Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/449529DE421611F1BFAFF9BBCE1D38B0.roa
File: 449529DE421611F1BFAFF9BBCE1D38B0.roa (raw, json)
Hash identifier: Vywkk4zqL1cCZSUmHB4Xul1RytCuouf9vcmXCY5oV2A=
Subject key identifier: 6C:26:C4:9A:BE:2C:90:30:CF:6D:CA:32:35:C7:63:3A:FF:10:54:6E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AF6E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/449529DE421611F1BFAFF9BBCE1D38B0.roa
Signing time: Mon 27 Apr 2026 08:51:23 +0000
ROA not before: Mon 27 Apr 2026 08:51:18 +0000
ROA not after: Fri 27 Apr 2029 08:51:18 +0000
asID: 17561
IP address blocks: 156.226.208.0/24 maxlen: 24
156.233.205.0/24 maxlen: 24
156.233.206.0/24 maxlen: 24
156.233.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110446 (0x1af6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 27 08:51:18 2026 GMT
Not After : Apr 27 08:51:18 2029 GMT
Subject: CN=69ef238b-f14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3f:7d:a2:12:e5:d0:da:5f:51:d0:f3:b3:90:
2a:57:f2:34:53:f6:b3:95:fa:11:e5:56:3e:8c:c7:
2a:98:ff:40:1b:e3:a6:00:83:09:5a:0b:74:d0:42:
88:2f:76:d3:96:79:51:b9:28:7e:d2:3b:69:b6:4f:
d5:94:03:48:80:00:b5:3d:58:5d:aa:99:bc:0e:bc:
1b:21:6e:32:f7:fe:bf:df:b9:d1:9c:bb:4f:45:6d:
9d:34:98:b7:4c:b6:49:6e:1a:26:66:82:d2:33:6f:
f6:ee:94:94:85:37:1a:3d:b3:de:37:12:2d:e3:14:
24:65:25:ca:3e:8d:9d:c2:24:b2:c6:76:b9:70:bf:
45:ce:71:44:01:88:36:8c:5f:4c:d6:1f:c4:1b:ab:
0a:3c:62:c2:9e:5a:5f:63:6b:11:8d:98:1f:84:3e:
d2:ba:e1:dd:85:39:2a:47:c2:fd:2a:e0:8c:15:41:
25:3d:b7:87:bb:c5:7a:1b:b0:5f:38:f8:24:60:95:
cc:9a:d4:e8:73:b3:3a:04:3c:7d:86:ca:8d:37:ba:
48:ea:84:9a:8d:04:b2:05:59:56:63:a9:24:2c:77:
48:3b:85:2a:7c:76:e1:ac:61:06:87:80:ff:2d:b2:
23:26:7e:08:0b:4f:c0:f6:5e:c5:b9:f7:dc:ce:57:
99:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:26:C4:9A:BE:2C:90:30:CF:6D:CA:32:35:C7:63:3A:FF:10:54:6E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/449529DE421611F1BFAFF9BBCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.208.0/24
156.233.205.0-156.233.207.255
Signature Algorithm: sha256WithRSAEncryption
25:84:67:a6:82:32:f9:bc:b0:7c:b7:f1:8a:62:e4:4f:24:50:
35:47:a9:57:81:24:24:b4:62:d4:09:79:08:75:4b:b4:5e:a0:
8a:0d:37:e1:98:9b:a6:f9:28:40:8c:68:71:a0:81:33:f9:b0:
83:45:4c:d5:4e:cf:c6:e9:0b:56:9e:60:2c:38:6a:5e:9f:40:
24:9a:7e:2f:71:e5:1b:97:74:db:09:25:38:2d:05:4c:3f:31:
ef:d6:4b:bb:4b:fc:3b:3c:22:73:e5:8d:e7:df:d8:f8:ee:06:
17:82:5f:1f:2f:c0:8c:10:56:28:0f:24:ca:df:47:c8:54:a0:
93:0a:81:a9:62:2e:53:ac:d7:a0:84:34:c4:e5:ae:b5:fc:f4:
e1:38:fa:cb:d5:46:f9:da:c0:b6:65:32:11:d9:41:ef:60:2f:
d6:a1:fe:03:65:ba:3d:84:e5:50:ea:70:31:d4:c1:d9:91:d5:
31:48:37:2f:e2:a6:77:ab:f1:36:2c:0f:3d:db:34:e6:70:f9:
2d:b9:1a:1e:b2:84:1f:d2:00:c9:b0:db:b1:50:d1:a7:91:c1:
f5:f7:5e:36:f3:e2:4f:12:68:f5:11:4a:b9:d2:5d:0b:b0:27:
e7:7b:1a:91:95:e0:de:8f:18:e4:92:2e:7c:a0:8a:e6:65:77:
e7:db:4f:d8
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAa9uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDI3MDg1MTE4WhcNMjkwNDI3MDg1MTE4WjAYMRYw
FAYDVQQDEw02OWVmMjM4Yi1mMTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2z99ohLl0NpfUdDzs5AqV/I0U/azlfoR5VY+jMcqmP9AG+OmAIMJWgt0
0EKIL3bTlnlRuSh+0jtptk/VlANIgAC1PVhdqpm8DrwbIW4y9/6/37nRnLtPRW2d
NJi3TLZJbhomZoLSM2/27pSUhTcaPbPeNxIt4xQkZSXKPo2dwiSyxna5cL9FznFE
AYg2jF9M1h/EG6sKPGLCnlpfY2sRjZgfhD7SuuHdhTkqR8L9KuCMFUElPbeHu8V6
G7BfOPgkYJXMmtToc7M6BDx9hsqNN7pI6oSajQSyBVlWY6kkLHdIO4UqfHbhrGEG
h4D/LbIjJn4IC0/A9l7FuffczleZNQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFGwm
xJq+LJAwz23KMjXHYzr/EFRuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NDk1MjlERTQyMTYxMUYxQkZBRkY5QkJDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAnOLQMAwDBACc6c0DBASc6cAw
DQYJKoZIhvcNAQELBQADggEBACWEZ6aCMvm8sHy38Ypi5E8kUDVHqVeBJCS0YtQJ
eQh1S7ReoIoNN+GYm6b5KECMaHGggTP5sINFTNVOz8bpC1aeYCw4al6fQCSafi9x
5RuXdNsJJTgtBUw/Me/WS7tL/Ds8InPljeff2PjuBheCXx8vwIwQVigPJMrfR8hU
oJMKgaliLlOs16CENMTlrrX89OE4+svVRvnawLZlMhHZQe9gL9ah/gNluj2E5VDq
cDHUwdmR1TFINy/ipner8TYsDz3bNOZw+S25Gh6yhB/SAMmw27FQ0aeRwfX3Xjbz
4k8SaPURSrnSXQuwJ+d7GpGV4N6PGOSSLnygiuZld+fbT9g=
-----END CERTIFICATE-----
Generated at Wed May 13 10:44:01 2026 by rpki-client