Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/70AF057E460011F1B821490CCF1D38B0.roa
File: 70AF057E460011F1B821490CCF1D38B0.roa (raw, json)
Hash identifier: OINUiYQa9kvHVu7A+qITtXUOCcz9M8RS/vcP9oJCb7E=
Subject key identifier: DE:9F:99:A8:C2:B8:05:E5:BC:78:D9:6A:EF:BC:C7:4E:6C:F9:1D:46
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B127
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/70AF057E460011F1B821490CCF1D38B0.roa
Signing time: Sat 02 May 2026 08:25:13 +0000
ROA not before: Sat 02 May 2026 08:25:01 +0000
ROA not after: Wed 02 May 2029 08:25:01 +0000
asID: 17561
IP address blocks: 156.245.203.0/24 maxlen: 24
156.245.209.0/24 maxlen: 24
156.245.210.0/24 maxlen: 24
156.245.242.0/24 maxlen: 24
156.245.243.0/24 maxlen: 24
156.245.248.0/24 maxlen: 24
156.245.249.0/24 maxlen: 24
156.245.250.0/24 maxlen: 24
156.245.251.0/24 maxlen: 24
156.245.252.0/24 maxlen: 24
156.245.253.0/24 maxlen: 24
156.245.254.0/24 maxlen: 24
156.245.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110887 (0x1b127)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 2 08:25:01 2026 GMT
Not After : May 2 08:25:01 2029 GMT
Subject: CN=69f5b4e9-a6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d3:e6:33:fa:37:96:ed:c1:f1:d2:9c:94:50:
94:cc:f0:0a:a6:ee:66:f3:56:d7:18:54:94:f6:c0:
32:ea:b1:89:8e:51:12:30:3b:6f:ab:25:cc:61:ef:
9c:3c:d9:33:7e:b5:88:c9:cb:df:b4:54:38:b6:d3:
ec:47:93:02:dd:da:7d:c4:5f:85:b9:84:56:1d:88:
14:aa:3d:7b:3d:09:f9:03:56:8e:c8:d0:d8:c2:32:
b4:40:c8:45:53:6c:18:c1:2a:56:d4:ce:20:a1:c5:
67:6e:25:58:c6:2c:57:c7:d5:0f:6c:47:32:84:58:
53:c3:49:83:8a:98:9e:bb:e1:f7:6f:cc:53:2d:2b:
77:a5:1b:f2:e3:22:6e:a0:55:5b:ae:ef:98:42:72:
ce:59:4f:f1:31:af:d8:99:c8:2c:1a:06:8d:ab:d7:
b1:a8:50:56:7e:37:98:3f:a3:7d:87:68:c7:d8:1d:
60:aa:57:f4:8a:2c:14:19:30:a2:54:7e:bd:e0:09:
ec:56:6b:3d:22:ff:41:5d:b4:d3:a0:94:5a:6b:c3:
c4:22:e1:f1:26:d2:9c:bd:df:58:68:47:47:6f:33:
0c:57:99:f8:03:df:e8:53:5d:4a:6b:03:19:05:66:
73:5c:85:e8:70:64:6e:aa:3e:79:ee:b1:33:e2:4b:
dc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9F:99:A8:C2:B8:05:E5:BC:78:D9:6A:EF:BC:C7:4E:6C:F9:1D:46
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/70AF057E460011F1B821490CCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.203.0/24
156.245.209.0-156.245.210.255
156.245.242.0/23
156.245.248.0/21
Signature Algorithm: sha256WithRSAEncryption
38:13:ed:40:3a:85:3c:e4:e7:83:a7:e6:25:06:be:09:8b:d1:
6c:79:2e:2e:6b:01:b5:0f:ab:cd:b6:e6:bd:df:12:e4:89:eb:
23:fe:4c:ca:af:ce:a8:20:db:4d:aa:67:0d:a9:b5:b1:45:d8:
bd:6b:77:2b:a0:b4:11:55:7c:f6:a4:f9:2e:78:3d:76:73:3d:
42:fd:a0:8e:56:1d:a7:3a:09:06:d6:e9:32:32:c6:94:2c:d9:
c0:c6:e1:cb:1e:1d:b0:d2:19:36:3d:f1:15:98:53:2f:dd:26:
e9:34:a6:86:08:43:8f:a6:a4:d3:40:3b:36:98:f1:b0:37:e5:
bc:96:8c:1e:ae:b2:46:92:69:86:63:e0:5b:9c:52:91:6c:b0:
4b:68:93:6b:25:16:09:aa:f0:39:a2:75:f4:74:43:33:3d:e6:
14:f1:8a:d7:fa:67:c7:7b:4c:61:d6:96:8c:08:0d:e3:a9:1c:
e4:27:50:b1:05:42:5b:f5:8c:5f:50:34:6a:73:11:d6:3c:5c:
be:2d:dc:aa:7e:b9:74:5f:9b:3d:41:87:be:fa:21:de:f5:94:
68:30:d3:9e:07:db:04:4a:7e:37:f2:f3:9c:10:24:4a:20:a7:
f1:7d:b7:2d:4f:17:86:84:f0:1b:40:c5:dc:8b:f1:8f:a6:33:
54:4d:c6:58
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDAbEnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTAyMDgyNTAxWhcNMjkwNTAyMDgyNTAxWjAYMRYw
FAYDVQQDEw02OWY1YjRlOS1hNmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3tPmM/o3lu3B8dKclFCUzPAKpu5m81bXGFSU9sAy6rGJjlESMDtvqyXM
Ye+cPNkzfrWIycvftFQ4ttPsR5MC3dp9xF+FuYRWHYgUqj17PQn5A1aOyNDYwjK0
QMhFU2wYwSpW1M4gocVnbiVYxixXx9UPbEcyhFhTw0mDipieu+H3b8xTLSt3pRvy
4yJuoFVbru+YQnLOWU/xMa/YmcgsGgaNq9exqFBWfjeYP6N9h2jH2B1gqlf0iiwU
GTCiVH694AnsVms9Iv9BXbTToJRaa8PEIuHxJtKcvd9YaEdHbzMMV5n4A9/oU11K
awMZBWZzXIXocGRuqj557rEz4kvcrwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFN6f
majCuAXlvHjZau+8x05s+R1GMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MEFGMDU3RTQ2MDAxMUYxQjgyMTQ5MENDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAnPXLMAwDBACc9dEDBACc9dID
BAGc9fIDBAOc9fgwDQYJKoZIhvcNAQELBQADggEBADgT7UA6hTzk54On5iUGvgmL
0Wx5Li5rAbUPq8225r3fEuSJ6yP+TMqvzqgg202qZw2ptbFF2L1rdyugtBFVfPak
+S54PXZzPUL9oI5WHac6CQbW6TIyxpQs2cDG4cseHbDSGTY98RWYUy/dJuk0poYI
Q4+mpNNAOzaY8bA35byWjB6uskaSaYZj4FucUpFssEtok2slFgmq8DmidfR0QzM9
5hTxitf6Z8d7TGHWlowIDeOpHOQnULEFQlv1jF9QNGpzEdY8XL4t3Kp+uXRfmz1B
h776Id71lGgw054H2wRKfjfy85wQJEogp/F9ty1PF4aE8BtAxdyL8Y+mM1RNxlg=
-----END CERTIFICATE-----
Generated at Wed May 13 10:36:34 2026 by rpki-client