Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EA411F84B7E11F1B7DE8EF5CE1D38B0.roa
File: 9EA411F84B7E11F1B7DE8EF5CE1D38B0.roa (raw, json)
Hash identifier: z/c9uFkdcqQiNgrPoETRGgUiW+RgJQ0SZtH2fcykbYM=
Subject key identifier: FB:79:FB:94:18:27:3A:8D:F9:98:F0:AB:04:49:E3:40:05:BB:83:91
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B304
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EA411F84B7E11F1B7DE8EF5CE1D38B0.roa
Signing time: Sat 09 May 2026 08:11:03 +0000
ROA not before: Sat 09 May 2026 08:10:58 +0000
ROA not after: Sun 31 May 2026 08:10:58 +0000
asID: 139880
IP address blocks: 156.227.64.0/18 maxlen: 24
156.254.32.0/19 maxlen: 24
156.254.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111364 (0x1b304)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 9 08:10:58 2026 GMT
Not After : May 31 08:10:58 2026 GMT
Subject: CN=69feec17-b889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:da:5e:49:57:ee:e6:2d:a4:dc:ef:e9:3f:4c:
66:13:4e:8e:5c:3c:6c:e2:ac:84:f0:db:e2:3a:54:
f3:cf:4e:d0:9e:d8:ac:b4:2f:d6:dc:7f:80:d2:89:
b4:bc:3b:bc:40:03:1d:e6:df:be:5b:90:a5:e5:80:
3a:b6:b3:e6:85:08:d1:a4:03:4d:af:f4:11:85:ae:
a7:3c:bf:38:0b:18:f3:7b:25:b5:f7:6c:0d:14:92:
d3:3c:98:2e:a8:ea:fc:7d:a9:19:67:46:15:c0:c1:
c6:da:96:fb:3c:ea:17:be:ec:78:30:16:bf:ff:b8:
ed:df:44:2c:f7:dc:f4:a1:ff:cb:9b:f1:5c:09:7c:
8b:79:54:dd:c4:71:a3:58:f4:4c:e2:d9:90:83:12:
6a:74:64:b8:9f:0e:b3:55:31:c7:c7:a3:40:22:fc:
ac:d7:9a:c7:fb:cf:d9:ea:e7:5e:ff:34:62:c7:9d:
70:2e:81:2f:8f:13:0b:a2:81:1a:80:ef:c9:35:b8:
5a:58:73:25:44:92:9a:98:42:4d:5e:a9:e7:41:a7:
1a:0d:60:50:4e:ea:25:6e:0c:39:ad:a4:e8:ee:16:
39:c1:e2:2e:23:2f:ed:25:00:4b:9e:b2:b4:a4:ee:
a6:ea:6b:76:78:df:05:15:a7:88:b4:31:8b:a1:95:
e1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:79:FB:94:18:27:3A:8D:F9:98:F0:AB:04:49:E3:40:05:BB:83:91
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EA411F84B7E11F1B7DE8EF5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.64.0/18
156.254.32.0-156.254.95.255
Signature Algorithm: sha256WithRSAEncryption
3c:2d:2b:16:5e:17:73:85:99:87:e9:ec:fe:51:1c:f5:86:79:
ea:ea:bf:44:36:f1:63:27:6d:f2:69:bf:49:fa:9f:ae:1c:87:
81:ff:cf:ab:15:26:94:36:65:74:90:d3:51:5f:70:21:f5:33:
1a:1b:bc:0f:c7:fe:a2:8d:e1:fd:79:94:99:2f:3f:c2:55:61:
7a:6d:fe:65:00:dd:c9:da:56:85:4b:2c:b5:d9:af:c3:8e:a7:
12:3f:72:12:c4:ff:a0:97:65:24:b4:dc:f8:be:89:d3:18:e3:
f9:c7:45:b5:43:de:0f:59:d9:6e:ed:b8:8a:f8:be:3c:41:a6:
c9:16:02:85:19:a5:52:f8:44:15:88:e4:7e:8c:34:e1:be:f3:
1f:4f:3f:bb:cc:fa:ad:1c:9d:5f:ce:59:8d:a9:45:72:a5:6b:
40:3d:66:d8:85:bc:a0:7a:94:52:a6:36:00:ad:2d:14:34:7e:
7e:c3:c9:e1:1d:b9:ae:d4:a1:9f:4c:8f:ea:99:2e:e0:76:3a:
0b:ce:b6:e6:96:97:b6:65:c6:59:70:f1:c2:75:b7:9d:44:04:
c2:f8:b6:0c:a6:d6:58:ef:97:40:fd:8f:7e:52:f8:a5:5b:ff:
7a:3a:f1:ff:98:05:9a:24:bb:0a:30:35:31:10:0c:60:d3:7f:
57:ac:d8:fe
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAbMEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTA5MDgxMDU4WhcNMjYwNTMxMDgxMDU4WjAYMRYw
FAYDVQQDEw02OWZlZWMxNy1iODg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA09peSVfu5i2k3O/pP0xmE06OXDxs4qyE8NviOlTzz07QntistC/W3H+A
0om0vDu8QAMd5t++W5Cl5YA6trPmhQjRpANNr/QRha6nPL84CxjzeyW192wNFJLT
PJguqOr8fakZZ0YVwMHG2pb7POoXvux4MBa//7jt30Qs99z0of/Lm/FcCXyLeVTd
xHGjWPRM4tmQgxJqdGS4nw6zVTHHx6NAIvys15rH+8/Z6ude/zRix51wLoEvjxML
ooEagO/JNbhaWHMlRJKamEJNXqnnQacaDWBQTuolbgw5raTo7hY5weIuIy/tJQBL
nrK0pO6m6mt2eN8FFaeItDGLoZXh+QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFPt5
+5QYJzqN+ZjwqwRJ40AFu4ORMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RUE0MTFGODRCN0UxMUYxQjdERThFRjVDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQGnONAMAwDBAWc/iADBAWc/kAw
DQYJKoZIhvcNAQELBQADggEBADwtKxZeF3OFmYfp7P5RHPWGeerqv0Q28WMnbfJp
v0n6n64ch4H/z6sVJpQ2ZXSQ01FfcCH1MxobvA/H/qKN4f15lJkvP8JVYXpt/mUA
3cnaVoVLLLXZr8OOpxI/chLE/6CXZSS03Pi+idMY4/nHRbVD3g9Z2W7tuIr4vjxB
pskWAoUZpVL4RBWI5H6MNOG+8x9PP7vM+q0cnV/OWY2pRXKla0A9ZtiFvKB6lFKm
NgCtLRQ0fn7DyeEdua7UoZ9Mj+qZLuB2OgvOtuaWl7Zlxllw8cJ1t51EBML4tgym
1ljvl0D9j35S+KVb/3o68f+YBZokuwowNTEQDGDTf1es2P4=
-----END CERTIFICATE-----
Generated at Wed May 13 14:27:24 2026 by rpki-client