Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09DD61A44C7411F18CD293C3CE1D38B0.roa
File: 09DD61A44C7411F18CD293C3CE1D38B0.roa (raw, json)
Hash identifier: x0r/PxEjKvGDEIg+r20BwIscINDLlWGFpuBut1pc9a0=
Subject key identifier: 7B:5B:C6:A3:71:B6:04:E9:35:C2:12:91:B4:0E:A1:A6:A3:86:F5:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B35F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09DD61A44C7411F18CD293C3CE1D38B0.roa
Signing time: Sun 10 May 2026 13:27:49 +0000
ROA not before: Sun 10 May 2026 13:27:45 +0000
ROA not after: Tue 19 May 2026 13:27:45 +0000
asID: 17497
IP address blocks: 156.245.8.0/22 maxlen: 24
156.245.8.0/24 maxlen: 24
156.245.9.0/24 maxlen: 24
156.245.10.0/24 maxlen: 24
156.245.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111455 (0x1b35f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 10 13:27:45 2026 GMT
Not After : May 19 13:27:45 2026 GMT
Subject: CN=6a0087d5-5795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c8:73:76:e2:90:6c:64:ae:99:d7:e6:dc:32:
35:77:8b:9f:23:15:b2:68:4c:cb:32:e7:83:20:ee:
b2:02:32:73:b3:0a:d3:2e:c6:38:63:76:62:2f:f1:
79:dd:49:35:e7:a5:38:4d:3c:30:4b:5c:97:6e:88:
13:39:97:e7:74:ec:c4:35:69:97:4b:6d:db:ff:39:
8b:f1:75:2e:2d:28:66:ec:ab:aa:40:0d:a0:50:8e:
58:e8:ff:60:42:67:51:bb:3d:2d:e3:f9:16:16:8d:
73:ce:4b:69:08:db:23:1b:c6:ad:43:a8:f0:3b:1e:
7d:aa:b5:7a:21:a5:db:ce:50:fa:ba:af:c3:1e:e0:
dc:27:bf:83:02:6f:92:a2:d9:81:ff:9d:c6:1d:15:
0a:d6:dd:83:f8:42:e8:1e:46:d6:47:d2:56:d0:ce:
b6:3b:2e:3a:a8:bf:c0:a2:8e:21:ee:be:d7:58:e5:
f3:dc:91:fd:5a:58:3a:ff:cb:63:90:23:50:56:bc:
5a:ab:15:2d:4e:12:c6:27:a5:42:fd:02:ec:85:e9:
ca:18:6d:29:4e:d2:d8:b1:ab:5e:31:65:15:31:a5:
5f:6e:8c:26:a8:41:e6:38:5a:a8:8c:91:d1:89:cb:
b2:c0:c8:ee:e7:b1:49:30:cf:e3:ab:9e:d2:e7:67:
51:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:5B:C6:A3:71:B6:04:E9:35:C2:12:91:B4:0E:A1:A6:A3:86:F5:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09DD61A44C7411F18CD293C3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.8.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:b1:81:5e:e7:73:3a:4d:36:10:4a:70:2f:04:38:6d:de:96:
17:11:41:89:17:78:c6:c5:cc:2a:d6:f8:49:9d:55:e6:ef:62:
c1:de:78:4e:e1:1c:03:8b:f8:c6:6a:ee:b1:0a:39:6f:37:2c:
7d:80:ef:12:6c:2f:44:f7:be:0d:d8:84:bb:3d:05:0c:20:e7:
e6:f4:59:03:cc:4d:ba:5f:0f:50:9d:6b:ea:f2:57:76:a8:eb:
61:3f:ff:d5:12:e8:d1:af:f0:6d:bc:27:63:90:87:8d:4a:e5:
0c:67:ca:4c:39:00:c0:d2:1f:a3:2e:3f:86:4c:be:2b:e6:1d:
9b:3e:2c:26:a4:6f:81:24:f4:2b:a1:01:2f:28:3e:b6:1f:57:
89:2b:26:dc:b8:6d:97:dc:35:3f:68:2b:1e:f9:5e:49:35:d6:
76:22:3d:4d:92:21:86:8e:66:e0:c2:d6:27:05:db:b9:2f:18:
80:12:51:ff:6f:c5:77:51:dc:3b:41:90:9d:2f:9d:d8:ab:df:
83:83:37:79:b6:63:1d:18:8f:d6:40:4a:93:f0:80:40:9a:ee:
5a:e1:fb:48:6f:f0:5e:09:07:4f:72:54:29:3c:2a:cf:4c:15:
5c:b1:f2:78:89:07:4f:0b:53:25:c2:57:5e:b5:d7:dc:ea:50:
36:33:0b:cf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbNfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTEwMTMyNzQ1WhcNMjYwNTE5MTMyNzQ1WjAYMRYw
FAYDVQQDEw02YTAwODdkNS01Nzk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2chzduKQbGSumdfm3DI1d4ufIxWyaEzLMueDIO6yAjJzswrTLsY4Y3Zi
L/F53Uk156U4TTwwS1yXbogTOZfndOzENWmXS23b/zmL8XUuLShm7KuqQA2gUI5Y
6P9gQmdRuz0t4/kWFo1zzktpCNsjG8atQ6jwOx59qrV6IaXbzlD6uq/DHuDcJ7+D
Am+SotmB/53GHRUK1t2D+ELoHkbWR9JW0M62Oy46qL/Aoo4h7r7XWOXz3JH9Wlg6
/8tjkCNQVrxaqxUtThLGJ6VC/QLshenKGG0pTtLYsateMWUVMaVfbowmqEHmOFqo
jJHRicuywMju57FJMM/jq57S52dR7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHtb
xqNxtgTpNcISkbQOoaajhvVlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wOURENjFBNDRDNzQxMUYxOENEMjkzQzNDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPUIMA0GCSqGSIb3DQEBCwUA
A4IBAQAMsYFe53M6TTYQSnAvBDht3pYXEUGJF3jGxcwq1vhJnVXm72LB3nhO4RwD
i/jGau6xCjlvNyx9gO8SbC9E974N2IS7PQUMIOfm9FkDzE26Xw9QnWvq8ld2qOth
P//VEujRr/BtvCdjkIeNSuUMZ8pMOQDA0h+jLj+GTL4r5h2bPiwmpG+BJPQroQEv
KD62H1eJKybcuG2X3DU/aCse+V5JNdZ2Ij1NkiGGjmbgwtYnBdu5LxiAElH/b8V3
Udw7QZCdL53Yq9+Dgzd5tmMdGI/WQEqT8IBAmu5a4ftIb/BeCQdPclQpPCrPTBVc
sfJ4iQdPC1Mlwldetdfc6lA2MwvP
-----END CERTIFICATE-----
Generated at Wed May 13 10:36:49 2026 by rpki-client