Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D00FB2E447311F18C247215CF1D38B0.roa
File: 0D00FB2E447311F18C247215CF1D38B0.roa (raw, json)
Hash identifier: 0cKEdaxVI/D/83uFIyhz9wyRaWJJW/tKlBSbGXJuhaU=
Subject key identifier: E4:58:76:B6:EF:0D:C9:DF:5D:CC:5C:DC:24:2E:52:0C:EB:53:B1:42
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B010
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D00FB2E447311F18C247215CF1D38B0.roa
Signing time: Thu 30 Apr 2026 09:00:36 +0000
ROA not before: Thu 30 Apr 2026 09:00:31 +0000
ROA not after: Wed 15 Jul 2026 09:00:31 +0000
asID: 135377
IP address blocks: 45.192.10.0/24 maxlen: 24
45.192.11.0/24 maxlen: 24
45.194.68.0/24 maxlen: 24
45.194.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110608 (0x1b010)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 30 09:00:31 2026 GMT
Not After : Jul 15 09:00:31 2026 GMT
Subject: CN=69f31a34-53da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bb:c8:ed:c8:12:8a:70:a9:34:19:3b:ec:aa:
51:4d:05:c5:61:63:c5:5e:db:bf:63:b9:28:26:68:
19:cf:bc:ca:41:20:f6:57:6a:06:41:bd:8f:8b:ea:
d8:51:7d:a1:01:d3:30:dd:6c:2f:bd:85:58:bb:e2:
bd:d9:be:7e:8a:fa:52:c1:91:16:47:8f:7d:57:da:
29:5c:94:2a:37:c0:6b:30:91:7d:0a:7b:28:96:21:
d9:ec:29:6c:84:f9:76:ae:57:cb:5a:52:fa:18:2c:
6d:bc:db:5e:9e:72:c9:a8:31:a9:d9:e3:82:7c:26:
88:ce:02:83:1b:11:c9:5c:fa:72:f0:70:3e:f3:50:
bb:43:05:62:43:e8:be:65:bf:22:cb:03:ff:09:18:
30:47:67:cd:da:11:75:02:36:0e:4b:b0:39:ec:1d:
c3:63:2a:fd:e2:27:f1:33:6d:14:99:de:15:0a:c9:
4a:c4:73:ea:14:da:db:ea:be:e5:80:b3:85:17:8c:
9a:a8:97:cc:49:b9:02:cb:44:d9:9f:35:53:d2:b4:
53:7a:8a:55:9b:ba:fe:56:1d:85:7b:e2:49:58:90:
fb:a1:9e:74:aa:ce:b7:ac:21:69:08:87:5c:30:6a:
64:45:2f:b8:db:1e:79:ff:5e:e0:a4:ae:02:e5:1a:
68:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:58:76:B6:EF:0D:C9:DF:5D:CC:5C:DC:24:2E:52:0C:EB:53:B1:42
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D00FB2E447311F18C247215CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.10.0/23
45.194.68.0/24
45.194.70.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:a5:ab:2c:d8:a7:9f:b9:ce:5f:bb:3a:60:04:ae:dc:06:c9:
9a:e2:fc:88:45:c3:62:28:de:87:95:92:c9:96:00:ad:bf:d8:
ca:e9:4e:7d:1e:d9:dc:57:b5:b2:01:28:66:a5:04:74:23:4d:
b0:75:ed:1e:12:21:a0:62:5b:77:b8:ca:56:37:ec:af:e9:ba:
03:10:a9:c4:a5:a3:e9:32:80:38:b4:c6:e0:37:b5:79:bd:5c:
bd:fd:71:d7:4a:f0:0e:9a:54:03:bf:ea:a2:42:29:35:a9:73:
84:09:f0:6b:5c:30:bc:e7:a2:9a:cb:39:19:cd:03:29:0f:e5:
dd:51:1b:0c:57:9f:5b:bb:30:64:01:c7:f0:8e:29:86:e2:48:
ac:82:9a:7c:49:63:cb:3b:00:27:aa:61:a2:0f:33:ec:1a:80:
6b:77:db:93:45:1b:6d:73:86:1f:68:f2:47:53:f2:9f:95:2a:
28:7d:91:69:e9:57:9b:ae:3d:e7:20:00:6a:0f:36:21:b9:fd:
65:89:be:0c:aa:44:53:05:21:a8:e5:52:a8:1d:39:b1:44:31:
fd:d9:d9:d0:b9:81:a2:c7:83:3b:98:ad:3a:3c:44:4d:fb:f9:
8c:da:f7:ac:df:da:5f:a4:6a:33:a8:bd:80:9b:e9:d0:20:86:
0b:a2:98:6f
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAbAQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDMwMDkwMDMxWhcNMjYwNzE1MDkwMDMxWjAYMRYw
FAYDVQQDEw02OWYzMWEzNC01M2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzLvI7cgSinCpNBk77KpRTQXFYWPFXtu/Y7koJmgZz7zKQSD2V2oGQb2P
i+rYUX2hAdMw3WwvvYVYu+K92b5+ivpSwZEWR499V9opXJQqN8BrMJF9CnsoliHZ
7ClshPl2rlfLWlL6GCxtvNtennLJqDGp2eOCfCaIzgKDGxHJXPpy8HA+81C7QwVi
Q+i+Zb8iywP/CRgwR2fN2hF1AjYOS7A57B3DYyr94ifxM20Umd4VCslKxHPqFNrb
6r7lgLOFF4yaqJfMSbkCy0TZnzVT0rRTeopVm7r+Vh2Fe+JJWJD7oZ50qs63rCFp
CIdcMGpkRS+42x55/17gpK4C5Rpo4QIDAQABo4ICrjCCAqowHQYDVR0OBBYEFORY
drbvDcnfXcxc3CQuUgzrU7FCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRDAwRkIyRTQ0NzMxMUYxOEMyNDcyMTVDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLcAKAwQALcJEAwQALcJGMA0G
CSqGSIb3DQEBCwUAA4IBAQCmpass2Kefuc5fuzpgBK7cBsma4vyIRcNiKN6HlZLJ
lgCtv9jK6U59HtncV7WyAShmpQR0I02wde0eEiGgYlt3uMpWN+yv6boDEKnEpaPp
MoA4tMbgN7V5vVy9/XHXSvAOmlQDv+qiQik1qXOECfBrXDC856KayzkZzQMpD+Xd
URsMV59buzBkAcfwjimG4kisgpp8SWPLOwAnqmGiDzPsGoBrd9uTRRttc4YfaPJH
U/KflSoofZFp6Vebrj3nIABqDzYhuf1lib4MqkRTBSGo5VKoHTmxRDH92dnQuYGi
x4M7mK06PERN+/mM2ves39pfpGozqL2Am+nQIIYLophv
-----END CERTIFICATE-----
Generated at Wed May 13 12:51:03 2026 by rpki-client