Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61FB46844C6B11F1B681E30DCF1D38B0.roa
File: 61FB46844C6B11F1B681E30DCF1D38B0.roa (raw, json)
Hash identifier: g6wspeNn2RoRuvqO5fSKgSkkvouLvBoVtAPTnuEQTkw=
Subject key identifier: B3:3E:A9:92:00:F8:21:D8:50:11:B2:58:42:2C:9A:BD:37:27:57:F5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B351
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61FB46844C6B11F1B681E30DCF1D38B0.roa
Signing time: Sun 10 May 2026 12:25:52 +0000
ROA not before: Sun 10 May 2026 12:25:46 +0000
ROA not after: Tue 16 Jun 2026 12:25:46 +0000
asID: 53808
IP address blocks: 45.196.238.0/23 maxlen: 24
45.196.238.0/24 maxlen: 24
45.196.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 14 May 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111441 (0x1b351)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 10 12:25:46 2026 GMT
Not After : Jun 16 12:25:46 2026 GMT
Subject: CN=6a007950-ce84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0c:da:42:45:1c:5f:ef:f0:91:63:ce:3c:b9:
77:10:69:49:56:de:3a:1b:e4:d6:87:f3:a6:0b:7c:
38:cf:12:65:97:bb:16:e7:3a:02:77:b4:7d:21:36:
75:1f:8e:c7:15:93:b5:cd:25:e3:58:38:ba:d1:1f:
ab:c6:02:be:02:b8:d7:f4:e6:8a:3f:37:03:ad:65:
3a:94:ce:6e:8f:51:51:76:49:50:22:e3:bf:b5:b4:
af:76:5b:f9:65:b5:4b:7f:c3:d6:14:bb:0d:66:fc:
25:f3:6c:a3:4a:75:c6:09:d0:8c:d7:41:ee:2d:58:
03:98:d1:57:33:7f:0f:17:b9:cc:44:2a:11:53:25:
a9:a7:8b:0b:52:b2:6c:5f:ad:e0:8d:a9:6e:bf:81:
d8:7c:19:7f:da:ff:96:f3:e8:ab:51:aa:01:4d:2e:
5c:51:44:ae:af:fe:dd:f4:00:cb:a4:69:a3:7d:64:
ab:65:f3:02:2d:c5:16:20:68:5a:4f:51:60:30:ca:
c4:ca:ee:8b:ee:a0:35:e3:b7:ed:bf:20:b0:5a:a4:
e8:6b:2f:07:75:c4:cd:ee:f5:bf:6e:f8:4b:94:b4:
49:34:6e:2b:18:c2:d5:bd:7a:b8:a0:89:a1:64:7a:
cb:35:23:f0:a8:ec:4e:0c:b8:0c:df:48:ea:fc:84:
3b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3E:A9:92:00:F8:21:D8:50:11:B2:58:42:2C:9A:BD:37:27:57:F5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61FB46844C6B11F1B681E30DCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.238.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:c3:c7:03:9f:0b:ad:3f:03:b2:3a:ca:3c:ff:63:e6:71:9a:
65:d6:1d:90:a9:09:f3:0b:3e:3f:1d:c9:33:e5:30:df:f4:99:
e9:f7:81:51:8d:3a:e1:e9:c0:a0:1f:ca:fc:fe:f5:5c:24:2a:
0f:dc:61:c9:c7:54:64:0c:ca:80:b0:41:02:c5:32:bc:23:43:
49:cb:fa:c9:bb:78:1e:b3:da:32:cb:c4:ea:aa:80:ca:31:88:
58:e3:1b:bc:56:c4:77:73:95:f7:dc:2a:df:ab:ad:d5:03:88:
c6:44:f2:ef:29:ec:18:bc:a8:7b:fc:81:ca:29:ef:47:24:62:
c3:2b:c7:02:f9:27:cb:93:f8:29:bc:d5:1e:be:88:82:e7:36:
1b:51:ad:b6:24:f8:68:d4:13:04:20:2d:f7:f9:d8:9c:c5:5e:
ab:f7:70:11:eb:90:c0:cf:86:bc:0c:70:70:3f:a6:2b:d6:9a:
d1:8d:8c:b3:a7:65:24:ea:5c:d2:6d:5c:e3:50:0a:9a:52:3a:
e0:2f:a7:27:48:8c:f0:da:d6:95:99:29:33:62:50:eb:e1:14:
b4:5d:45:a9:19:6b:3c:52:1e:57:53:68:60:2c:fd:c7:98:b5:
c2:9e:69:be:0a:37:09:00:db:af:11:8f:b9:29:aa:a3:f7:e8:
00:d9:fc:5d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbNRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTEwMTIyNTQ2WhcNMjYwNjE2MTIyNTQ2WjAYMRYw
FAYDVQQDEw02YTAwNzk1MC1jZTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwgzaQkUcX+/wkWPOPLl3EGlJVt46G+TWh/OmC3w4zxJll7sW5zoCd7R9
ITZ1H47HFZO1zSXjWDi60R+rxgK+ArjX9OaKPzcDrWU6lM5uj1FRdklQIuO/tbSv
dlv5ZbVLf8PWFLsNZvwl82yjSnXGCdCM10HuLVgDmNFXM38PF7nMRCoRUyWpp4sL
UrJsX63gjaluv4HYfBl/2v+W8+irUaoBTS5cUUSur/7d9ADLpGmjfWSrZfMCLcUW
IGhaT1FgMMrEyu6L7qA147ftvyCwWqToay8HdcTN7vW/bvhLlLRJNG4rGMLVvXq4
oImhZHrLNSPwqOxODLgM30jq/IQ7IwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLM+
qZIA+CHYUBGyWEIsmr03J1f1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MUZCNDY4NDRDNkIxMUYxQjY4MUUzMERDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcTuMA0GCSqGSIb3DQEBCwUA
A4IBAQCqw8cDnwutPwOyOso8/2PmcZpl1h2QqQnzCz4/Hckz5TDf9Jnp94FRjTrh
6cCgH8r8/vVcJCoP3GHJx1RkDMqAsEECxTK8I0NJy/rJu3ges9oyy8TqqoDKMYhY
4xu8VsR3c5X33Crfq63VA4jGRPLvKewYvKh7/IHKKe9HJGLDK8cC+SfLk/gpvNUe
voiC5zYbUa22JPho1BMEIC33+dicxV6r93AR65DAz4a8DHBwP6Yr1prRjYyzp2Uk
6lzSbVzjUAqaUjrgL6cnSIzw2taVmSkzYlDr4RS0XUWpGWs8Uh5XU2hgLP3HmLXC
nmm+CjcJANuvEY+5Kaqj9+gA2fxd
-----END CERTIFICATE-----
Generated at Tue May 12 21:27:50 2026 by rpki-client