Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BA5DFCC4A5A11F1A16D6AF0CE1D38B0.roa
File: 1BA5DFCC4A5A11F1A16D6AF0CE1D38B0.roa (raw, json)
Hash identifier: ZIaAc27onY7u+vAZNBtvU9tUBH4x3urOVP4vX/zmN1E=
Subject key identifier: 64:52:10:80:50:F7:00:8A:32:53:9B:E4:D9:57:64:DF:FB:C4:05:AE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B272
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BA5DFCC4A5A11F1A16D6AF0CE1D38B0.roa
Signing time: Thu 07 May 2026 21:17:10 +0000
ROA not before: Thu 07 May 2026 21:17:04 +0000
ROA not after: Mon 08 Jun 2026 21:17:04 +0000
asID: 134489
IP address blocks: 156.238.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111218 (0x1b272)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 7 21:17:04 2026 GMT
Not After : Jun 8 21:17:04 2026 GMT
Subject: CN=69fd0156-ccd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:78:58:bb:a4:7a:68:b2:fb:fa:87:52:2d:02:
42:de:20:fe:13:a5:92:9d:ee:22:d7:96:cf:f3:22:
52:7e:42:71:31:09:79:e9:c1:5e:6f:15:e1:0f:2a:
1a:0a:3a:fd:c5:57:12:03:b3:3d:5f:3c:c8:7c:89:
3b:ad:60:a4:3e:14:e8:9f:e0:8a:98:f8:d3:33:17:
cf:1e:f6:6a:55:c2:72:9e:01:6d:40:42:75:30:9d:
96:f1:af:8a:76:be:bd:f3:bb:84:45:da:49:d1:3e:
97:2e:ee:c3:55:e8:d5:ee:26:b2:8c:c7:50:40:9f:
7a:cb:6f:5e:1b:d4:67:12:e1:30:d7:80:35:d8:ab:
37:32:cb:f6:5d:90:51:c9:be:0d:dd:2e:1f:aa:2e:
ee:77:93:08:15:42:d3:0c:0b:9d:0b:26:e8:4e:02:
97:92:af:bf:81:9f:88:a3:ce:dc:ba:13:58:1d:cf:
8c:fa:53:52:31:ba:33:0b:d6:76:e7:d4:96:fa:3c:
ae:95:cc:5d:24:4c:26:4c:77:b7:2f:4c:4b:4a:bc:
73:78:c2:1a:c7:43:c3:41:2a:e4:47:aa:d9:b7:fe:
91:04:6d:13:80:66:fc:c6:51:58:7b:e1:cf:80:99:
b6:df:41:f0:72:d9:85:d0:43:03:b2:d6:c0:f2:2c:
86:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:52:10:80:50:F7:00:8A:32:53:9B:E4:D9:57:64:DF:FB:C4:05:AE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BA5DFCC4A5A11F1A16D6AF0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.86.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:78:71:f0:20:11:bd:99:4a:32:f7:5c:42:d0:5e:65:89:20:
6d:00:90:5c:e0:d9:ee:02:61:63:58:f4:f9:de:5f:d8:cf:96:
ec:f9:bd:8a:c9:7d:ca:ca:05:86:fa:4d:6a:82:aa:39:d4:4c:
36:b8:37:20:69:5b:da:31:b2:00:1c:c4:68:46:e7:24:53:43:
9a:8c:a1:34:eb:06:2f:59:11:1a:7e:7f:cd:5c:c6:c1:a9:4b:
c7:03:9b:cc:81:88:9e:c0:b6:20:f0:80:57:35:c3:6d:e3:95:
81:d5:c5:4d:78:9d:bf:fd:52:56:92:ac:f3:d0:da:13:97:a6:
c0:19:f9:dc:6c:c3:44:d3:f0:b1:cf:25:81:e9:df:4d:cf:54:
6e:c7:02:30:57:4c:46:5a:43:a1:b2:c1:ad:6f:eb:10:8f:9d:
e9:5b:00:3e:d1:56:26:e6:f4:6a:60:21:f1:f3:c2:e1:c6:95:
57:63:5d:42:b3:c1:1f:c5:ee:eb:55:49:08:69:e8:35:c8:69:
ba:82:29:13:a3:ac:88:7f:1a:90:f1:2b:e1:2d:7b:46:7e:12:
0d:26:62:b2:16:9f:b3:20:c8:25:f4:85:bb:87:ca:a8:cd:0c:
ef:06:f9:77:54:40:33:f9:7b:7c:af:9c:5b:21:8d:e1:1a:a1:
b7:9e:c4:c9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbJyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTA3MjExNzA0WhcNMjYwNjA4MjExNzA0WjAYMRYw
FAYDVQQDEw02OWZkMDE1Ni1jY2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA13hYu6R6aLL7+odSLQJC3iD+E6WSne4i15bP8yJSfkJxMQl56cFebxXh
DyoaCjr9xVcSA7M9XzzIfIk7rWCkPhTon+CKmPjTMxfPHvZqVcJyngFtQEJ1MJ2W
8a+Kdr6987uERdpJ0T6XLu7DVejV7iayjMdQQJ96y29eG9RnEuEw14A12Ks3Msv2
XZBRyb4N3S4fqi7ud5MIFULTDAudCyboTgKXkq+/gZ+Io87cuhNYHc+M+lNSMboz
C9Z259SW+jyulcxdJEwmTHe3L0xLSrxzeMIax0PDQSrkR6rZt/6RBG0TgGb8xlFY
e+HPgJm230HwctmF0EMDstbA8iyGMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGRS
EIBQ9wCKMlOb5NlXZN/7xAWuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQkE1REZDQzRBNUExMUYxQTE2RDZBRjBDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5WMA0GCSqGSIb3DQEBCwUA
A4IBAQB8eHHwIBG9mUoy91xC0F5liSBtAJBc4NnuAmFjWPT53l/Yz5bs+b2KyX3K
ygWG+k1qgqo51Ew2uDcgaVvaMbIAHMRoRuckU0OajKE06wYvWREafn/NXMbBqUvH
A5vMgYiewLYg8IBXNcNt45WB1cVNeJ2//VJWkqzz0NoTl6bAGfncbMNE0/CxzyWB
6d9Nz1RuxwIwV0xGWkOhssGtb+sQj53pWwA+0VYm5vRqYCHx88LhxpVXY11Cs8Ef
xe7rVUkIaeg1yGm6gikTo6yIfxqQ8SvhLXtGfhINJmKyFp+zIMgl9IW7h8qozQzv
Bvl3VEAz+Xt8r5xbIY3hGqG3nsTJ
-----END CERTIFICATE-----
Generated at Wed May 13 04:52:07 2026 by rpki-client