Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A22C380236511F18074A1B2DAE4EC9C.roa
File: 0A22C380236511F18074A1B2DAE4EC9C.roa (raw, json)
Hash identifier: On/hJmlueo8nSO1zqKnKijQ5cOHtbBMZ8JeKMH74JR4=
Subject key identifier: FE:E0:46:87:9E:6C:01:EA:00:F6:F3:63:54:35:47:CD:8E:4F:8C:B9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A5E4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A22C380236511F18074A1B2DAE4EC9C.roa
Signing time: Thu 19 Mar 2026 07:27:10 +0000
ROA not before: Thu 19 Mar 2026 07:27:05 +0000
ROA not after: Thu 26 Mar 2026 07:27:05 +0000
asID: 153656
IP address blocks: 156.254.32.0/19 maxlen: 24
156.254.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 26 Mar 2026 07:27:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108004 (0x1a5e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 19 07:27:05 2026 GMT
Not After : Mar 26 07:27:05 2026 GMT
Subject: CN=69bba54e-bc56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:af:4c:e4:0b:e6:98:dd:f9:ca:76:09:57:48:
1a:db:34:6e:78:ab:8d:6b:30:97:9b:e3:4c:af:ac:
97:a0:90:e7:77:5d:3e:e1:85:8c:2b:1f:07:ca:12:
fa:83:4f:ed:51:3d:51:82:26:ff:e4:88:63:5f:0f:
0b:9a:c6:ee:e0:86:27:59:cd:4b:0a:f6:a5:e3:dc:
e3:65:b5:42:30:98:07:cb:70:4c:c0:a1:64:86:78:
8f:da:6e:0d:2d:3a:bf:aa:40:75:b7:aa:ca:6f:16:
4c:02:07:f5:07:d2:3e:7d:36:84:82:91:e2:67:a9:
a6:f3:5d:0c:26:21:b4:05:1b:2f:91:6e:56:33:7f:
19:49:bf:82:13:fa:a9:ba:8e:0c:7c:84:6a:2c:fc:
17:b6:cb:2e:0b:92:64:02:08:fb:fe:f2:26:d8:2a:
84:b9:0b:4a:77:9b:13:97:ad:1b:a3:ac:63:4f:d5:
4f:4a:da:9d:67:78:72:89:96:f8:7a:f0:13:9f:d0:
1f:eb:c0:b4:ab:85:dd:e3:84:38:62:81:a7:81:9b:
a1:1f:38:71:02:08:20:c6:5c:ca:7d:55:0c:a2:ad:
0b:e0:43:09:c5:6c:ff:94:5e:82:25:ff:98:af:41:
24:a1:42:60:ef:a5:4d:72:29:10:60:e8:a2:53:cf:
e8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E0:46:87:9E:6C:01:EA:00:F6:F3:63:54:35:47:CD:8E:4F:8C:B9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A22C380236511F18074A1B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.32.0-156.254.95.255
Signature Algorithm: sha256WithRSAEncryption
81:96:16:2d:1b:1a:54:bb:9f:39:17:19:b1:7a:c7:04:d7:af:
85:07:14:09:80:f2:f9:d1:b6:93:0f:05:80:8c:96:cf:72:52:
b3:f3:4f:76:c3:fd:a5:6c:9f:3c:4a:81:0c:5b:bf:d4:0a:c7:
c0:11:db:d8:d2:b2:25:53:49:67:b5:3c:28:8a:91:65:21:82:
74:fb:6e:85:4c:39:8e:cf:2a:93:ca:b8:76:be:1b:15:d6:73:
3a:80:f9:a8:70:9f:7a:5a:9d:3f:5f:33:28:5b:4b:fa:d1:28:
5c:6e:54:07:d8:cf:fc:5f:30:11:45:07:53:82:3b:d5:07:61:
02:e8:63:8f:35:26:0e:72:60:49:dd:ba:7c:f7:2f:66:85:60:
93:13:cb:5e:a6:ce:12:73:05:f9:4b:23:ba:6d:79:47:c6:1c:
e5:47:05:d8:02:8f:1b:58:a3:09:cc:4f:2f:ae:a1:f0:38:86:
f2:8d:37:a4:f7:ab:f3:00:32:f6:df:e0:ed:b3:a0:e4:6f:1f:
87:1d:33:59:20:28:0a:fc:d1:77:8c:db:e5:b9:0b:eb:cd:85:
03:61:3c:c9:bb:e1:f4:1b:96:f8:e4:cd:fc:fd:17:0f:34:74:
52:e7:e6:d1:00:f6:1b:e0:e9:af:7d:6f:b3:2b:45:d5:9c:01:
f0:90:66:0a
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAaXkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzE5MDcyNzA1WhcNMjYwMzI2MDcyNzA1WjAYMRYw
FAYDVQQDEw02OWJiYTU0ZS1iYzU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzK9M5AvmmN35ynYJV0ga2zRueKuNazCXm+NMr6yXoJDnd10+4YWMKx8H
yhL6g0/tUT1Rgib/5IhjXw8Lmsbu4IYnWc1LCval49zjZbVCMJgHy3BMwKFkhniP
2m4NLTq/qkB1t6rKbxZMAgf1B9I+fTaEgpHiZ6mm810MJiG0BRsvkW5WM38ZSb+C
E/qpuo4MfIRqLPwXtssuC5JkAgj7/vIm2CqEuQtKd5sTl60bo6xjT9VPStqdZ3hy
iZb4evATn9Af68C0q4Xd44Q4YoGngZuhHzhxAgggxlzKfVUMoq0L4EMJxWz/lF6C
Jf+Yr0EkoUJg76VNcikQYOiiU8/oIwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFP7g
RoeebAHqAPbzY1Q1R82OT4y5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQTIyQzM4MDIzNjUxMUYxODA3NEExQjJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWc/iADBAWc/kAwDQYJKoZI
hvcNAQELBQADggEBAIGWFi0bGlS7nzkXGbF6xwTXr4UHFAmA8vnRtpMPBYCMls9y
UrPzT3bD/aVsnzxKgQxbv9QKx8AR29jSsiVTSWe1PCiKkWUhgnT7boVMOY7PKpPK
uHa+GxXWczqA+ahwn3panT9fMyhbS/rRKFxuVAfYz/xfMBFFB1OCO9UHYQLoY481
Jg5yYEndunz3L2aFYJMTy16mzhJzBflLI7pteUfGHOVHBdgCjxtYownMTy+uofA4
hvKNN6T3q/MAMvbf4O2zoORvH4cdM1kgKAr80XeM2+W5C+vNhQNhPMm74fQblvjk
zfz9Fw80dFLn5tEA9hvg6a99b7MrRdWcAfCQZgo=
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:15:14 2026 by rpki-client