Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/621D11E04C9511F1B57D3D07CF1D38B0.roa
File: 621D11E04C9511F1B57D3D07CF1D38B0.roa (raw, json)
Hash identifier: E3fn3EW9XNmv+sSrz/qTnQHQ2RQ2WMuMc/XWZkDxOiY=
Subject key identifier: 81:C2:49:CB:2D:15:5C:C4:2E:AC:57:73:CE:20:61:3F:85:DE:CE:83
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B389
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/621D11E04C9511F1B57D3D07CF1D38B0.roa
Signing time: Sun 10 May 2026 17:26:31 +0000
ROA not before: Sun 10 May 2026 17:26:26 +0000
ROA not after: Tue 16 Jun 2026 17:26:26 +0000
asID: 213169
IP address blocks: 45.192.246.0/23 maxlen: 24
45.192.246.0/24 maxlen: 24
45.192.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111497 (0x1b389)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 10 17:26:26 2026 GMT
Not After : Jun 16 17:26:26 2026 GMT
Subject: CN=6a00bfc7-d1e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:dd:e2:4e:ec:c3:eb:e6:85:eb:b3:53:11:49:
45:fc:98:78:52:57:9f:3a:9c:6d:2b:aa:a7:9e:26:
6b:57:a2:71:f1:c5:4a:78:a7:d4:29:42:3a:67:b9:
f4:19:df:c5:3e:c4:c3:c5:12:76:f3:a3:6f:c7:db:
2f:26:0b:32:69:e8:40:62:06:f5:dd:23:5b:d8:23:
d2:8d:39:8d:73:e7:35:c5:6c:80:27:e1:6e:40:ec:
54:0a:12:61:01:fb:2a:0a:7b:52:1c:18:49:d0:d7:
02:9c:47:8e:f7:06:a1:74:74:9f:ff:cd:77:10:22:
7c:d6:e8:d4:ff:9a:be:e1:b3:2e:3e:46:33:82:df:
3f:ad:2d:70:4f:e9:b4:b3:10:9c:5c:ff:31:dd:a2:
56:07:3e:13:5d:9b:42:a2:5d:a1:45:b9:a9:73:2f:
71:d6:ff:fb:45:9a:13:ac:58:9d:6e:b3:76:20:81:
ca:59:51:f7:ad:87:68:f4:cc:a9:b8:16:2b:f2:a0:
f7:d3:eb:a2:e7:cb:36:51:c5:bb:96:59:08:ca:71:
40:0e:2a:7f:9c:a7:ef:e5:18:27:9e:e1:74:83:57:
95:b5:c3:ee:72:52:1b:fd:a7:cd:ff:62:9b:29:0c:
3d:f6:87:19:6d:36:04:f7:a8:a2:87:5a:bc:f7:b1:
f2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C2:49:CB:2D:15:5C:C4:2E:AC:57:73:CE:20:61:3F:85:DE:CE:83
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/621D11E04C9511F1B57D3D07CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.246.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:57:10:84:d7:89:0f:ab:57:35:29:0e:e2:fe:fe:2f:9b:ba:
00:0a:f6:d3:b7:0b:d6:c0:6b:ee:f4:f6:c8:51:c3:0a:c2:25:
11:e3:2b:d7:69:d3:24:11:2e:d5:79:72:b2:95:44:00:f2:4e:
d2:ea:8d:49:15:c0:1f:76:d0:b4:d6:8e:d2:39:0b:99:f5:ad:
df:83:e7:65:31:b5:83:a5:78:7b:51:37:57:4e:51:8c:e7:e1:
85:d0:9a:22:37:60:36:4b:95:0f:bd:67:ce:b5:34:5a:06:36:
97:91:54:54:b7:07:ce:da:42:a9:75:b6:b1:91:c3:19:e7:8f:
6c:2a:3c:9d:18:d2:d7:37:22:35:4f:a2:83:70:05:5b:a1:48:
de:40:b1:10:af:c3:fc:55:ca:43:6c:a5:44:18:59:27:20:72:
44:f1:c3:47:1c:bd:d4:3d:67:f4:f2:81:cb:fb:e2:31:68:a3:
25:29:71:fe:a7:89:d0:ed:25:53:ea:2b:cc:25:bd:b3:cc:a5:
38:bf:dc:be:8f:09:03:2b:52:cc:fb:fa:9f:18:fe:c2:97:bb:
fe:c9:2d:94:3f:bc:fe:6a:c3:2e:b4:75:ae:9b:48:4f:66:1f:
7d:c6:06:fb:03:df:8c:bb:19:04:0b:18:36:84:bd:cf:53:c6:
fd:6d:b0:43
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbOJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTEwMTcyNjI2WhcNMjYwNjE2MTcyNjI2WjAYMRYw
FAYDVQQDEw02YTAwYmZjNy1kMWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA893iTuzD6+aF67NTEUlF/Jh4UlefOpxtK6qnniZrV6Jx8cVKeKfUKUI6
Z7n0Gd/FPsTDxRJ286Nvx9svJgsyaehAYgb13SNb2CPSjTmNc+c1xWyAJ+FuQOxU
ChJhAfsqCntSHBhJ0NcCnEeO9wahdHSf/813ECJ81ujU/5q+4bMuPkYzgt8/rS1w
T+m0sxCcXP8x3aJWBz4TXZtCol2hRbmpcy9x1v/7RZoTrFidbrN2IIHKWVH3rYdo
9MypuBYr8qD30+ui58s2UcW7llkIynFADip/nKfv5RgnnuF0g1eVtcPuclIb/afN
/2KbKQw99ocZbTYE96iih1q897HyzQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIHC
ScstFVzELqxXc84gYT+F3s6DMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MjFEMTFFMDRDOTUxMUYxQjU3RDNEMDdDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcD2MA0GCSqGSIb3DQEBCwUA
A4IBAQB8VxCE14kPq1c1KQ7i/v4vm7oACvbTtwvWwGvu9PbIUcMKwiUR4yvXadMk
ES7VeXKylUQA8k7S6o1JFcAfdtC01o7SOQuZ9a3fg+dlMbWDpXh7UTdXTlGM5+GF
0JoiN2A2S5UPvWfOtTRaBjaXkVRUtwfO2kKpdbaxkcMZ549sKjydGNLXNyI1T6KD
cAVboUjeQLEQr8P8VcpDbKVEGFknIHJE8cNHHL3UPWf08oHL++IxaKMlKXH+p4nQ
7SVT6ivMJb2zzKU4v9y+jwkDK1LM+/qfGP7Cl7v+yS2UP7z+asMutHWum0hPZh99
xgb7A9+MuxkECxg2hL3PU8b9bbBD
-----END CERTIFICATE-----
Generated at Wed May 13 14:08:23 2026 by rpki-client