:f0:ec:d0:22:07:00:91:b2:19:74:c8:
90:1c:92:c3:04:98:b6:49:d0:a6:f3:b5:a2:bb:cc:0b:8c:85:
3c:b5:d1:6c:af:10:af:61:4a:07:6f:02:e2:1d:55:71:1a:3b:
9d:c4:3f:94:79:5d:9c:32:0f:94:38:e8:d5:cd:48:4c:0c:82:
2e:3a:19:ba:de:76:ab:e6:4c:6f:0c:38:b4:5e:30:4d:84:32:
3c:8c:df:01:ec:ec:d7:90:2d:fb:37:44:32:c8:03:95:1b:d1:
22:7c:cb:13:0f:83:16:12:af:b2:85:25:64:f5:7a:be:c1:a1:
56:b8:80:4b:5f:36:f3:79:c9:20:47:49:cb:74:75:f3:3d:5d:
8a:a6:54:d0
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAarZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDA4MDYyNjM3WhcNMjYwNTA4MDYyNjM3WjAYMRYw
FAYDVQQDEw02OWQ1ZjUyMy0xN2JlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtBWSRJg2Qo0dHGvYaH2oEgqKEtEDDg2x4bshX3E70xDIBy1iJEDNswnx
sMFyARUCZ7f9LUWeNl7YySH5CPyL6V8Rd9XL2d3QZlQ8sWzNBME7VdAQTBI4vv+o
lsecKKFxDqURYl0hR6XQzkM6tkJMHXeRWrNzDzEFwOmTjHzo1rlGh4pdgZ+d8dSj
zouklf0EY5vDkOp2f9osibq8IpuWK5+AHcmCVAvRKZmWTdUeYLo9iUGSOTrgaIOE
mUPuwgrrtpXyHw/M5XF8qhl5Sfp4CQpw5/EfdnCCJQTlMINKJSmHGnpfwThcaIUr
5UGaTOKnSWzkNyS6rOEe7xrwwXbMTwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFCIC
ePwMtkYrevqB3AipvtIcuKH9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOEI4OUMzODMzMTMxMUYxOTg0RjcwMDZDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAac7kADBACc7kgwDQYJKoZI
hvcNAQELBQADggEBAB7C8sTsyegG5OUQyINK3w5U6InNZkxxn/RpL9ARw8MhADiN
l4tkC5s0HIUynn5QnRmSSWgpZ0ur0lmz301q3SKPpjgjH4HBRGHrzgNkXO3tCNZb
WdYfvX2BfJ4YwZsH1dqWFBmfiCkoUJC7aX5imDkDAMfw7NAiBwCRshl0yJAcksME
mLZJ0KbztaK7zAuMhTy10WyvEK9hSgdvAuIdVXEaO53EP5R5XZwyD5Q46NXNSEwM
gi46GbredqvmTG8MOLReME2EMjyM3wHs7NeQLfs3RDLIA5Ub0SJ8yxMPgxYSr7KF
JWT1er7BoVa4gEtfNvN5ySBHSct0dfM9XYqmVNA=
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:21:58 2026 by rpki-client