Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/911D8CF043A711F1957683C2CE1D38B0.roa
File: 911D8CF043A711F1957683C2CE1D38B0.roa (raw, json)
Hash identifier: mVEdEHcIbXk2Hxqm8C+ysDfiNduOkB4mKfiqN7WBO+c=
Subject key identifier: DB:3A:84:6F:FE:8A:9A:39:D7:01:41:0C:50:94:F4:D7:9B:E0:DC:4D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AFC9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/911D8CF043A711F1957683C2CE1D38B0.roa
Signing time: Wed 29 Apr 2026 08:44:00 +0000
ROA not before: Wed 29 Apr 2026 08:43:55 +0000
ROA not after: Thu 04 Jun 2026 08:43:55 +0000
asID: 133731
IP address blocks: 156.234.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110537 (0x1afc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 08:43:55 2026 GMT
Not After : Jun 4 08:43:55 2026 GMT
Subject: CN=69f1c4d0-35d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:da:5a:48:18:14:d1:bf:e2:68:be:2d:86:1e:
7d:3c:ae:9c:86:55:db:a8:82:91:a8:d8:ec:b7:60:
8b:91:b2:21:29:25:96:b8:c4:2b:2c:ba:7c:15:3d:
81:22:73:54:62:dc:06:00:6f:b7:81:0d:95:19:f6:
4c:6b:77:c4:a0:b5:fe:69:ea:3e:bd:a4:6a:27:a1:
05:4a:f3:2d:62:7a:97:28:ea:85:bf:2d:67:0e:fb:
29:67:fb:78:73:27:f5:68:68:58:c9:43:34:66:f3:
a4:14:6f:fa:c1:68:5a:20:87:39:8c:02:66:1e:3f:
87:59:c2:b1:d3:d7:85:23:50:9d:d6:63:53:51:9b:
15:64:a1:bc:ac:7e:55:27:c9:b2:ef:e4:82:97:2b:
ca:89:94:a0:7c:df:47:86:66:ff:d2:93:3c:c9:21:
8f:33:48:bc:57:bb:77:fd:8f:a3:6c:65:f5:83:d2:
25:8e:41:f7:19:8b:5d:80:49:0a:f7:80:5c:56:a9:
a1:67:02:af:b1:e8:80:b6:84:82:fa:4f:c7:8c:5b:
1f:46:65:88:54:ad:c8:b2:b1:bb:74:d8:12:71:80:
f9:37:d0:22:ab:2e:7e:92:e0:a1:28:de:db:7e:50:
c2:80:f6:4e:ca:d9:ca:6b:48:47:57:11:f7:f8:8b:
ce:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3A:84:6F:FE:8A:9A:39:D7:01:41:0C:50:94:F4:D7:9B:E0:DC:4D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/911D8CF043A711F1957683C2CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:16:a7:02:80:b1:54:0c:01:0f:69:90:02:9a:c2:55:ca:ff:
7f:ee:76:2d:f5:07:b2:21:1b:60:b7:67:d7:95:16:11:9d:03:
1e:d5:32:25:2a:32:e6:22:09:a2:d9:08:28:57:31:db:d8:de:
6f:3d:a3:53:5d:d2:16:00:8a:7e:a3:c9:d1:f8:38:c5:66:dc:
82:77:c7:8e:51:76:19:72:4c:61:6b:87:53:ef:f5:5a:6b:44:
b0:eb:68:9b:87:5d:8a:73:dd:26:60:5f:74:ce:52:83:33:20:
49:9e:82:f8:e4:ce:82:5e:b7:fb:e6:1e:e2:73:65:92:35:ab:
b7:9e:d6:01:23:3a:1c:86:2d:cd:70:4f:3e:13:9b:eb:83:44:
8b:53:ac:e6:20:c8:ea:5e:7f:5c:b1:0e:12:70:2e:41:32:50:
dc:b7:e9:de:0a:14:98:d7:45:d8:7d:ec:0e:8f:a8:56:a8:32:
40:06:46:85:96:9e:b0:d1:3f:a6:3e:0c:66:05:fe:a5:01:de:
20:99:3c:a0:5d:db:ec:08:1a:49:82:ae:5b:52:8a:ad:15:86:
dd:48:56:df:19:ca:06:f2:a1:5e:0a:97:96:58:0c:94:51:02:
af:01:41:fd:69:8d:6a:43:34:90:7d:1f:8d:e5:8b:92:fa:66:
49:d2:76:db
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAa/JMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDI5MDg0MzU1WhcNMjYwNjA0MDg0MzU1WjAYMRYw
FAYDVQQDEw02OWYxYzRkMC0zNWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxdpaSBgU0b/iaL4thh59PK6chlXbqIKRqNjst2CLkbIhKSWWuMQrLLp8
FT2BInNUYtwGAG+3gQ2VGfZMa3fEoLX+aeo+vaRqJ6EFSvMtYnqXKOqFvy1nDvsp
Z/t4cyf1aGhYyUM0ZvOkFG/6wWhaIIc5jAJmHj+HWcKx09eFI1Cd1mNTUZsVZKG8
rH5VJ8my7+SClyvKiZSgfN9Hhmb/0pM8ySGPM0i8V7t3/Y+jbGX1g9IljkH3GYtd
gEkK94BcVqmhZwKvseiAtoSC+k/HjFsfRmWIVK3IsrG7dNgScYD5N9Aiqy5+kuCh
KN7bflDCgPZOytnKa0hHVxH3+IvOUQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNs6
hG/+ipo51wFBDFCU9Neb4NxNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MTFEOENGMDQzQTcxMUYxOTU3NjgzQzJDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOoAMA0GCSqGSIb3DQEBCwUA
A4IBAQCPFqcCgLFUDAEPaZACmsJVyv9/7nYt9QeyIRtgt2fXlRYRnQMe1TIlKjLm
Igmi2QgoVzHb2N5vPaNTXdIWAIp+o8nR+DjFZtyCd8eOUXYZckxha4dT7/Vaa0Sw
62ibh12Kc90mYF90zlKDMyBJnoL45M6CXrf75h7ic2WSNau3ntYBIzochi3NcE8+
E5vrg0SLU6zmIMjqXn9csQ4ScC5BMlDct+neChSY10XYfewOj6hWqDJABkaFlp6w
0T+mPgxmBf6lAd4gmTygXdvsCBpJgq5bUoqtFYbdSFbfGcoG8qFeCpeWWAyUUQKv
AUH9aY1qQzSQfR+N5YuS+mZJ0nbb
-----END CERTIFICATE-----
Generated at Wed May 13 10:26:16 2026 by rpki-client