Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AE40DF0282D11F1B412C08FDAE4EC9C.roa
File: 2AE40DF0282D11F1B412C08FDAE4EC9C.roa (raw, json)
Hash identifier: sv5B/LrokvNwWMzZYAwuHcmUTQPxFqW2Lyga0IP5bIY=
Subject key identifier: 1F:E7:CF:F7:24:61:04:47:D0:26:59:6B:FC:EB:7D:16:15:E6:F0:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A757
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AE40DF0282D11F1B412C08FDAE4EC9C.roa
Signing time: Wed 25 Mar 2026 09:29:49 +0000
ROA not before: Wed 25 Mar 2026 09:29:43 +0000
ROA not after: Fri 01 May 2026 09:29:43 +0000
asID: 395839
IP address blocks: 156.239.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108375 (0x1a757)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 25 09:29:43 2026 GMT
Not After : May 1 09:29:43 2026 GMT
Subject: CN=69c3ab0d-f851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:83:5b:da:71:8d:d3:5a:e3:d4:76:68:9b:e6:
a4:c0:34:39:b6:30:18:0d:32:49:1c:62:1b:b1:97:
58:02:6e:0e:1c:0e:35:2a:54:2c:15:12:00:4e:a5:
b5:72:00:b7:d8:90:a1:a6:96:f7:41:55:6f:f7:e7:
ac:bd:d7:d9:86:f7:f6:45:5d:22:ec:7c:a7:1c:f1:
d4:bd:a7:bf:4f:c2:2c:6b:ea:91:59:f2:fc:98:a6:
43:91:92:39:59:23:e8:f1:1f:11:97:f5:76:1c:fc:
34:33:4c:fb:b8:7a:b4:b2:b7:1d:62:14:c3:0e:db:
9a:4b:e5:0c:0b:f2:3b:11:41:7b:77:ec:0b:d1:c3:
df:98:41:ba:26:64:f5:95:c2:4f:bf:6d:d4:a1:2e:
23:8f:8a:cd:cd:74:fe:f5:30:92:31:f6:1c:a6:78:
92:6b:10:76:c3:46:5a:d6:f5:d7:99:9c:45:c0:d9:
7f:35:c1:01:82:27:9a:8e:ce:d1:e7:b0:0e:34:14:
7e:c8:9c:35:4d:74:7e:06:cf:77:d2:6f:27:5e:8a:
43:0c:ff:0e:78:a0:60:4a:8c:e5:9f:95:7e:41:72:
d2:63:a9:9d:f3:8f:39:c6:e9:b4:bd:84:0d:28:30:
bb:3c:48:a5:f3:77:9c:e9:cc:d8:34:c2:20:87:a3:
1f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:E7:CF:F7:24:61:04:47:D0:26:59:6B:FC:EB:7D:16:15:E6:F0:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AE40DF0282D11F1B412C08FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.54.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:cb:20:e1:5c:c8:01:e8:dc:73:c8:fd:41:85:6f:fb:30:69:
c3:e1:b5:00:4d:4f:df:51:89:d6:6d:c7:6d:dd:8b:9f:17:7b:
57:76:6f:3f:dd:15:33:fd:00:ef:39:08:e7:ed:41:37:ba:2a:
43:10:48:4b:0e:ef:aa:37:da:7d:95:32:24:ed:fb:8c:0b:03:
c9:eb:7f:6f:00:f7:e4:10:a1:91:a1:a8:3a:d0:d6:fe:e3:74:
72:1e:28:0f:8d:2c:d3:c9:6a:de:53:62:15:28:a2:92:f1:74:
6d:15:87:06:5c:8b:ab:0c:c0:11:e6:b6:20:4d:c1:fa:48:ed:
50:6b:fe:b2:b4:96:21:8e:7b:5a:ef:f2:31:97:d5:c5:3c:4f:
a6:43:26:5d:ae:c8:64:37:d2:53:93:38:d5:e6:28:8b:b4:30:
bc:83:a3:4b:24:b8:e7:a9:4e:55:0e:2f:eb:7d:aa:44:cb:d3:
70:2e:a0:4d:f3:4c:cb:5f:cb:07:2f:19:17:a5:63:d8:e6:30:
80:80:5d:cb:b8:e5:7c:e2:b4:6e:33:cf:80:bd:3c:c5:43:99:
5c:fb:50:eb:24:09:0f:5e:b7:63:e2:d6:de:ea:1c:62:ce:9d:
da:5a:95:51:44:38:96:b5:37:8d:88:07:34:05:36:40:d3:f2:
b7:72:f9:24
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAadXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzI1MDkyOTQzWhcNMjYwNTAxMDkyOTQzWjAYMRYw
FAYDVQQDEw02OWMzYWIwZC1mODUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5INb2nGN01rj1HZom+akwDQ5tjAYDTJJHGIbsZdYAm4OHA41KlQsFRIA
TqW1cgC32JChppb3QVVv9+esvdfZhvf2RV0i7HynHPHUvae/T8Isa+qRWfL8mKZD
kZI5WSPo8R8Rl/V2HPw0M0z7uHq0srcdYhTDDtuaS+UMC/I7EUF7d+wL0cPfmEG6
JmT1lcJPv23UoS4jj4rNzXT+9TCSMfYcpniSaxB2w0Za1vXXmZxFwNl/NcEBgiea
js7R57AONBR+yJw1TXR+Bs930m8nXopDDP8OeKBgSozln5V+QXLSY6md8485xum0
vYQNKDC7PEil83ec6czYNMIgh6MfEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB/n
z/ckYQRH0CZZa/zrfRYV5vDTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQUU0MERGMDI4MkQxMUYxQjQxMkMwOEZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO82MA0GCSqGSIb3DQEBCwUA
A4IBAQAKyyDhXMgB6NxzyP1BhW/7MGnD4bUATU/fUYnWbcdt3YufF3tXdm8/3RUz
/QDvOQjn7UE3uipDEEhLDu+qN9p9lTIk7fuMCwPJ639vAPfkEKGRoag60Nb+43Ry
HigPjSzTyWreU2IVKKKS8XRtFYcGXIurDMAR5rYgTcH6SO1Qa/6ytJYhjnta7/Ix
l9XFPE+mQyZdrshkN9JTkzjV5iiLtDC8g6NLJLjnqU5VDi/rfapEy9NwLqBN80zL
X8sHLxkXpWPY5jCAgF3LuOV84rRuM8+AvTzFQ5lc+1DrJAkPXrdj4tbe6hxizp3a
WpVRRDiWtTeNiAc0BTZA0/K3cvkk
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:09:43 2026 by rpki-client