Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53F6BB66269D11F1867D62F2DAE4EC9C.roa
File: 53F6BB66269D11F1867D62F2DAE4EC9C.roa (raw, json)
Hash identifier: 6Z8zy+L+FL2lw06qefwKHZxoimkqT/jpnNlSAePC1XA=
Subject key identifier: 8D:C0:35:11:76:B1:F0:26:06:0E:D0:3E:7F:76:23:B8:50:C2:42:C2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A6E6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53F6BB66269D11F1867D62F2DAE4EC9C.roa
Signing time: Mon 23 Mar 2026 09:47:39 +0000
ROA not before: Mon 23 Mar 2026 09:47:34 +0000
ROA not after: Thu 30 Apr 2026 09:47:34 +0000
asID: 62468
IP address blocks: 45.204.218.0/24 maxlen: 24
45.204.219.0/24 maxlen: 24
45.204.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108262 (0x1a6e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 23 09:47:34 2026 GMT
Not After : Apr 30 09:47:34 2026 GMT
Subject: CN=69c10c3b-c539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f1:3b:11:b4:18:32:e5:ee:3f:39:52:d7:6b:
d6:e8:69:a0:50:cc:17:04:f0:8a:0e:5f:e6:79:90:
e2:e0:d4:84:2e:48:31:8f:13:03:7f:01:42:a4:ab:
27:a0:7f:05:25:ec:3d:71:ca:2c:5b:8f:70:00:41:
81:99:bc:51:a6:e1:22:e6:ab:b6:d4:c6:54:ba:e3:
d1:88:92:c3:38:31:29:f0:e6:c9:ae:05:51:0d:24:
ac:27:09:b5:58:4b:4a:ca:b2:8c:05:44:2e:90:af:
7e:2f:20:02:1c:e2:68:8d:36:b5:01:c2:ba:97:95:
24:4c:76:89:da:75:38:b9:8d:17:f0:88:08:b3:00:
0e:42:3a:5d:d3:65:39:c9:88:1d:8b:ae:e0:e5:b9:
de:13:1d:3d:66:be:c3:06:55:b2:d4:41:2e:02:04:
76:9f:48:c2:7c:6f:5f:81:b2:94:76:5a:c7:3d:d3:
98:d7:cc:9d:6f:bc:57:27:ec:33:f6:17:e2:cb:a7:
26:51:b8:fa:18:f0:95:b8:1b:5d:c2:1f:cf:41:12:
11:57:2a:15:fc:09:61:e8:af:36:89:ef:e5:23:b6:
e8:19:85:21:24:95:64:b2:8e:5c:fc:e9:ba:f4:b7:
8d:a4:28:e6:e7:ea:c1:c6:09:22:65:ed:6a:25:c5:
8b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C0:35:11:76:B1:F0:26:06:0E:D0:3E:7F:76:23:B8:50:C2:42:C2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53F6BB66269D11F1867D62F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.218.0-45.204.220.255
Signature Algorithm: sha256WithRSAEncryption
37:33:9d:95:44:68:1d:7b:b9:90:90:c6:54:e1:89:68:74:cc:
a3:31:ad:47:77:35:f0:a7:a4:b0:5e:cf:c0:71:21:96:f1:87:
de:ee:d7:d9:ca:96:61:ad:68:ef:9e:a1:f7:25:ea:9c:b2:cf:
a8:d7:ff:94:78:55:b9:88:47:7f:de:ed:0f:bb:e8:f3:4f:dc:
56:64:01:d6:75:ea:68:8d:bd:56:a5:8b:c2:e9:d7:18:56:28:
12:a2:4d:81:6f:58:7f:a4:d8:37:11:29:9c:f9:db:7a:aa:7e:
4b:46:13:56:ee:c9:6f:cc:a0:14:83:30:c6:c0:d5:b8:52:7f:
4d:a1:8f:01:73:c7:28:80:03:fb:b2:ef:05:bb:06:0d:0e:9b:
0c:85:a2:92:7e:cc:30:32:cc:56:86:a4:12:70:a5:9e:b7:c1:
43:56:5b:61:c1:2e:bb:97:cc:af:2a:de:30:48:85:fb:78:1f:
c1:80:5f:3e:8f:19:1f:01:0f:2f:50:43:e3:d9:e1:2e:bc:8c:
57:25:11:60:e9:53:cb:48:0c:54:f2:6f:7a:a0:d6:f9:b9:03:
ce:16:9b:f1:06:7a:9d:78:86:33:97:ae:28:08:2f:97:98:81:
96:e3:13:f0:8b:70:0e:d8:4f:fc:ca:88:c9:29:29:db:26:2b:
f3:af:e9:c1
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAabmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzIzMDk0NzM0WhcNMjYwNDMwMDk0NzM0WjAYMRYw
FAYDVQQDEw02OWMxMGMzYi1jNTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy/E7EbQYMuXuPzlS12vW6GmgUMwXBPCKDl/meZDi4NSELkgxjxMDfwFC
pKsnoH8FJew9ccosW49wAEGBmbxRpuEi5qu21MZUuuPRiJLDODEp8ObJrgVRDSSs
Jwm1WEtKyrKMBUQukK9+LyACHOJojTa1AcK6l5UkTHaJ2nU4uY0X8IgIswAOQjpd
02U5yYgdi67g5bneEx09Zr7DBlWy1EEuAgR2n0jCfG9fgbKUdlrHPdOY18ydb7xX
J+wz9hfiy6cmUbj6GPCVuBtdwh/PQRIRVyoV/Alh6K82ie/lI7boGYUhJJVkso5c
/Om69LeNpCjm5+rBxgkiZe1qJcWLawIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI3A
NRF2sfAmBg7QPn92I7hQwkLCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81M0Y2QkI2NjI2OUQxMUYxODY3RDYyRjJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEtzNoDBAAtzNwwDQYJKoZI
hvcNAQELBQADggEBADcznZVEaB17uZCQxlThiWh0zKMxrUd3NfCnpLBez8BxIZbx
h97u19nKlmGtaO+eofcl6pyyz6jX/5R4VbmIR3/e7Q+76PNP3FZkAdZ16miNvVal
i8Lp1xhWKBKiTYFvWH+k2DcRKZz523qqfktGE1buyW/MoBSDMMbA1bhSf02hjwFz
xyiAA/uy7wW7Bg0OmwyFopJ+zDAyzFaGpBJwpZ63wUNWW2HBLruXzK8q3jBIhft4
H8GAXz6PGR8BDy9QQ+PZ4S68jFclEWDpU8tIDFTyb3qg1vm5A84Wm/EGep14hjOX
rigIL5eYgZbjE/CLcA7YT/zKiMkpKdsmK/Ov6cE=
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:10:15 2026 by rpki-client