Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFD3FD24A0611F1A4CB2F02CF1D38B0.roa
File: CAFD3FD24A0611F1A4CB2F02CF1D38B0.roa (raw, json)
Hash identifier: vnyB1EsUwHxzz0E7i0/gSmEdeuw0Nyl2wBNz1EanLL8=
Subject key identifier: 2B:68:DF:7D:9E:BF:E0:F2:D2:F4:D1:FC:FC:E2:AC:B7:09:AC:B1:48
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B242
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFD3FD24A0611F1A4CB2F02CF1D38B0.roa
Signing time: Thu 07 May 2026 11:20:46 +0000
ROA not before: Thu 07 May 2026 11:20:42 +0000
ROA not after: Fri 15 May 2026 11:20:42 +0000
asID: 149014
IP address blocks: 156.236.96.0/22 maxlen: 24
156.236.108.0/22 maxlen: 24
156.236.112.0/21 maxlen: 24
156.236.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111170 (0x1b242)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 7 11:20:42 2026 GMT
Not After : May 15 11:20:42 2026 GMT
Subject: CN=69fc758e-1e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b8:8f:e5:a0:2b:5e:bb:86:36:5d:44:46:2f:
f8:63:0a:1e:39:f5:00:ca:0b:a4:54:50:95:ce:20:
a2:7e:42:62:55:c8:8c:c6:80:26:50:09:6d:78:c9:
1c:e9:7a:c9:02:52:54:19:2f:34:3b:04:86:20:0e:
57:e0:18:ea:67:e1:83:d9:c1:b4:17:a5:46:89:95:
7c:93:be:9c:7e:bd:86:cb:5e:2b:00:55:2e:02:36:
ff:ad:85:2e:8d:70:f1:02:85:10:91:32:e5:b0:f0:
3e:01:87:13:79:27:e3:ce:ed:40:73:03:81:5a:30:
f9:40:08:f8:bb:30:dc:40:f8:b2:54:8b:d2:ee:5c:
c0:34:0b:ca:f2:47:aa:a7:e5:35:b9:80:8e:17:f9:
db:0f:54:03:bd:02:02:15:76:34:d2:dc:40:b9:f4:
0f:d2:26:7e:2a:ff:45:d0:21:3b:22:05:8f:18:6a:
a6:9d:0e:fd:d6:d9:46:ad:f6:97:d9:8a:1c:06:51:
a1:34:a0:15:f2:a7:9b:10:90:41:c8:41:6b:6a:e0:
a8:7d:18:96:95:f8:02:ca:26:37:e9:65:22:6f:c2:
5a:e0:5e:4c:30:01:c8:84:cc:3c:44:93:0e:0e:ac:
87:85:07:9f:8d:ea:66:e8:ce:72:90:e2:17:ef:1b:
b4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:68:DF:7D:9E:BF:E0:F2:D2:F4:D1:FC:FC:E2:AC:B7:09:AC:B1:48
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFD3FD24A0611F1A4CB2F02CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.96.0/22
156.236.108.0-156.236.119.255
156.236.124.0/22
Signature Algorithm: sha256WithRSAEncryption
51:bb:2c:0f:fb:ad:42:42:21:8c:76:f3:66:42:4d:fc:81:39:
2a:88:d4:dc:c5:d4:8b:4b:04:26:7f:6e:5a:47:e9:29:bc:72:
58:ff:ef:24:d7:6c:a1:65:a9:f7:ef:bf:7b:0b:31:e1:5c:3d:
23:f2:a9:cf:2d:4d:12:9e:8c:5e:c1:30:ec:a6:db:88:36:85:
f0:29:ca:3d:c6:8e:c7:a1:3d:fc:7c:ec:71:8f:89:a5:3e:d3:
9b:ff:2e:e2:ae:86:37:94:ba:c3:7f:f7:0b:74:3f:61:e6:b5:
65:6c:ba:8f:6a:32:ce:79:f9:a2:25:61:42:f1:1b:06:62:45:
69:48:26:ca:99:af:47:ce:17:be:6c:4f:c8:fa:76:1b:d8:a2:
f8:2c:ab:35:a5:7a:67:18:be:66:b7:b0:e7:d3:1e:70:f4:48:
83:5f:dd:ef:98:d8:df:84:c3:8d:67:3a:0f:05:b3:19:e9:d1:
61:f1:fe:c1:8e:9a:62:10:1c:53:fe:de:fa:cf:b9:06:f4:6a:
fb:e8:3f:6a:7e:9d:69:62:8f:04:fb:2c:ed:eb:31:2e:25:d8:
51:1f:7b:bc:70:ad:6b:fb:d2:24:5a:92:e3:ac:a6:eb:40:5b:
21:c6:8a:0a:b3:f3:02:e9:11:72:6e:6f:1d:77:9d:66:d3:e6:
cc:5b:12:03
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAbJCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTA3MTEyMDQyWhcNMjYwNTE1MTEyMDQyWjAYMRYw
FAYDVQQDEw02OWZjNzU4ZS0xZTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyriP5aArXruGNl1ERi/4YwoeOfUAygukVFCVziCifkJiVciMxoAmUAlt
eMkc6XrJAlJUGS80OwSGIA5X4BjqZ+GD2cG0F6VGiZV8k76cfr2Gy14rAFUuAjb/
rYUujXDxAoUQkTLlsPA+AYcTeSfjzu1AcwOBWjD5QAj4uzDcQPiyVIvS7lzANAvK
8keqp+U1uYCOF/nbD1QDvQICFXY00txAufQP0iZ+Kv9F0CE7IgWPGGqmnQ791tlG
rfaX2YocBlGhNKAV8qebEJBByEFrauCofRiWlfgCyiY36WUib8Ja4F5MMAHIhMw8
RJMODqyHhQefjepm6M5ykOIX7xu0yQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFCto
332ev+Dy0vTR/PzirLcJrLFIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQUZEM0ZEMjRBMDYxMUYxQTRDQjJGMDJDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCnOxgMAwDBAKc7GwDBAOc7HAD
BAKc7HwwDQYJKoZIhvcNAQELBQADggEBAFG7LA/7rUJCIYx282ZCTfyBOSqI1NzF
1ItLBCZ/blpH6Sm8clj/7yTXbKFlqffvv3sLMeFcPSPyqc8tTRKejF7BMOym24g2
hfApyj3GjsehPfx87HGPiaU+05v/LuKuhjeUusN/9wt0P2HmtWVsuo9qMs55+aIl
YULxGwZiRWlIJsqZr0fOF75sT8j6dhvYovgsqzWlemcYvma3sOfTHnD0SINf3e+Y
2N+Ew41nOg8Fsxnp0WHx/sGOmmIQHFP+3vrPuQb0avvoP2p+nWlijwT7LO3rMS4l
2FEfe7xwrWv70iRakuOsputAWyHGigqz8wLpEXJubx13nWbT5sxbEgM=
-----END CERTIFICATE-----
Generated at Wed May 13 04:54:31 2026 by rpki-client