Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E576C424C6111F195BD48D1CE1D38B0.roa
File: 0E576C424C6111F195BD48D1CE1D38B0.roa (raw, json)
Hash identifier: pGtB5G5sdCOUyAMRsIeTBl5aQvhPl0DcISXJdNXUszs=
Subject key identifier: C8:C0:5D:54:5C:C2:E1:F0:69:6F:EB:33:2A:23:A9:52:33:22:EA:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B349
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E576C424C6111F195BD48D1CE1D38B0.roa
Signing time: Sun 10 May 2026 11:11:56 +0000
ROA not before: Sun 10 May 2026 11:11:52 +0000
ROA not after: Tue 16 Jun 2026 11:11:52 +0000
asID: 61112
IP address blocks: 156.224.76.0/22 maxlen: 24
156.231.139.0/24 maxlen: 24
156.246.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111433 (0x1b349)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 10 11:11:52 2026 GMT
Not After : Jun 16 11:11:52 2026 GMT
Subject: CN=6a0067fc-7243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:93:17:ce:09:b7:93:5b:74:41:e0:10:5a:6d:
57:82:6c:1e:e1:e1:00:89:f7:51:aa:05:e0:fb:f9:
f6:18:cd:77:f2:3d:b5:69:11:fc:25:35:89:3d:c1:
d6:4b:e1:4b:8c:50:4e:f1:51:42:47:e0:ec:4e:05:
bf:fd:65:9d:dd:43:0f:e9:fb:5f:40:d2:78:06:89:
53:a9:d9:91:74:08:37:b4:02:2a:0c:2e:6d:a2:be:
3b:d1:ba:84:ef:b4:19:3e:15:99:a7:ec:57:31:12:
09:a9:5a:7e:2d:c5:df:e3:06:39:8e:0a:c8:25:92:
78:0c:ca:57:38:89:9f:3a:1a:20:62:f8:59:dd:e5:
33:49:85:a3:fe:7d:e9:e1:94:48:aa:08:7f:3d:88:
39:e4:6e:2b:db:e1:97:91:5d:d9:06:f1:aa:d7:3f:
1e:e4:d8:dc:12:5e:95:1e:a5:6c:45:97:c1:24:5b:
3a:bb:31:68:04:3a:f6:77:95:ed:c5:4e:ba:9e:3d:
37:b9:25:c0:c9:c0:52:20:a0:11:a0:fa:5f:39:93:
83:fe:97:25:4a:ea:5e:95:e5:82:63:91:92:e6:7d:
02:47:df:e1:c9:da:85:99:76:a3:00:88:63:5f:af:
5b:6e:0d:c5:ca:41:6e:1a:3c:08:22:70:64:49:94:
85:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C0:5D:54:5C:C2:E1:F0:69:6F:EB:33:2A:23:A9:52:33:22:EA:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E576C424C6111F195BD48D1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.76.0/22
156.231.139.0/24
156.246.88.0/21
Signature Algorithm: sha256WithRSAEncryption
b1:f9:86:85:87:ae:5c:40:10:e7:e0:ea:6c:4d:a8:bc:39:aa:
8e:98:10:79:7b:9d:d7:07:da:fe:c5:64:08:1a:ea:42:c6:43:
10:cf:f5:df:c6:3f:4c:6b:75:78:ab:c2:e7:c1:a5:62:86:fb:
5e:66:65:6e:fe:71:cd:6f:d5:f0:0e:68:2b:ad:5c:2e:db:eb:
c3:43:17:72:7c:92:f1:b8:d1:ac:e2:11:8c:e6:49:65:cf:99:
c1:ab:9c:e4:5b:6b:a2:e0:09:98:ab:49:92:42:43:2a:40:5c:
97:71:3d:8e:17:d8:b0:eb:10:ef:6e:57:1f:21:da:93:83:7b:
e2:54:da:45:e4:33:4e:56:4b:f7:1d:f9:aa:36:77:62:20:54:
bd:0e:a9:33:fb:cb:ad:6f:3a:c0:82:45:06:66:4f:f5:3a:db:
e9:9d:d2:bb:fe:ff:00:7f:bc:64:9c:92:19:4b:74:66:5e:7a:
81:64:58:b6:9b:88:f8:1d:12:a8:61:c9:37:a7:a9:70:26:3e:
6d:5a:9e:7c:aa:24:78:75:dc:0e:21:4b:2f:1a:37:f5:31:6b:
4c:09:c0:f0:4f:c2:43:58:9b:0a:a6:7c:41:f8:9f:82:30:e1:
e1:38:d4:6f:16:7e:39:7a:b1:dc:e6:99:dd:cb:e1:71:69:ef:
0b:93:ef:f6
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAbNJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTEwMTExMTUyWhcNMjYwNjE2MTExMTUyWjAYMRYw
FAYDVQQDEw02YTAwNjdmYy03MjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA25MXzgm3k1t0QeAQWm1Xgmwe4eEAifdRqgXg+/n2GM138j21aRH8JTWJ
PcHWS+FLjFBO8VFCR+DsTgW//WWd3UMP6ftfQNJ4BolTqdmRdAg3tAIqDC5tor47
0bqE77QZPhWZp+xXMRIJqVp+LcXf4wY5jgrIJZJ4DMpXOImfOhogYvhZ3eUzSYWj
/n3p4ZRIqgh/PYg55G4r2+GXkV3ZBvGq1z8e5NjcEl6VHqVsRZfBJFs6uzFoBDr2
d5XtxU66nj03uSXAycBSIKARoPpfOZOD/pclSupeleWCY5GS5n0CR9/hydqFmXaj
AIhjX69bbg3FykFuGjwIInBkSZSF0QIDAQABo4ICrjCCAqowHQYDVR0OBBYEFMjA
XVRcwuHwaW/rMyojqVIzIurZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRTU3NkM0MjRDNjExMUYxOTVCRDQ4RDFDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCnOBMAwQAnOeLAwQDnPZYMA0G
CSqGSIb3DQEBCwUAA4IBAQCx+YaFh65cQBDn4OpsTai8OaqOmBB5e53XB9r+xWQI
GupCxkMQz/Xfxj9Ma3V4q8LnwaVihvteZmVu/nHNb9XwDmgrrVwu2+vDQxdyfJLx
uNGs4hGM5kllz5nBq5zkW2ui4AmYq0mSQkMqQFyXcT2OF9iw6xDvblcfIdqTg3vi
VNpF5DNOVkv3HfmqNndiIFS9Dqkz+8utbzrAgkUGZk/1OtvpndK7/v8Af7xknJIZ
S3RmXnqBZFi2m4j4HRKoYck3p6lwJj5tWp58qiR4ddwOIUsvGjf1MWtMCcDwT8JD
WJsKpnxB+J+CMOHhONRvFn45erHc5pndy+Fxae8Lk+/2
-----END CERTIFICATE-----
Generated at Wed May 13 13:48:45 2026 by rpki-client