Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/976669F64C5311F19FD55101CF1D38B0.roa
File: 976669F64C5311F19FD55101CF1D38B0.roa (raw, json)
Hash identifier: P76WVupIWW8+3aI4YJdHh0ZyKk4eR3MOVyJcrZykLz0=
Subject key identifier: 98:12:CF:DC:23:42:42:91:41:F9:A4:A9:92:B1:32:20:4B:B4:44:D7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B331
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/976669F64C5311F19FD55101CF1D38B0.roa
Signing time: Sun 10 May 2026 09:35:33 +0000
ROA not before: Sun 10 May 2026 09:35:28 +0000
ROA not after: Wed 10 Jun 2026 09:35:28 +0000
asID: 139646
IP address blocks: 45.204.0.0/24 maxlen: 24
45.207.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111409 (0x1b331)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 10 09:35:28 2026 GMT
Not After : Jun 10 09:35:28 2026 GMT
Subject: CN=6a005165-650c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:88:a7:bc:28:5f:03:bf:68:97:29:44:77:53:
70:55:58:c5:99:53:e4:4f:b9:0f:13:3d:0b:c5:aa:
36:ca:6d:4e:41:de:1f:e1:0a:e5:4c:e7:af:8e:f0:
35:ea:d2:91:8e:40:71:94:86:67:13:f7:08:ee:70:
9d:43:e2:f9:3f:fa:e4:0b:ca:1f:ae:fc:eb:89:f5:
b9:9a:1a:63:1c:07:67:f9:9c:b9:6a:57:25:4c:d0:
dd:2b:2c:64:00:40:a6:25:1c:b4:6d:dd:b3:69:66:
dd:bb:6f:73:41:3a:b5:8e:7f:36:bc:34:07:8f:ca:
02:24:0b:bd:b2:95:2c:15:fb:e3:5f:ab:1e:40:f8:
3b:60:ef:0f:6d:e9:3f:6c:2e:3c:b6:2e:02:48:72:
74:e7:77:ab:4c:86:3f:23:a8:08:ec:a8:26:29:23:
8b:6b:5d:ff:c6:40:bd:00:e3:16:39:f5:61:8d:c8:
ea:f9:5e:4e:96:96:4d:e1:30:0a:3f:43:58:c0:9e:
92:7a:0f:40:dc:5f:7b:92:89:2e:40:7b:14:b0:a2:
4d:a9:a7:b8:ff:63:62:44:d6:1c:1c:60:db:ae:cf:
7c:63:56:2d:61:a0:0e:f5:cc:23:00:dd:3d:23:7c:
d2:bc:f8:92:c2:9e:3f:f7:fe:e3:56:68:ba:0c:bb:
61:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:12:CF:DC:23:42:42:91:41:F9:A4:A9:92:B1:32:20:4B:B4:44:D7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/976669F64C5311F19FD55101CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.0.0/24
45.207.224.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:62:d6:57:0f:29:44:17:51:78:1b:75:7a:59:35:1e:55:e8:
88:c2:1d:54:8f:3f:53:06:3a:fd:80:c4:6f:39:81:01:e6:cb:
80:6d:77:9a:69:84:8b:b6:3f:dd:d9:9d:c1:47:d8:c2:ba:9b:
57:cc:21:fa:82:ba:11:c3:d2:1c:00:cb:03:28:be:4d:6d:97:
38:27:9e:06:a9:77:5d:f6:58:37:06:66:b1:9b:cf:04:c5:73:
15:13:68:f8:f9:f4:59:26:db:c7:c4:a0:30:cb:44:22:f7:77:
0d:b5:d1:38:0b:0b:53:04:64:50:40:4d:28:6a:64:37:71:fd:
42:f1:f2:db:98:8c:e7:ca:90:ce:a0:dc:30:2c:48:f6:58:d4:
34:9a:7c:67:3a:06:2f:0e:36:2d:97:68:c2:05:cf:a8:a6:98:
5e:ac:74:62:fd:b4:25:99:a3:bf:06:3e:2e:fe:93:01:16:4c:
e9:41:47:d0:22:b1:98:58:61:01:7a:32:cd:cb:b9:f3:d4:56:
00:fc:6b:36:44:3d:44:e1:b7:f8:a4:cb:de:76:2f:b4:d0:34:
76:9b:5d:53:03:da:15:5e:5c:cd:9c:27:9e:a5:8d:08:0e:1f:
98:72:94:89:4f:c3:f6:57:65:23:22:e1:46:92:0b:17:9e:ec:
8e:28:8e:69
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAbMxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTEwMDkzNTI4WhcNMjYwNjEwMDkzNTI4WjAYMRYw
FAYDVQQDEw02YTAwNTE2NS02NTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxIinvChfA79olylEd1NwVVjFmVPkT7kPEz0Lxao2ym1OQd4f4QrlTOev
jvA16tKRjkBxlIZnE/cI7nCdQ+L5P/rkC8ofrvzrifW5mhpjHAdn+Zy5alclTNDd
KyxkAECmJRy0bd2zaWbdu29zQTq1jn82vDQHj8oCJAu9spUsFfvjX6seQPg7YO8P
bek/bC48ti4CSHJ053erTIY/I6gI7KgmKSOLa13/xkC9AOMWOfVhjcjq+V5OlpZN
4TAKP0NYwJ6Seg9A3F97kokuQHsUsKJNqae4/2NiRNYcHGDbrs98Y1YtYaAO9cwj
AN09I3zSvPiSwp4/9/7jVmi6DLthGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJgS
z9wjQkKRQfmkqZKxMiBLtETXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NzY2NjlGNjRDNTMxMUYxOUZENTUxMDFDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcwAAwQFLc/gMA0GCSqGSIb3
DQEBCwUAA4IBAQAKYtZXDylEF1F4G3V6WTUeVeiIwh1Ujz9TBjr9gMRvOYEB5suA
bXeaaYSLtj/d2Z3BR9jCuptXzCH6groRw9IcAMsDKL5NbZc4J54GqXdd9lg3Bmax
m88ExXMVE2j4+fRZJtvHxKAwy0Qi93cNtdE4CwtTBGRQQE0oamQ3cf1C8fLbmIzn
ypDOoNwwLEj2WNQ0mnxnOgYvDjYtl2jCBc+oppherHRi/bQlmaO/Bj4u/pMBFkzp
QUfQIrGYWGEBejLNy7nz1FYA/Gs2RD1E4bf4pMvedi+00DR2m11TA9oVXlzNnCee
pY0IDh+YcpSJT8P2V2UjIuFGkgsXnuyOKI5p
-----END CERTIFICATE-----
Generated at Wed May 13 10:23:28 2026 by rpki-client