Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/533927464BA411F1943AE7D5CE1D38B0.roa
File: 533927464BA411F1943AE7D5CE1D38B0.roa (raw, json)
Hash identifier: 6enuj3V1oX0jZfhZbCkG/ww2Vu7CewrWwlyUU5aFNL8=
Subject key identifier: 82:FA:A7:28:6A:91:E9:E3:AD:ED:98:62:14:8B:8E:55:99:05:BC:62
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B31A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/533927464BA411F1943AE7D5CE1D38B0.roa
Signing time: Sat 09 May 2026 12:40:57 +0000
ROA not before: Sat 09 May 2026 12:40:52 +0000
ROA not after: Sun 21 Jun 2026 12:40:52 +0000
asID: 9304
IP address blocks: 45.202.204.0/24 maxlen: 24
45.204.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111386 (0x1b31a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 9 12:40:52 2026 GMT
Not After : Jun 21 12:40:52 2026 GMT
Subject: CN=69ff2b59-8bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:de:50:5f:b1:9f:9a:22:93:ac:cc:a4:89:d2:
4e:70:e6:f4:3d:52:4b:d9:b4:aa:50:0b:9f:b1:5f:
cf:d2:06:70:e8:e3:22:87:7c:7e:26:c3:36:38:e3:
11:1d:22:63:b8:47:b1:c2:8b:4f:c4:ba:65:2c:f1:
53:6a:00:e1:8b:4a:af:31:24:87:bd:ab:0e:63:74:
cf:66:f0:97:c9:02:e1:d8:e9:a0:f3:93:d9:ff:5a:
cf:b2:11:5a:c4:fd:73:9f:b2:85:f5:3e:26:0f:30:
3e:2c:f7:65:a0:67:42:c5:86:d4:82:cb:7f:83:c0:
9a:31:9e:15:44:4c:63:28:40:0a:cc:03:27:02:59:
12:0d:58:0d:84:e2:33:be:d5:a9:9b:3f:95:ed:a9:
31:b9:da:1e:1d:65:00:6c:7f:9c:c4:ca:c4:b6:ca:
1f:ac:83:37:9e:76:b6:7a:d5:12:48:01:ad:5b:fb:
28:09:f0:bf:6d:62:d9:36:f1:dc:cb:3b:84:a4:7a:
bc:36:5a:33:45:b3:7b:90:6b:9a:bf:20:bc:b1:4d:
13:25:0e:09:52:ac:2a:d8:b9:12:0e:1c:dc:97:7e:
ac:d6:8f:bc:ec:a5:33:49:31:f1:32:eb:b8:e3:51:
78:c2:74:6b:a4:99:9c:e4:bb:a7:d2:c3:05:e7:9f:
be:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:FA:A7:28:6A:91:E9:E3:AD:ED:98:62:14:8B:8E:55:99:05:BC:62
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/533927464BA411F1943AE7D5CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.204.0/24
45.204.70.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:5a:c8:f7:36:a1:d6:f1:ff:ae:17:6f:58:ca:59:27:5a:98:
3f:0c:f0:c3:f4:5e:7f:97:ba:3a:87:95:d0:fb:b3:fc:54:0e:
9c:64:c1:58:b2:7d:ed:21:b0:26:57:81:82:58:55:dc:d7:b0:
8e:83:89:07:5b:56:ad:06:41:00:d4:1f:ef:42:c3:e5:8f:13:
1b:13:b7:60:4e:37:94:5a:96:cd:28:45:1b:64:a0:1f:1a:dc:
69:48:13:3e:08:5f:18:9a:7b:81:55:fa:62:ac:bb:a1:00:48:
21:63:e3:99:42:60:21:67:88:70:2b:be:1d:7b:de:75:99:dd:
25:01:0d:6a:36:87:da:10:b6:9d:23:e7:f9:5b:16:40:e6:3d:
12:98:64:79:7a:3a:e0:d6:d0:75:95:cd:ba:ac:0d:b0:35:77:
a6:7c:1f:71:35:3a:0c:6d:e6:6e:b3:33:46:56:f0:58:61:aa:
90:70:ce:44:5a:1d:9f:6d:a4:7f:cd:ad:99:7d:f1:c7:a2:63:
68:ea:46:f6:ba:7a:ef:96:f9:8c:d6:51:fc:7b:23:a2:51:62:
ef:00:ac:11:b6:f2:61:1e:bc:4b:ad:10:6a:5c:2a:59:13:0a:
5c:db:1c:62:2b:d9:98:8c:2a:e0:e9:ea:24:b2:63:fd:6b:37:
ca:7c:99:c6
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAbMaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTA5MTI0MDUyWhcNMjYwNjIxMTI0MDUyWjAYMRYw
FAYDVQQDEw02OWZmMmI1OS04YmNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0N5QX7GfmiKTrMykidJOcOb0PVJL2bSqUAufsV/P0gZw6OMih3x+JsM2
OOMRHSJjuEexwotPxLplLPFTagDhi0qvMSSHvasOY3TPZvCXyQLh2Omg85PZ/1rP
shFaxP1zn7KF9T4mDzA+LPdloGdCxYbUgst/g8CaMZ4VRExjKEAKzAMnAlkSDVgN
hOIzvtWpmz+V7akxudoeHWUAbH+cxMrEtsofrIM3nna2etUSSAGtW/soCfC/bWLZ
NvHcyzuEpHq8NlozRbN7kGuavyC8sU0TJQ4JUqwq2LkSDhzcl36s1o+87KUzSTHx
Muu441F4wnRrpJmc5Lun0sMF55++YQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIL6
pyhqkenjre2YYhSLjlWZBbxiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MzM5Mjc0NjRCQTQxMUYxOTQzQUU3RDVDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcrMAwQALcxGMA0GCSqGSIb3
DQEBCwUAA4IBAQClWsj3NqHW8f+uF29YylknWpg/DPDD9F5/l7o6h5XQ+7P8VA6c
ZMFYsn3tIbAmV4GCWFXc17COg4kHW1atBkEA1B/vQsPljxMbE7dgTjeUWpbNKEUb
ZKAfGtxpSBM+CF8YmnuBVfpirLuhAEghY+OZQmAhZ4hwK74de951md0lAQ1qNofa
ELadI+f5WxZA5j0SmGR5ejrg1tB1lc26rA2wNXemfB9xNToMbeZuszNGVvBYYaqQ
cM5EWh2fbaR/za2ZffHHomNo6kb2unrvlvmM1lH8eyOiUWLvAKwRtvJhHrxLrRBq
XCpZEwpc2xxiK9mYjCrg6eoksmP9azfKfJnG
-----END CERTIFICATE-----
Generated at Wed May 13 12:46:50 2026 by rpki-client