Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D52BA7B428F011F18DAF3984DAE4EC9C.roa
File: D52BA7B428F011F18DAF3984DAE4EC9C.roa (raw, json)
Hash identifier: DbBVDDfX8weRDkX70mZIRQd24f0NNar1k/VEk+qGwg8=
Subject key identifier: 0B:A0:9D:2A:8E:EF:B9:F2:A4:F0:0B:12:B4:0A:CD:E8:5D:86:FF:EA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A776
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D52BA7B428F011F18DAF3984DAE4EC9C.roa
Signing time: Thu 26 Mar 2026 08:50:26 +0000
ROA not before: Thu 26 Mar 2026 08:50:21 +0000
ROA not after: Wed 03 Jun 2026 08:50:21 +0000
asID: 7607
IP address blocks: 45.194.16.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108406 (0x1a776)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 26 08:50:21 2026 GMT
Not After : Jun 3 08:50:21 2026 GMT
Subject: CN=69c4f352-2f39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:42:32:54:6e:0b:39:19:28:5a:ac:57:2c:9e:
64:db:84:d5:31:87:52:b5:ab:06:25:30:55:69:cb:
c4:c9:f0:ca:23:4f:b6:67:95:7e:14:89:30:9a:2b:
14:e1:c3:fa:d7:13:56:9e:77:a8:aa:67:46:3d:43:
ca:e1:7a:38:82:80:0f:c9:76:bd:09:cd:99:46:5d:
0f:1e:71:ba:e9:89:4e:2f:72:46:1d:27:f6:d0:92:
af:af:9c:92:79:03:c7:b4:59:80:72:15:f3:01:a2:
86:a8:5c:67:f6:5d:6e:ae:70:5e:50:97:68:da:00:
5c:df:ca:a2:7b:04:1e:29:92:d6:5b:ee:50:d9:86:
3e:d8:02:ed:d5:78:05:bc:ff:da:e9:44:31:c7:45:
d9:0e:90:b3:3a:05:4d:7b:01:9d:b4:ed:0f:9b:02:
38:8e:ba:92:99:30:14:4c:1d:9c:c4:33:1a:5c:30:
fe:5c:f9:d6:80:bc:d5:4b:c1:b2:e1:68:da:42:70:
80:e4:1d:21:57:94:18:36:d6:52:39:a6:cf:96:5a:
e2:c0:c2:f9:8d:72:17:be:58:7a:aa:07:04:cc:97:
ea:e5:b9:27:5c:d7:2b:e5:62:3c:54:ba:c6:e2:42:
6d:3f:58:c1:52:47:03:d7:95:79:e6:ef:1c:5f:ef:
34:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A0:9D:2A:8E:EF:B9:F2:A4:F0:0B:12:B4:0A:CD:E8:5D:86:FF:EA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D52BA7B428F011F18DAF3984DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.16.0/21
Signature Algorithm: sha256WithRSAEncryption
49:72:04:4e:da:f2:78:99:5e:10:43:73:aa:f6:46:ca:4b:63:
19:8b:c0:84:7d:b4:60:9a:0c:09:f9:b8:a4:f6:d6:4a:65:49:
51:2b:6b:9d:10:7e:ed:ee:1d:f4:9b:0f:b8:84:6d:ed:31:34:
30:bf:15:75:4b:b9:45:07:24:2e:44:16:25:9c:f5:e8:38:cd:
16:1b:7f:07:0a:e1:ff:a5:6e:30:ed:e4:ab:3e:3b:b5:bc:8e:
6b:bd:d6:b5:de:ab:22:f5:61:e2:68:ed:b6:f3:0e:e8:67:13:
f9:c7:b0:90:99:97:71:21:f1:bd:46:66:f9:18:d4:20:2f:31:
7d:59:1e:0e:52:29:ba:ac:eb:fe:fe:f8:d1:14:7f:b7:d9:74:
90:6c:cf:1a:53:95:31:b5:49:d2:7d:8a:83:10:ab:53:81:d5:
07:31:fc:dc:e3:14:ae:aa:cc:71:0a:9a:8d:45:6d:3e:4d:24:
40:30:cc:54:50:09:ba:7f:4f:01:c8:6d:4d:97:ac:4a:0e:fc:
55:75:25:2f:61:0d:06:8a:5f:ad:de:7b:8f:11:dc:aa:7e:60:
b3:e9:77:7f:1b:de:b5:f4:34:65:99:c2:58:bd:07:34:d5:44:
5a:a9:d1:a1:44:06:08:a7:27:e0:25:f7:4e:fa:94:74:bf:1a:
05:0b:ae:ef
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAad2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzI2MDg1MDIxWhcNMjYwNjAzMDg1MDIxWjAYMRYw
FAYDVQQDEw02OWM0ZjM1Mi0yZjM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtUIyVG4LORkoWqxXLJ5k24TVMYdStasGJTBVacvEyfDKI0+2Z5V+FIkw
misU4cP61xNWnneoqmdGPUPK4Xo4goAPyXa9Cc2ZRl0PHnG66YlOL3JGHSf20JKv
r5ySeQPHtFmAchXzAaKGqFxn9l1urnBeUJdo2gBc38qiewQeKZLWW+5Q2YY+2ALt
1XgFvP/a6UQxx0XZDpCzOgVNewGdtO0PmwI4jrqSmTAUTB2cxDMaXDD+XPnWgLzV
S8Gy4WjaQnCA5B0hV5QYNtZSOabPllriwML5jXIXvlh6qgcEzJfq5bknXNcr5WI8
VLrG4kJtP1jBUkcD15V55u8cX+80wQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAug
nSqO77nypPALErQKzehdhv/qMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENTJCQTdCNDI4RjAxMUYxOERBRjM5ODREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcIQMA0GCSqGSIb3DQEBCwUA
A4IBAQBJcgRO2vJ4mV4QQ3Oq9kbKS2MZi8CEfbRgmgwJ+bik9tZKZUlRK2udEH7t
7h30mw+4hG3tMTQwvxV1S7lFByQuRBYlnPXoOM0WG38HCuH/pW4w7eSrPju1vI5r
vda13qsi9WHiaO228w7oZxP5x7CQmZdxIfG9Rmb5GNQgLzF9WR4OUim6rOv+/vjR
FH+32XSQbM8aU5UxtUnSfYqDEKtTgdUHMfzc4xSuqsxxCpqNRW0+TSRAMMxUUAm6
f08ByG1Nl6xKDvxVdSUvYQ0Gil+t3nuPEdyqfmCz6Xd/G9619DRlmcJYvQc01URa
qdGhRAYIpyfgJfdO+pR0vxoFC67v
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:00:34 2026 by rpki-client