Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3B8B064245711F1A91AE3AEDAE4EC9C.roa
File: C3B8B064245711F1A91AE3AEDAE4EC9C.roa (raw, json)
Hash identifier: 5Bvgy85wDz1fAKS8f/WWPP5FwxMWen+2sHaJ22xAjg8=
Subject key identifier: AB:40:B7:5B:6C:45:EE:98:13:8C:F2:18:D7:BD:2D:7A:3A:77:C9:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A62E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3B8B064245711F1A91AE3AEDAE4EC9C.roa
Signing time: Fri 20 Mar 2026 12:24:39 +0000
ROA not before: Fri 20 Mar 2026 12:24:34 +0000
ROA not after: Mon 27 Apr 2026 12:24:34 +0000
asID: 11427
IP address blocks: 45.198.188.0/22 maxlen: 24
45.203.240.0/22 maxlen: 24
45.203.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 27 Mar 2026 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108078 (0x1a62e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 20 12:24:34 2026 GMT
Not After : Apr 27 12:24:34 2026 GMT
Subject: CN=69bd3c87-e9e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:23:67:c4:cc:a5:d8:65:68:92:87:d9:db:43:
45:79:17:40:70:b4:13:e0:58:93:47:1a:c1:e3:57:
e8:19:55:dd:cf:87:a1:49:96:96:22:3b:e8:d1:46:
f7:d7:ea:61:9e:77:5f:09:1f:a3:df:e7:32:24:b7:
07:7a:bd:15:ac:88:b4:9f:e3:98:be:46:5a:30:6c:
a3:01:e8:07:61:5b:78:c9:6b:22:84:99:71:3a:a8:
01:b6:94:c0:27:3b:9d:60:af:2a:9e:cb:d2:84:9b:
a5:e3:19:ba:e5:b4:ef:0d:71:30:2e:78:48:c1:9c:
b7:22:89:50:42:f8:c1:11:59:65:58:19:3b:67:ac:
fc:10:8f:a3:5d:77:40:44:c2:82:77:88:35:41:bf:
f5:13:d6:be:d2:ee:9c:25:55:55:7f:53:5a:38:36:
7a:76:cf:cd:95:f4:f3:b8:87:84:d3:e0:01:23:b9:
34:4d:a0:25:01:f5:6b:53:e0:6d:1a:96:de:5d:2e:
ba:6d:69:f3:b6:1f:93:b9:87:0a:4a:19:55:93:24:
86:5f:79:95:68:78:9f:56:14:40:9e:25:c9:58:97:
78:e2:82:2b:97:e7:5b:3d:c2:ff:90:2c:29:e5:e5:
b5:ec:93:c7:52:7f:51:b5:2d:0e:98:9d:be:fc:2c:
90:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:40:B7:5B:6C:45:EE:98:13:8C:F2:18:D7:BD:2D:7A:3A:77:C9:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3B8B064245711F1A91AE3AEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.188.0/22
45.203.240.0/22
45.203.252.0/22
Signature Algorithm: sha256WithRSAEncryption
10:1b:e4:18:08:ba:44:79:16:f0:dc:c5:e7:87:96:27:1f:1b:
f9:ab:74:b8:a3:81:33:5b:6f:53:8b:79:91:bb:9b:2e:75:be:
56:e2:da:dc:aa:1b:b5:2c:f7:7d:aa:74:07:d8:26:0e:37:5c:
42:65:e0:ab:c6:89:38:8a:e8:ff:2b:e5:46:14:0a:85:cd:7f:
01:01:4b:a2:3d:c3:86:62:87:cf:7b:9d:24:47:c1:03:09:2f:
c5:c0:3a:93:46:c0:4f:81:79:45:c1:11:74:52:bc:8e:28:b7:
5f:50:b5:62:d4:53:44:99:df:d0:49:0b:84:6f:e2:06:6e:e5:
ab:7c:f4:6b:e2:9e:2d:b9:2f:7e:f7:8e:bc:5a:f0:7c:f8:53:
fc:36:b7:70:68:73:74:2b:3e:c6:bb:98:08:87:53:ed:50:be:
9e:1e:eb:9c:3d:73:68:f2:04:cc:f0:fa:7c:02:b9:13:90:0d:
de:4f:c3:94:89:ed:45:82:f5:b0:36:e2:af:c4:b9:bc:d2:3a:
dc:19:3f:63:3e:1e:3f:fc:e8:ea:eb:4d:13:00:0d:fc:d5:e5:
9a:a1:33:5b:29:9a:b4:95:a9:42:ef:35:23:94:de:31:ba:de:
be:4e:73:a4:bd:27:24:da:a5:0c:fc:08:70:a9:2d:4e:ad:d6:
99:41:89:ff
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAaYuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzIwMTIyNDM0WhcNMjYwNDI3MTIyNDM0WjAYMRYw
FAYDVQQDEw02OWJkM2M4Ny1lOWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4CNnxMyl2GVokofZ20NFeRdAcLQT4FiTRxrB41foGVXdz4ehSZaWIjvo
0Ub31+phnndfCR+j3+cyJLcHer0VrIi0n+OYvkZaMGyjAegHYVt4yWsihJlxOqgB
tpTAJzudYK8qnsvShJul4xm65bTvDXEwLnhIwZy3IolQQvjBEVllWBk7Z6z8EI+j
XXdARMKCd4g1Qb/1E9a+0u6cJVVVf1NaODZ6ds/NlfTzuIeE0+ABI7k0TaAlAfVr
U+BtGpbeXS66bWnzth+TuYcKShlVkySGX3mVaHifVhRAniXJWJd44oIrl+dbPcL/
kCwp5eW17JPHUn9RtS0OmJ2+/CyQMwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFKtA
t1tsRe6YE4zyGNe9LXo6d8n7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DM0I4QjA2NDI0NTcxMUYxQTkxQUUzQUVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLca8AwQCLcvwAwQCLcv8MA0G
CSqGSIb3DQEBCwUAA4IBAQAQG+QYCLpEeRbw3MXnh5YnHxv5q3S4o4EzW29Ti3mR
u5sudb5W4trcqhu1LPd9qnQH2CYON1xCZeCrxok4iuj/K+VGFAqFzX8BAUuiPcOG
YofPe50kR8EDCS/FwDqTRsBPgXlFwRF0UryOKLdfULVi1FNEmd/QSQuEb+IGbuWr
fPRr4p4tuS9+9468WvB8+FP8NrdwaHN0Kz7Gu5gIh1PtUL6eHuucPXNo8gTM8Pp8
ArkTkA3eT8OUie1FgvWwNuKvxLm80jrcGT9jPh4//Ojq600TAA381eWaoTNbKZq0
lalC7zUjlN4xut6+TnOkvSck2qUM/AhwqS1OrdaZQYn/
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:15:19 2026 by rpki-client