Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/FBCC73B6962911EC95B7B1E05A40D577/857E4CA2244111F1A8C6B2B2DAE4EC9C.roa
File: 857E4CA2244111F1A8C6B2B2DAE4EC9C.roa (raw, json)
Hash identifier: m5OtoTpW6phlm0aXdZoDM0YYNH3uQ6eY7U5iJ1biBMw=
Subject key identifier: 17:8F:A6:02:6E:2B:9C:D0:8E:02:FA:37:61:AB:AE:B7:B2:97:C8:24
Certificate issuer: /CN=F363BA19AR/serialNumber=600C6C9582E14F379FD5A5B2B18D822E3651AF2E
Certificate serial: 06FD
Authority key identifier: 60:0C:6C:95:82:E1:4F:37:9F:D5:A5:B2:B1:8D:82:2E:36:51:AF:2E
Authority info access: rsync://rpki.afrinic.net/repository/arin/YAxslYLhTzef1aWysY2CLjZRry4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363BA19/FBCC73B6962911EC95B7B1E05A40D577/857E4CA2244111F1A8C6B2B2DAE4EC9C.roa
Signing time: Fri 20 Mar 2026 09:45:26 +0000
ROA not before: Fri 20 Mar 2026 09:45:21 +0000
ROA not after: Wed 31 Mar 2027 09:45:21 +0000
asID: 6079
IP address blocks: 45.221.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363BA19/FBCC73B6962911EC95B7B1E05A40D577/YAxslYLhTzef1aWysY2CLjZRry4.crl
rsync://rpki.afrinic.net/repository/member_repository/F363BA19/FBCC73B6962911EC95B7B1E05A40D577/YAxslYLhTzef1aWysY2CLjZRry4.mft
rsync://rpki.afrinic.net/repository/arin/YAxslYLhTzef1aWysY2CLjZRry4.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1789 (0x6fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363BA19AR, serialNumber=600C6C9582E14F379FD5A5B2B18D822E3651AF2E
Validity
Not Before: Mar 20 09:45:21 2026 GMT
Not After : Mar 31 09:45:21 2027 GMT
Subject: CN=69bd1736-2207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b0:de:7b:91:ac:b7:e4:54:75:37:05:18:c4:
47:f8:d9:50:29:ed:d3:05:4b:f4:8b:80:e1:26:fe:
04:6a:18:7c:f1:6e:23:d9:25:b5:a4:98:42:92:55:
10:d5:c5:20:d3:6a:d5:8e:7b:3f:77:65:43:99:6b:
37:00:94:3f:d2:b5:3a:d1:4e:3b:32:da:00:4d:1d:
54:e6:45:47:dd:0f:7d:ce:5a:0b:d3:22:5d:63:06:
df:1a:d4:70:1f:64:6d:56:9a:d3:f2:cb:2c:c7:93:
39:d8:a5:b9:34:7d:a8:af:18:56:74:fa:28:85:9e:
b1:0e:96:2f:68:3a:57:d8:e8:93:af:90:ea:f9:17:
f2:8a:b0:f1:e5:be:f4:0f:f6:4a:5b:f1:c1:33:15:
57:5b:7d:74:1c:d4:f2:27:0b:ec:95:3e:3b:97:10:
2f:39:6c:37:f9:2f:72:9f:0d:38:28:91:28:33:3d:
ca:db:83:f9:06:73:cc:2f:f3:d9:0a:32:24:1f:74:
6f:93:cc:9c:12:1c:e1:22:b8:f8:3d:83:30:37:89:
9f:18:47:92:64:67:91:56:af:34:a3:b1:84:b0:4f:
21:6b:11:df:ee:32:55:65:75:03:b8:9b:75:ca:f7:
ba:34:2c:32:96:26:ca:27:14:72:fb:d5:b5:89:03:
74:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8F:A6:02:6E:2B:9C:D0:8E:02:FA:37:61:AB:AE:B7:B2:97:C8:24
X509v3 Authority Key Identifier:
