Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6660C2624A5911F18E2353ECCE1D38B0.roa
File: 6660C2624A5911F18E2353ECCE1D38B0.roa (raw, json)
Hash identifier: Q+bAYhV6403b1MCdYkIucKp/QhmWJEQtTF562opxAKo=
Subject key identifier: 0D:18:F8:A7:59:BE:D8:35:1B:65:14:4F:81:9B:94:04:E4:1D:75:32
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B270
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6660C2624A5911F18E2353ECCE1D38B0.roa
Signing time: Thu 07 May 2026 21:12:06 +0000
ROA not before: Thu 07 May 2026 21:12:01 +0000
ROA not after: Mon 08 Jun 2026 21:12:01 +0000
asID: 38193
IP address blocks: 156.238.72.0/24 maxlen: 24
156.238.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111216 (0x1b270)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 7 21:12:01 2026 GMT
Not After : Jun 8 21:12:01 2026 GMT
Subject: CN=69fd0026-831c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cb:71:b5:32:a9:8d:23:a9:db:2c:17:46:3c:
99:49:78:67:18:2a:d2:9b:ad:8c:05:99:0a:22:ac:
25:51:5d:a4:d0:9a:d1:0e:68:45:8b:dd:fd:ab:2e:
3c:28:96:60:ff:bd:cf:5e:1c:a9:d7:99:3f:67:37:
af:8e:b0:11:eb:c4:b9:a2:14:9c:72:36:bb:97:bc:
04:8c:4b:0f:79:75:f2:f0:db:2a:7e:64:67:ed:c6:
40:6e:b4:dd:75:18:ec:0f:5a:d1:d6:be:88:ba:50:
3b:ab:8f:11:95:17:b9:b3:ad:2e:8d:69:45:fb:06:
9d:cf:09:33:0d:a3:44:fa:6a:f0:90:a3:20:99:c2:
29:30:d4:46:ab:79:ac:25:98:0f:fa:72:7e:a2:79:
99:e8:5e:18:94:3c:47:93:4a:fd:e4:f7:40:a0:4c:
cf:ba:ed:97:4a:be:92:47:75:f1:fe:6d:d4:3d:f9:
f0:e2:8d:50:ea:a2:9b:8a:39:83:02:b6:d0:65:ee:
4b:7a:f2:45:09:65:a2:33:12:19:42:b6:c0:19:e5:
97:e1:2f:ae:13:1f:09:57:03:7d:36:13:fb:ef:03:
a3:dc:40:cf:d5:f6:9e:57:1f:03:6d:3b:56:25:33:
65:db:a0:87:bc:c5:33:25:64:9f:95:22:f6:12:69:
db:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:18:F8:A7:59:BE:D8:35:1B:65:14:4F:81:9B:94:04:E4:1D:75:32
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6660C2624A5911F18E2353ECCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.72.0/24
156.238.80.0/24
Signature Algorithm: sha256WithRSAEncryption
85:13:03:9e:41:bb:8e:79:cf:1d:70:23:50:62:c9:5b:82:05:
19:8e:c7:67:e6:f0:80:b9:9e:97:bc:2b:12:6f:0d:bf:70:ff:
be:12:90:37:cf:b6:be:7e:37:1b:c7:9a:95:08:bd:e2:7d:3c:
59:c7:a9:9e:3e:bd:00:f8:bc:47:5f:fa:af:84:ee:3e:cb:bd:
13:43:ae:4e:31:27:4a:f6:5b:ac:07:43:bb:21:71:71:4f:54:
2c:3c:99:89:04:da:97:ac:c3:45:34:e0:b4:92:7a:1a:45:91:
64:63:6e:a8:21:57:fa:15:e4:2a:96:22:66:1c:fa:7f:cc:84:
26:20:d8:12:cf:bd:71:49:81:fe:0c:f6:e6:58:7a:f0:4f:ba:
94:4b:0f:fd:f3:b4:bf:ed:d9:87:ed:ef:17:89:05:ab:03:8d:
93:16:4d:eb:87:b9:5a:28:f1:9e:50:1c:28:58:3a:1d:28:48:
46:73:d1:51:1c:e6:84:02:5e:a6:97:61:43:4e:7b:4a:00:0e:
a6:17:15:bd:e0:0e:7d:25:fb:e4:ca:b1:05:78:11:64:2e:b7:
31:8e:51:6f:d1:56:6b:e6:43:4f:78:ec:7c:91:b9:fd:f4:f7:
92:81:77:4c:3f:c1:8e:1a:b3:8a:4a:01:90:1a:66:96:86:9d:
ae:95:1d:2e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAbJwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTA3MjExMjAxWhcNMjYwNjA4MjExMjAxWjAYMRYw
FAYDVQQDEw02OWZkMDAyNi04MzFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA08txtTKpjSOp2ywXRjyZSXhnGCrSm62MBZkKIqwlUV2k0JrRDmhFi939
qy48KJZg/73PXhyp15k/ZzevjrAR68S5ohSccja7l7wEjEsPeXXy8NsqfmRn7cZA
brTddRjsD1rR1r6IulA7q48RlRe5s60ujWlF+wadzwkzDaNE+mrwkKMgmcIpMNRG
q3msJZgP+nJ+onmZ6F4YlDxHk0r95PdAoEzPuu2XSr6SR3Xx/m3UPfnw4o1Q6qKb
ijmDArbQZe5LevJFCWWiMxIZQrbAGeWX4S+uEx8JVwN9NhP77wOj3EDP1faeVx8D
bTtWJTNl26CHvMUzJWSflSL2EmnbUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA0Y
+KdZvtg1G2UUT4GblATkHXUyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NjYwQzI2MjRBNTkxMUYxOEUyMzUzRUNDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnO5IAwQAnO5QMA0GCSqGSIb3
DQEBCwUAA4IBAQCFEwOeQbuOec8dcCNQYslbggUZjsdn5vCAuZ6XvCsSbw2/cP++
EpA3z7a+fjcbx5qVCL3ifTxZx6mePr0A+LxHX/qvhO4+y70TQ65OMSdK9lusB0O7
IXFxT1QsPJmJBNqXrMNFNOC0knoaRZFkY26oIVf6FeQqliJmHPp/zIQmINgSz71x
SYH+DPbmWHrwT7qUSw/987S/7dmH7e8XiQWrA42TFk3rh7laKPGeUBwoWDodKEhG
c9FRHOaEAl6ml2FDTntKAA6mFxW94A59JfvkyrEFeBFkLrcxjlFv0VZr5kNPeOx8
kbn99PeSgXdMP8GOGrOKSgGQGmaWhp2ulR0u
-----END CERTIFICATE-----
Generated at Wed May 13 13:02:34 2026 by rpki-client