Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66E2E0DC492111F19F983011CF1D38B0.roa
File: 66E2E0DC492111F19F983011CF1D38B0.roa (raw, json)
Hash identifier: 3lHqQoVY/BQjd3DschPT1fkhy02kbwzlp91AgRz84IU=
Subject key identifier: 49:9F:B2:2E:B2:08:2B:29:7A:C1:D4:FA:61:A1:82:54:15:0B:DD:6D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B1B4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66E2E0DC492111F19F983011CF1D38B0.roa
Signing time: Wed 06 May 2026 07:58:44 +0000
ROA not before: Wed 06 May 2026 07:58:39 +0000
ROA not after: Fri 12 Jun 2026 07:58:39 +0000
asID: 272854
IP address blocks: 45.195.12.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111028 (0x1b1b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 6 07:58:39 2026 GMT
Not After : Jun 12 07:58:39 2026 GMT
Subject: CN=69faf4b4-b358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:54:4a:c6:f7:e0:4a:2f:10:29:ea:d1:49:f9:
91:a4:13:62:e3:3d:a1:3d:21:4f:96:e4:c0:ee:e6:
67:00:37:fd:1e:57:26:c0:6e:ea:ae:0d:99:a8:cc:
91:3a:84:52:d6:96:d7:00:3e:78:ca:d2:7d:ab:3a:
2a:e0:4d:39:2f:90:1c:98:2a:c3:4e:f5:43:41:90:
ab:35:c8:3e:e1:94:eb:17:f9:6e:54:eb:54:72:3a:
36:f6:33:a4:df:bf:41:7e:73:98:5e:54:89:f8:a7:
64:af:db:b4:53:ed:af:89:4a:0a:bb:14:11:4b:25:
bf:65:43:95:3d:16:ee:6a:c3:51:6f:e4:90:5d:84:
73:cf:87:83:a7:d2:97:59:51:54:18:7a:6a:f0:2b:
48:39:dc:23:44:51:0e:18:ea:5c:5e:b6:b3:00:97:
ef:0a:c3:1c:50:3e:28:ce:35:9d:28:4f:8b:78:29:
6e:08:03:9e:cf:dc:4b:54:d6:41:b1:3b:a7:5c:4b:
4b:80:7e:e4:b3:a6:4d:65:36:3b:68:f1:5a:63:2d:
7b:5c:38:c0:76:10:6f:f5:7a:aa:09:13:f1:de:ba:
0b:d0:31:ec:4d:38:df:d4:0b:6e:7d:db:de:4b:c5:
25:d6:1e:4b:a6:fe:72:74:ae:b0:4f:f1:7d:01:19:
58:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:9F:B2:2E:B2:08:2B:29:7A:C1:D4:FA:61:A1:82:54:15:0B:DD:6D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66E2E0DC492111F19F983011CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.12.0/23
Signature Algorithm: sha256WithRSAEncryption
53:13:1e:6f:a7:24:c1:5d:f4:f4:e1:3b:41:00:ae:51:48:ae:
4e:a2:4c:44:97:20:a2:bd:a5:f5:8f:13:56:17:5c:ef:c0:a8:
17:4d:7c:a7:b0:da:f7:bd:dc:95:35:e6:37:ba:5f:af:45:2f:
13:48:da:65:ba:da:62:67:73:1f:3d:f8:2b:86:46:30:45:c5:
8c:3c:d2:54:52:cf:91:0c:1a:6e:f0:97:be:83:9e:bf:76:2d:
b7:41:a3:ef:d4:e4:cd:20:0e:04:6c:91:4b:93:82:1c:3a:e4:
83:61:3d:a0:8a:e8:05:65:f5:ac:97:fa:e6:11:ab:06:16:50:
2f:bf:bb:c1:e8:6e:26:27:a5:ba:08:85:82:ec:a9:b4:b2:f9:
75:2d:53:32:87:3f:ac:ae:67:13:cf:4d:72:1e:ed:bd:36:9b:
38:e5:98:f5:ed:7a:5d:7d:1b:09:c5:81:a6:2a:4a:58:35:11:
84:bd:db:38:7c:2b:97:f3:63:fd:eb:8f:79:41:dd:c6:0c:e7:
67:76:d6:eb:cb:b2:ab:0e:0e:61:f8:e9:3a:6f:ad:fe:ce:13:
3b:b3:ee:11:c8:5c:37:c1:f8:5a:5b:c2:83:a2:45:6a:01:0c:
cc:4a:a5:c8:30:49:e7:8b:ee:f1:30:d9:e1:f5:2b:a9:2d:ad:
7c:43:bc:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbG0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTA2MDc1ODM5WhcNMjYwNjEyMDc1ODM5WjAYMRYw
FAYDVQQDEw02OWZhZjRiNC1iMzU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA91RKxvfgSi8QKerRSfmRpBNi4z2hPSFPluTA7uZnADf9HlcmwG7qrg2Z
qMyROoRS1pbXAD54ytJ9qzoq4E05L5AcmCrDTvVDQZCrNcg+4ZTrF/luVOtUcjo2
9jOk379BfnOYXlSJ+Kdkr9u0U+2viUoKuxQRSyW/ZUOVPRbuasNRb+SQXYRzz4eD
p9KXWVFUGHpq8CtIOdwjRFEOGOpcXrazAJfvCsMcUD4ozjWdKE+LeCluCAOez9xL
VNZBsTunXEtLgH7ks6ZNZTY7aPFaYy17XDjAdhBv9XqqCRPx3roL0DHsTTjf1Atu
fdveS8Ul1h5Lpv5ydK6wT/F9ARlYBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEmf
si6yCCspesHU+mGhglQVC91tMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NkUyRTBEQzQ5MjExMUYxOUY5ODMwMTFDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcMMMA0GCSqGSIb3DQEBCwUA
A4IBAQBTEx5vpyTBXfT04TtBAK5RSK5OokxElyCivaX1jxNWF1zvwKgXTXynsNr3
vdyVNeY3ul+vRS8TSNplutpiZ3MfPfgrhkYwRcWMPNJUUs+RDBpu8Je+g56/di23
QaPv1OTNIA4EbJFLk4IcOuSDYT2giugFZfWsl/rmEasGFlAvv7vB6G4mJ6W6CIWC
7Km0svl1LVMyhz+srmcTz01yHu29Nps45Zj17XpdfRsJxYGmKkpYNRGEvds4fCuX
82P96495Qd3GDOdndtbry7KrDg5h+Ok6b63+zhM7s+4RyFw3wfhaW8KDokVqAQzM
SqXIMEnni+7xMNnh9SupLa18Q7xO
-----END CERTIFICATE-----
Generated at Wed May 13 12:18:52 2026 by rpki-client