keyid:60:0C:6C:95:82:E1:4F:37:9F:D5:A5:B2:B1:8D:82:2E:36:51:AF:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/FBCC73B6962911EC95B7B1E05A40D577/YAxslYLhTzef1aWysY2CLjZRry4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/YAxslYLhTzef1aWysY2CLjZRry4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/FBCC73B6962911EC95B7B1E05A40D577/857E4CA2244111F1A8C6B2B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.221.69.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:e2:93:05:d0:80:95:e7:76:00:4c:a5:89:cb:eb:93:36:c7:
3a:33:b9:10:39:f7:14:ef:a9:3c:51:a5:3c:6e:b2:57:e4:34:
18:f6:fb:2d:19:2d:b8:2f:dd:cf:f7:ea:f5:76:40:af:8e:20:
81:59:da:b9:a9:97:3d:bf:20:56:84:c2:b8:83:d4:b9:13:f4:
a9:d9:08:16:f0:58:e6:30:63:77:ab:71:3b:2b:9b:da:dc:d6:
a3:7a:de:32:65:bb:29:1b:e8:e9:9a:3d:0a:d4:6e:6b:f6:b1:
b0:47:6d:fd:93:80:b5:f3:43:fe:2c:b8:4f:49:2f:00:bd:5e:
2d:8b:03:bd:df:59:64:6a:72:5d:f3:5a:58:ea:7d:94:9d:30:
84:37:d7:84:2e:2c:ef:e3:c7:30:0b:76:2b:a0:da:d8:0f:4f:
7a:c7:82:ab:68:d3:e4:10:a5:63:a2:b5:62:84:d0:42:21:04:
1a:a8:2c:84:2a:b1:1c:46:5c:3c:c0:09:c3:ce:c3:5c:8d:e0:
af:27:44:b0:c7:fb:12:d8:a4:60:8c:3b:f8:31:1c:4f:0f:35:
26:9e:c6:9b:56:d4:c7:c9:de:10:d5:b7:c3:76:8a:fc:d9:57:
04:8a:8f:f1:f4:1c:f2:a7:5f:5d:57:e3:34:17:ba:8b:0c:22:
f5:e8:ef:e4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBv0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBUjExMC8GA1UEBRMoNjAwQzZDOTU4MkUxNEYzNzlGRDVBNUIyQjE4RDgy
MkUzNjUxQUYyRTAeFw0yNjAzMjAwOTQ1MjFaFw0yNzAzMzEwOTQ1MjFaMBgxFjAU
BgNVBAMTDTY5YmQxNzM2LTIyMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDXsN57kay35FR1NwUYxEf42VAp7dMFS/SLgOEm/gRqGHzxbiPZJbWkmEKS
VRDVxSDTatWOez93ZUOZazcAlD/StTrRTjsy2gBNHVTmRUfdD33OWgvTIl1jBt8a
1HAfZG1WmtPyyyzHkznYpbk0faivGFZ0+iiFnrEOli9oOlfY6JOvkOr5F/KKsPHl
vvQP9kpb8cEzFVdbfXQc1PInC+yVPjuXEC85bDf5L3KfDTgokSgzPcrbg/kGc8wv
89kKMiQfdG+TzJwSHOEiuPg9gzA3iZ8YR5JkZ5FWrzSjsYSwTyFrEd/uMlVldQO4
m3XK97o0LDKWJsonFHL71bWJA3SLAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUF4+m
Am4rnNCOAvo3Yauut7KXyCQwHwYDVR0jBBgwFoAUYAxslYLhTzef1aWysY2CLjZR
ry4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5L0ZCQ0M3M0I2OTYyOTExRUM5NUI3QjFFMDVBNDBENTc3L1lBeHNs
WUxoVHplZjFhV3lzWTJDTGpaUnJ5NC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1lBeHNsWUxoVHplZjFhV3lzWTJDTGpaUnJ5NC5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjNCQTE5L0ZCQ0M3M0I2OTYyOTExRUM5NUI3QjFFMDVBNDBE
NTc3Lzg1N0U0Q0EyMjQ0MTExRjFBOEM2QjJCMkRBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAt3UUwDQYJKoZIhvcNAQELBQAD
ggEBAI3ikwXQgJXndgBMpYnL65M2xzozuRA59xTvqTxRpTxuslfkNBj2+y0ZLbgv
3c/36vV2QK+OIIFZ2rmplz2/IFaEwriD1LkT9KnZCBbwWOYwY3ercTsrm9rc1qN6
3jJluykb6OmaPQrUbmv2sbBHbf2TgLXzQ/4suE9JLwC9Xi2LA73fWWRqcl3zWljq
fZSdMIQ314QuLO/jxzALdiug2tgPT3rHgqto0+QQpWOitWKE0EIhBBqoLIQqsRxG
XDzACcPOw1yN4K8nRLDH+xLYpGCMO/gxHE8PNSaexptW1MfJ3hDVt8N2ivzZVwSK
j/H0HPKnX11X4zQXuosMIvXo7+Q=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:34:20 2026 by rpki-client