Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C66046AC414811F188BE0CD9CE1D38B0.roa
File: C66046AC414811F188BE0CD9CE1D38B0.roa (raw, json)
Hash identifier: Y+02XIQxP9IoUalscm8ksXPqmlWtYh5Vp7J7rCYy08g=
Subject key identifier: BB:3F:5C:E8:61:51:0D:A4:8E:4E:72:98:CF:CB:38:2C:94:D6:E3:CF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AF5D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C66046AC414811F188BE0CD9CE1D38B0.roa
Signing time: Sun 26 Apr 2026 08:20:25 +0000
ROA not before: Sun 26 Apr 2026 08:20:20 +0000
ROA not after: Mon 01 Jun 2026 08:20:20 +0000
asID: 9304
IP address blocks: 156.245.136.0/23 maxlen: 24
156.245.152.0/22 maxlen: 24
156.245.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110429 (0x1af5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 26 08:20:20 2026 GMT
Not After : Jun 1 08:20:20 2026 GMT
Subject: CN=69edcac9-4535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:58:e6:ed:6d:9e:e1:5d:19:61:e8:ee:f7:61:
88:55:04:0d:e3:99:37:f5:55:d4:57:3c:18:82:b1:
fb:bc:87:ba:71:87:e7:18:a6:5f:4c:52:38:60:43:
64:c6:b4:77:fc:ca:6a:a6:84:dc:5d:ad:20:05:25:
a1:d4:c7:75:81:9c:d8:b5:97:62:c9:d0:ec:50:f4:
5c:48:c0:ec:49:ef:21:bd:0e:07:a8:f0:b2:dd:22:
ec:ee:12:57:70:46:88:dc:cd:ae:e8:45:95:4b:08:
f4:11:73:f1:8b:8d:a0:70:22:44:52:6b:bf:18:68:
e0:74:44:af:94:8c:3f:a0:12:1b:11:54:f9:09:94:
58:59:85:7a:25:aa:e9:95:75:4a:bd:82:b4:6b:7e:
ff:8a:36:52:21:f5:e5:4f:8f:a1:54:fe:96:fc:a3:
e3:a9:90:e8:6c:ee:3d:42:58:90:f3:20:50:6a:66:
d9:5e:71:00:5c:78:61:3a:75:71:a2:d9:7b:a0:68:
43:f3:7e:43:ea:c4:fe:1a:41:94:8f:65:d9:26:ab:
cc:9b:31:ba:34:63:d2:de:49:75:4d:23:a3:55:d4:
21:fd:d3:a6:77:ca:89:61:f5:b8:92:63:0d:46:00:
df:50:da:48:54:38:71:e7:85:dc:e1:63:f2:38:4a:
ce:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:3F:5C:E8:61:51:0D:A4:8E:4E:72:98:CF:CB:38:2C:94:D6:E3:CF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C66046AC414811F188BE0CD9CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.136.0/23
156.245.152.0/21
Signature Algorithm: sha256WithRSAEncryption
10:66:c6:f6:b7:ab:cb:a2:a5:ee:ab:b8:46:d4:1b:91:a5:9d:
38:0e:e2:b0:f0:01:f1:b7:48:59:44:ca:7b:62:2e:35:38:dc:
5b:d3:b7:cd:35:47:8e:d8:e7:ad:e8:42:31:f3:26:1b:bd:6e:
b2:e0:12:76:01:bc:d4:b9:30:0c:38:a2:87:29:6a:f0:f0:a6:
b9:6b:67:85:d3:49:d4:0d:7b:28:f6:2a:4d:b2:7c:3c:a8:18:
9d:d8:f3:10:ce:74:a0:b1:fc:a9:15:a0:b5:16:3d:3b:eb:f6:
21:09:1c:7c:a1:0b:48:52:e3:c6:f7:71:39:a7:b3:0f:32:30:
10:a8:a2:d2:d1:c0:b0:54:15:8c:94:3d:2d:f6:3a:cf:cb:0d:
4d:9c:01:df:39:c9:bb:d1:2b:9d:95:2f:75:23:80:39:db:46:
bb:c3:73:65:69:04:a6:47:87:35:d2:f4:08:99:ce:c0:ee:df:
30:25:db:ac:50:18:d2:71:44:0e:12:04:5f:9a:e4:38:c2:62:
46:b8:46:e2:0e:e6:43:c3:73:01:80:0b:99:fd:f7:a1:57:d3:
b9:9f:3c:3f:b2:2e:11:8b:67:3b:3d:8e:37:41:5e:40:28:75:
ed:2d:80:2f:55:c5:00:d6:b0:4b:1b:3b:2b:21:d9:06:c9:8b:
fc:b0:11:b5
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAa9dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDI2MDgyMDIwWhcNMjYwNjAxMDgyMDIwWjAYMRYw
FAYDVQQDEw02OWVkY2FjOS00NTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8Fjm7W2e4V0ZYeju92GIVQQN45k39VXUVzwYgrH7vIe6cYfnGKZfTFI4
YENkxrR3/MpqpoTcXa0gBSWh1Md1gZzYtZdiydDsUPRcSMDsSe8hvQ4HqPCy3SLs
7hJXcEaI3M2u6EWVSwj0EXPxi42gcCJEUmu/GGjgdESvlIw/oBIbEVT5CZRYWYV6
JarplXVKvYK0a37/ijZSIfXlT4+hVP6W/KPjqZDobO49QliQ8yBQambZXnEAXHhh
OnVxotl7oGhD835D6sT+GkGUj2XZJqvMmzG6NGPS3kl1TSOjVdQh/dOmd8qJYfW4
kmMNRgDfUNpIVDhx54Xc4WPyOErOiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLs/
XOhhUQ2kjk5ymM/LOCyU1uPPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNjYwNDZBQzQxNDgxMUYxODhCRTBDRDlDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnPWIAwQDnPWYMA0GCSqGSIb3
DQEBCwUAA4IBAQAQZsb2t6vLoqXuq7hG1BuRpZ04DuKw8AHxt0hZRMp7Yi41ONxb
07fNNUeO2Oet6EIx8yYbvW6y4BJ2AbzUuTAMOKKHKWrw8Ka5a2eF00nUDXso9ipN
snw8qBid2PMQznSgsfypFaC1Fj076/YhCRx8oQtIUuPG93E5p7MPMjAQqKLS0cCw
VBWMlD0t9jrPyw1NnAHfOcm70SudlS91I4A520a7w3NlaQSmR4c10vQImc7A7t8w
JdusUBjScUQOEgRfmuQ4wmJGuEbiDuZDw3MBgAuZ/fehV9O5nzw/si4Ri2c7PY43
QV5AKHXtLYAvVcUA1rBLGzsrIdkGyYv8sBG1
-----END CERTIFICATE-----
Generated at Wed May 13 07:14:47 2026 by rpki-client