Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BE062B019FF11F1AB7FFADADAE4EC9C.roa
File: 9BE062B019FF11F1AB7FFADADAE4EC9C.roa (raw, json)
Hash identifier: IC520IUN5eDHCL9GnkuXjSd7OlQkNmWB6VrEuPfOE0Y=
Subject key identifier: 3C:66:88:35:BB:4A:03:AE:D0:CC:76:02:DA:AA:FE:A2:98:D6:F8:47
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A32C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BE062B019FF11F1AB7FFADADAE4EC9C.roa
Signing time: Sat 07 Mar 2026 08:28:25 +0000
ROA not before: Sat 07 Mar 2026 08:28:20 +0000
ROA not after: Wed 15 Apr 2026 08:28:20 +0000
asID: 152711
IP address blocks: 45.202.64.0/24 maxlen: 24
45.202.65.0/24 maxlen: 24
45.202.66.0/24 maxlen: 24
45.202.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107308 (0x1a32c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 7 08:28:20 2026 GMT
Not After : Apr 15 08:28:20 2026 GMT
Subject: CN=69abe1a9-946b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:28:83:33:90:f0:94:bd:cd:59:49:96:a6:2d:
92:bc:25:77:69:b4:84:d7:03:fa:e7:69:45:98:d6:
33:99:55:d1:32:c0:2e:72:f3:fb:8c:b2:a3:1d:fd:
9d:fe:8d:28:39:d7:b0:0c:73:11:63:13:44:20:8b:
b1:fa:0c:6c:a7:ca:29:84:ab:c7:7f:91:06:3e:f5:
02:c6:5e:cf:fd:34:c5:31:cf:5d:04:7e:29:b4:06:
06:ff:63:2e:3f:f1:21:15:1d:3e:54:54:5d:55:cc:
aa:2d:a4:90:bf:23:25:32:3e:91:a3:c4:9d:8f:ad:
a1:4e:fc:34:b6:10:88:83:3c:1a:d9:11:f8:b4:2b:
1e:b3:eb:5b:6d:27:c2:27:ad:50:44:17:17:49:28:
c3:cf:b8:f3:ac:e1:77:84:b3:79:ca:8f:e5:5e:2d:
59:3f:15:10:a0:6a:b5:85:d6:28:8f:23:91:04:f5:
3f:31:fa:8f:4d:69:97:f0:a1:87:5d:1b:46:dd:a5:
82:22:c6:65:79:2e:49:94:98:0c:8f:01:fe:2e:1b:
60:a4:e0:fe:2d:73:68:c8:50:3f:e5:ea:81:2c:b3:
9a:94:b8:17:b7:8f:34:e3:86:73:60:ed:40:7c:9d:
9b:85:8a:dd:10:1f:d9:f0:f6:b0:0a:ce:0c:d1:2f:
ba:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:66:88:35:BB:4A:03:AE:D0:CC:76:02:DA:AA:FE:A2:98:D6:F8:47
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BE062B019FF11F1AB7FFADADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.64.0/22
Signature Algorithm: sha256WithRSAEncryption
59:d9:c3:00:23:64:ed:e2:f1:b0:75:c3:a4:b4:1b:4d:5a:29:
5c:37:0b:34:ac:9a:50:67:b5:9b:bc:fe:f0:8e:f7:7d:d8:0c:
a3:28:bc:d9:b3:49:94:46:69:35:38:22:74:c9:b8:4b:24:1b:
59:44:db:21:28:1a:7e:fc:4b:85:55:aa:12:6b:ad:b9:49:64:
3a:69:10:c1:0e:64:fc:58:7e:fd:b9:4d:24:96:48:1b:97:5d:
c2:f1:b1:6e:ed:70:d3:a8:24:ea:de:bf:45:97:9b:ff:0d:30:
d6:70:53:ec:d4:2f:84:b9:e4:f2:1c:c0:05:fd:68:29:88:70:
72:59:23:0a:47:40:99:93:87:66:a6:5f:ce:a9:51:d2:16:35:
b6:fc:71:e7:bd:72:fa:21:db:7f:26:5f:03:6b:ff:82:9e:c6:
c9:b3:0c:4a:bd:7b:b7:a9:f9:24:85:cb:97:91:b7:2d:41:f7:
f9:af:b7:35:32:91:27:97:22:a0:5e:84:7d:66:0d:25:af:68:
0b:2b:e6:42:f7:8e:ac:ae:ae:3f:33:5f:08:6f:42:ff:82:45:
ca:28:dd:34:17:be:0d:1c:ae:df:8c:73:3f:96:a3:2d:3c:db:
b0:cc:9d:1c:e6:3f:5a:01:79:6b:9c:84:c1:ab:3b:09:c9:4d:
94:2d:3b:67
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaMsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzA3MDgyODIwWhcNMjYwNDE1MDgyODIwWjAYMRYw
FAYDVQQDEw02OWFiZTFhOS05NDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvCiDM5DwlL3NWUmWpi2SvCV3abSE1wP652lFmNYzmVXRMsAucvP7jLKj
Hf2d/o0oOdewDHMRYxNEIIux+gxsp8ophKvHf5EGPvUCxl7P/TTFMc9dBH4ptAYG
/2MuP/EhFR0+VFRdVcyqLaSQvyMlMj6Ro8Sdj62hTvw0thCIgzwa2RH4tCses+tb
bSfCJ61QRBcXSSjDz7jzrOF3hLN5yo/lXi1ZPxUQoGq1hdYojyORBPU/MfqPTWmX
8KGHXRtG3aWCIsZleS5JlJgMjwH+LhtgpOD+LXNoyFA/5eqBLLOalLgXt48044Zz
YO1AfJ2bhYrdEB/Z8PawCs4M0S+6rwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDxm
iDW7SgOu0Mx2Atqq/qKY1vhHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QkUwNjJCMDE5RkYxMUYxQUI3RkZBREFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcpAMA0GCSqGSIb3DQEBCwUA
A4IBAQBZ2cMAI2Tt4vGwdcOktBtNWilcNws0rJpQZ7WbvP7wjvd92AyjKLzZs0mU
Rmk1OCJ0ybhLJBtZRNshKBp+/EuFVaoSa625SWQ6aRDBDmT8WH79uU0klkgbl13C
8bFu7XDTqCTq3r9Fl5v/DTDWcFPs1C+EueTyHMAF/WgpiHByWSMKR0CZk4dmpl/O
qVHSFjW2/HHnvXL6Idt/Jl8Da/+CnsbJswxKvXu3qfkkhcuXkbctQff5r7c1MpEn
lyKgXoR9Zg0lr2gLK+ZC946srq4/M18Ib0L/gkXKKN00F74NHK7fjHM/lqMtPNuw
zJ0c5j9aAXlrnITBqzsJyU2ULTtn
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:11:13 2026 by rpki-client