Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6E17904401411F18B532AF0CE1D38B0.roa
File: D6E17904401411F18B532AF0CE1D38B0.roa (raw, json)
Hash identifier: fYlu+5Krqwdlvibsp6lErqq4CZV8ppUdDsMc6XbXlrU=
Subject key identifier: 0B:8D:48:2C:F1:35:15:96:0B:3F:E5:89:C0:28:C9:B7:7D:9E:5A:3B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AF0E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6E17904401411F18B532AF0CE1D38B0.roa
Signing time: Fri 24 Apr 2026 19:36:08 +0000
ROA not before: Fri 24 Apr 2026 19:36:03 +0000
ROA not after: Fri 12 Jun 2026 19:36:03 +0000
asID: 273020
IP address blocks: 45.192.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 15 May 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110350 (0x1af0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 24 19:36:03 2026 GMT
Not After : Jun 12 19:36:03 2026 GMT
Subject: CN=69ebc628-423b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9a:1e:b0:0f:61:5a:29:74:79:77:da:b4:8b:
e9:4a:0d:9a:0b:f5:23:8b:de:78:dc:4b:c4:2a:88:
df:03:ea:d1:fd:2d:db:e8:b4:9a:15:65:5c:9a:1c:
c4:3b:cc:c1:84:77:66:99:4f:89:b3:17:46:71:6e:
5c:a9:8a:04:64:bc:85:e9:e9:cd:12:67:de:92:dc:
fd:0e:76:ed:dd:da:4e:2b:76:5f:e5:5c:5f:8c:d1:
c9:a5:db:20:e0:dc:b2:38:f5:8e:aa:2d:d3:22:02:
84:9e:ea:45:b7:b9:77:53:b0:a9:c2:d6:de:d5:e4:
66:07:16:fa:a5:59:9d:13:a5:13:52:9e:e3:61:01:
60:ff:e6:73:04:e6:e6:87:5d:37:e3:ae:61:a1:b9:
44:6f:f4:a6:1a:cf:3f:21:19:7e:ed:53:89:d7:bf:
51:e2:0f:bf:a5:59:d9:d5:1d:41:dc:65:b0:92:4e:
71:5d:56:18:74:56:58:72:40:9c:36:69:82:7c:29:
a1:a8:71:61:7b:74:9a:4f:61:5f:35:1a:9c:14:9a:
40:b7:5a:52:7f:ca:d8:a1:76:e6:dd:79:3b:28:cb:
7c:d5:ab:3f:bb:2a:61:85:54:32:de:02:74:cc:b3:
00:a7:73:48:f9:21:90:81:b3:54:93:da:5d:46:c1:
5b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:8D:48:2C:F1:35:15:96:0B:3F:E5:89:C0:28:C9:B7:7D:9E:5A:3B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6E17904401411F18B532AF0CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.20.0/24
Signature Algorithm: sha256WithRSAEncryption
13:97:ca:e6:3e:97:89:fc:04:51:af:92:31:e3:58:81:e5:16:
0b:23:1d:2c:d7:bb:fe:2d:42:1c:a9:7e:18:38:16:af:27:e8:
47:e9:b5:be:c5:44:74:8e:85:7d:bd:ff:11:d8:bf:cf:6a:b9:
82:d3:0f:4f:c0:f8:9f:a0:73:f1:df:46:d7:7f:24:e8:a3:9a:
01:77:5f:08:e5:d0:96:a1:a5:f4:2f:c2:d6:69:81:25:2c:7a:
18:dd:77:6b:e2:5e:ca:67:40:16:46:bb:68:2a:33:b7:07:cd:
c4:f4:09:46:4f:96:6d:1a:7f:39:76:de:03:50:e2:4a:87:4e:
59:f7:bf:39:e5:26:f8:40:a7:81:4d:6c:cc:82:b5:e6:1a:28:
e9:0c:50:8b:24:58:81:dc:55:86:a9:73:60:f9:d4:ed:51:7a:
9a:10:bc:22:ef:cf:83:21:eb:bf:23:3c:a1:8d:b5:d9:11:46:
69:f9:73:ff:65:0b:e0:1a:86:ca:8e:8c:a6:dd:35:87:75:01:
45:ad:b1:a2:8d:ca:a3:8e:d0:f2:ad:62:8d:95:0a:04:1c:12:
b3:dc:3b:c7:43:45:6f:e4:6c:8b:9c:57:14:2b:06:f7:39:3c:
8b:78:52:96:22:11:c5:27:a2:7c:ee:c2:c4:67:8f:73:94:c2:
1e:20:ab:d6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAa8OMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDI0MTkzNjAzWhcNMjYwNjEyMTkzNjAzWjAYMRYw
FAYDVQQDEw02OWViYzYyOC00MjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxZoesA9hWil0eXfatIvpSg2aC/Uji9543EvEKojfA+rR/S3b6LSaFWVc
mhzEO8zBhHdmmU+JsxdGcW5cqYoEZLyF6enNEmfektz9Dnbt3dpOK3Zf5VxfjNHJ
pdsg4NyyOPWOqi3TIgKEnupFt7l3U7Cpwtbe1eRmBxb6pVmdE6UTUp7jYQFg/+Zz
BObmh103465hoblEb/SmGs8/IRl+7VOJ179R4g+/pVnZ1R1B3GWwkk5xXVYYdFZY
ckCcNmmCfCmhqHFhe3SaT2FfNRqcFJpAt1pSf8rYoXbm3Xk7KMt81as/uyphhVQy
3gJ0zLMAp3NI+SGQgbNUk9pdRsFb+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAuN
SCzxNRWWCz/licAoybd9nlo7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENkUxNzkwNDQwMTQxMUYxOEI1MzJBRjBDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcAUMA0GCSqGSIb3DQEBCwUA
A4IBAQATl8rmPpeJ/ARRr5Ix41iB5RYLIx0s17v+LUIcqX4YOBavJ+hH6bW+xUR0
joV9vf8R2L/ParmC0w9PwPifoHPx30bXfyToo5oBd18I5dCWoaX0L8LWaYElLHoY
3Xdr4l7KZ0AWRrtoKjO3B83E9AlGT5ZtGn85dt4DUOJKh05Z97855Sb4QKeBTWzM
grXmGijpDFCLJFiB3FWGqXNg+dTtUXqaELwi78+DIeu/IzyhjbXZEUZp+XP/ZQvg
GobKjoym3TWHdQFFrbGijcqjjtDyrWKNlQoEHBKz3DvHQ0Vv5GyLnFcUKwb3OTyL
eFKWIhHFJ6J87sLEZ49zlMIeIKvW
-----END CERTIFICATE-----
Generated at Wed May 13 09:57:54 2026 by rpki-client