Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/94489F20269511F1B3C9A9C5DAE4EC9C.roa
File: 94489F20269511F1B3C9A9C5DAE4EC9C.roa (raw, json)
Hash identifier: 8IyQU114dD54X9pmwd5qU4IYnIE7Q3B7NYXvDL07iu4=
Subject key identifier: BD:C4:F0:DD:27:4E:67:22:62:97:56:B4:EF:80:BA:53:B9:C4:5D:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A6D1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/94489F20269511F1B3C9A9C5DAE4EC9C.roa
Signing time: Mon 23 Mar 2026 08:52:11 +0000
ROA not before: Mon 23 Mar 2026 08:52:05 +0000
ROA not after: Thu 30 Apr 2026 08:52:05 +0000
asID: 62468
IP address blocks: 156.245.128.0/21 maxlen: 24
156.245.128.0/24 maxlen: 24
156.245.129.0/24 maxlen: 24
156.245.130.0/24 maxlen: 24
156.245.131.0/24 maxlen: 24
156.245.132.0/24 maxlen: 24
156.245.133.0/24 maxlen: 24
156.245.134.0/24 maxlen: 24
156.245.135.0/24 maxlen: 24
156.245.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108241 (0x1a6d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 23 08:52:05 2026 GMT
Not After : Apr 30 08:52:05 2026 GMT
Subject: CN=69c0ff3b-6dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fd:c7:b6:f0:82:6d:0f:7a:27:4a:d3:b4:3e:
19:c3:81:3b:e2:2c:c1:d8:25:ff:ff:63:4b:97:07:
c0:af:46:f2:02:b9:62:91:b0:36:0f:60:2b:47:25:
f5:e0:d1:f1:54:f4:3a:24:b8:6a:82:93:3b:16:99:
10:d6:34:c4:83:bc:03:4a:12:7b:30:7c:69:b2:15:
40:1b:80:4a:1f:8a:f1:12:0e:c1:75:8d:ce:78:08:
f8:48:c3:f6:7a:43:7b:ff:88:d0:5f:8e:7c:40:bb:
69:a1:70:cf:e3:2f:9c:1f:d2:1a:0e:26:30:45:0d:
56:8c:d3:9a:eb:34:42:99:e8:aa:ab:39:ab:2b:45:
db:18:f7:23:9d:39:d3:7d:72:0b:89:b0:3b:17:cb:
42:17:7d:e0:c3:5d:ab:fe:22:92:ac:5b:e3:30:ed:
9a:6b:97:1e:6b:8d:14:22:b8:28:c5:b9:4a:e0:80:
20:14:30:29:e4:e8:22:8c:4a:bc:88:fb:46:ae:95:
4b:c3:1b:bc:91:03:74:de:dd:9c:23:2f:72:ff:de:
0d:e7:af:72:d6:60:69:a3:54:c9:7d:59:e7:c4:0f:
ff:7f:13:c7:fc:54:0e:3b:4d:ba:40:2a:df:9c:ee:
a6:e4:fd:ff:0f:be:64:05:93:71:4e:91:e3:11:32:
bc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C4:F0:DD:27:4E:67:22:62:97:56:B4:EF:80:BA:53:B9:C4:5D:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/94489F20269511F1B3C9A9C5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.128.0/21
156.245.248.0/21
Signature Algorithm: sha256WithRSAEncryption
68:9f:a4:33:67:17:ad:79:6d:39:97:4a:2b:92:58:5d:b6:22:
96:30:a4:ca:f7:62:19:5f:76:14:de:f7:aa:d9:2a:4c:b0:28:
60:a3:5b:2c:70:ac:a4:29:a4:6f:13:db:87:1c:af:9c:91:46:
9a:08:ee:e1:d5:5c:21:28:3f:0e:3d:a4:73:c7:ee:40:bf:f2:
30:a6:30:8c:5d:1b:e8:dc:36:e9:7f:69:9b:5f:63:dd:ca:4b:
5f:64:fd:13:ec:55:db:10:37:a9:71:88:51:d1:18:79:ef:26:
d0:f8:56:91:6b:11:f2:a8:73:b3:f9:fb:94:7b:0c:7b:64:bb:
42:37:6b:ec:d2:36:25:51:ba:ac:b2:81:bc:e6:95:a5:82:d7:
0e:5c:7a:87:f8:9a:41:50:43:aa:f9:68:ae:37:da:52:e9:c1:
96:20:86:cc:3e:c5:7a:e5:f3:a8:37:c8:a5:50:c3:71:5e:0d:
d3:63:7a:3a:88:c9:12:f9:79:28:2d:28:ff:ed:a7:3f:d0:87:
93:54:df:c2:79:1f:df:2a:92:12:f9:bd:08:98:31:92:a2:b6:
2c:1c:95:17:6d:c6:0b:3b:1a:f3:c3:48:cd:1b:aa:3a:bc:f7:
3e:d0:d8:ad:3f:36:0b:ad:59:10:dc:db:a7:9b:41:72:86:42:
5f:90:95:4a
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAabRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzIzMDg1MjA1WhcNMjYwNDMwMDg1MjA1WjAYMRYw
FAYDVQQDEw02OWMwZmYzYi02ZGQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo/3HtvCCbQ96J0rTtD4Zw4E74izB2CX//2NLlwfAr0byArlikbA2D2Ar
RyX14NHxVPQ6JLhqgpM7FpkQ1jTEg7wDShJ7MHxpshVAG4BKH4rxEg7BdY3OeAj4
SMP2ekN7/4jQX458QLtpoXDP4y+cH9IaDiYwRQ1WjNOa6zRCmeiqqzmrK0XbGPcj
nTnTfXILibA7F8tCF33gw12r/iKSrFvjMO2aa5cea40UIrgoxblK4IAgFDAp5Ogi
jEq8iPtGrpVLwxu8kQN03t2cIy9y/94N569y1mBpo1TJfVnnxA//fxPH/FQOO026
QCrfnO6m5P3/D75kBZNxTpHjETK8VQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL3E
8N0nTmciYpdWtO+AulO5xF3pMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NDQ4OUYyMDI2OTUxMUYxQjNDOUE5QzVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDnPWAAwQDnPX4MA0GCSqGSIb3
DQEBCwUAA4IBAQBon6QzZxeteW05l0orklhdtiKWMKTK92IZX3YU3veq2SpMsChg
o1sscKykKaRvE9uHHK+ckUaaCO7h1VwhKD8OPaRzx+5Av/IwpjCMXRvo3Dbpf2mb
X2PdyktfZP0T7FXbEDepcYhR0Rh57ybQ+FaRaxHyqHOz+fuUewx7ZLtCN2vs0jYl
UbqssoG85pWlgtcOXHqH+JpBUEOq+WiuN9pS6cGWIIbMPsV65fOoN8ilUMNxXg3T
Y3o6iMkS+XkoLSj/7ac/0IeTVN/CeR/fKpIS+b0ImDGSorYsHJUXbcYLOxrzw0jN
G6o6vPc+0NitPzYLrVkQ3Nunm0FyhkJfkJVK
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:10:14 2026 by rpki-client