Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BBB85144B8711F18B0208A8CE1D38B0.roa
File: 2BBB85144B8711F18B0208A8CE1D38B0.roa (raw, json)
Hash identifier: Um2qZvh9lOZfXKr0RXSRHuDUG3LgZ+CR/ccnIiJ1zLU=
Subject key identifier: 2D:D3:98:BF:B0:8E:60:7A:2C:79:EE:23:6B:11:52:74:C0:62:10:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B30C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BBB85144B8711F18B0208A8CE1D38B0.roa
Signing time: Sat 09 May 2026 09:12:15 +0000
ROA not before: Sat 09 May 2026 09:12:11 +0000
ROA not after: Tue 16 Jun 2026 09:12:11 +0000
asID: 401701
IP address blocks: 45.192.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111372 (0x1b30c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 9 09:12:11 2026 GMT
Not After : Jun 16 09:12:11 2026 GMT
Subject: CN=69fefa6f-35fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bb:d1:b6:9f:1b:32:44:0b:49:12:cc:fb:0e:
19:3c:fc:1c:df:a2:28:4d:a7:39:e7:d4:5f:89:06:
30:fb:fb:7b:05:b9:f3:79:11:d2:57:e8:5e:7b:c1:
5d:2f:f6:61:ec:0b:c8:c7:f1:4b:f6:7c:33:35:f8:
e6:7a:50:f3:50:ea:a8:2b:cc:73:22:52:9e:34:b2:
95:82:45:82:3c:b0:c4:48:e5:42:d5:6d:5e:aa:97:
10:da:a3:09:4f:5d:01:d4:5d:a1:b6:e9:a3:1c:d4:
9e:8d:7f:44:36:27:ff:df:0e:93:38:73:43:06:1f:
46:a1:5b:36:4b:8c:f0:6e:a1:cf:ee:ed:40:aa:9c:
31:27:43:e0:1b:d1:1b:46:7a:c4:62:19:5c:b7:a2:
0f:1e:e7:a7:d4:bc:16:dd:e0:56:5a:ff:99:d5:c8:
7c:4e:96:f9:65:ca:0a:11:29:43:7e:ed:08:ca:85:
eb:59:4c:0a:60:94:7d:1b:78:58:c7:ef:c6:2b:7a:
c5:00:6c:69:5e:74:e7:f0:70:6a:11:e6:44:09:bd:
25:b4:90:f4:83:46:26:71:94:f2:de:ef:5e:ba:53:
f7:fe:49:60:99:dd:3c:da:73:dd:59:d1:fd:0e:de:
26:58:90:61:19:84:2f:b1:d7:89:e8:a1:80:13:84:
e4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D3:98:BF:B0:8E:60:7A:2C:79:EE:23:6B:11:52:74:C0:62:10:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BBB85144B8711F18B0208A8CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/20
Signature Algorithm: sha256WithRSAEncryption
98:d6:31:52:40:c0:8b:c2:40:2a:36:b9:fb:7a:87:63:1c:f0:
6d:44:3b:53:46:40:2c:25:6c:31:3f:47:ec:8d:fc:7b:8b:36:
09:0c:b5:c7:14:a0:d3:3d:c4:4b:04:40:8f:61:af:71:3f:2b:
21:2c:a0:64:8a:8f:12:b8:f6:9d:3b:f1:13:2b:0b:6d:8e:68:
8c:50:c1:e8:4a:3b:24:72:df:de:16:53:ef:1b:97:fe:95:dc:
1d:98:23:22:d0:14:a5:90:fb:ac:d1:a4:fa:5f:8d:38:04:8c:
1f:39:5f:fd:45:80:62:09:35:f1:b8:48:35:5e:42:8f:e0:79:
b0:aa:9a:b2:01:2c:09:eb:c5:ab:ee:84:56:a3:82:d2:f1:1b:
37:5f:86:d1:41:8a:21:3b:3a:e3:94:a6:24:f4:ef:0a:e3:9b:
d5:6e:43:ac:b8:cf:b7:b8:2f:80:71:9d:f7:a0:4a:d0:9f:88:
53:e9:e2:9c:c6:e0:cc:7b:df:96:42:48:4b:f1:6f:01:66:0f:
d0:c9:bc:b9:0f:58:5c:aa:fd:13:4d:7a:5e:0f:d4:9d:8d:14:
ea:da:2e:79:46:71:93:bb:be:b4:86:fa:f4:7a:ea:07:72:18:
2c:9a:88:d6:49:ab:e6:93:04:2b:4e:b4:5f:2a:bc:a4:14:98:
7d:bb:ac:10
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbMMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTA5MDkxMjExWhcNMjYwNjE2MDkxMjExWjAYMRYw
FAYDVQQDEw02OWZlZmE2Zi0zNWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl7vRtp8bMkQLSRLM+w4ZPPwc36IoTac559RfiQYw+/t7BbnzeRHSV+he
e8FdL/Zh7AvIx/FL9nwzNfjmelDzUOqoK8xzIlKeNLKVgkWCPLDESOVC1W1eqpcQ
2qMJT10B1F2htumjHNSejX9ENif/3w6TOHNDBh9GoVs2S4zwbqHP7u1AqpwxJ0Pg
G9EbRnrEYhlct6IPHuen1LwW3eBWWv+Z1ch8Tpb5ZcoKESlDfu0IyoXrWUwKYJR9
G3hYx+/GK3rFAGxpXnTn8HBqEeZECb0ltJD0g0YmcZTy3u9eulP3/klgmd082nPd
WdH9Dt4mWJBhGYQvsdeJ6KGAE4TkAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC3T
mL+wjmB6LHnuI2sRUnTAYhChMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQkJCODUxNDRCODcxMUYxOEIwMjA4QThDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcBgMA0GCSqGSIb3DQEBCwUA
A4IBAQCY1jFSQMCLwkAqNrn7eodjHPBtRDtTRkAsJWwxP0fsjfx7izYJDLXHFKDT
PcRLBECPYa9xPyshLKBkio8SuPadO/ETKwttjmiMUMHoSjskct/eFlPvG5f+ldwd
mCMi0BSlkPus0aT6X404BIwfOV/9RYBiCTXxuEg1XkKP4HmwqpqyASwJ68Wr7oRW
o4LS8Rs3X4bRQYohOzrjlKYk9O8K45vVbkOsuM+3uC+AcZ33oErQn4hT6eKcxuDM
e9+WQkhL8W8BZg/Qyby5D1hcqv0TTXpeD9SdjRTq2i55RnGTu760hvr0euoHchgs
mojWSavmkwQrTrRfKrykFJh9u6wQ
-----END CERTIFICATE-----
Generated at Wed May 13 14:17:08 2026 by rpki-client