Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/9CDD40145D9011F1AB2571E6CE1D38B0.roa
File: 9CDD40145D9011F1AB2571E6CE1D38B0.roa (raw, json)
Hash identifier: KGMM0OIG8jtbNWwzj53Nnu0ZY76B36gv4XqspIdGAgc=
Subject key identifier: AC:89:E2:25:6C:C7:DD:BB:90:71:F5:CF:86:A1:D9:A5:3C:8D:FD:AB
Certificate issuer: /CN=F3651254AR/serialNumber=1D43E41D01CF85FF940F6606E1646147D8728B28
Certificate serial: 0DCD
Authority key identifier: 1D:43:E4:1D:01:CF:85:FF:94:0F:66:06:E1:64:61:47:D8:72:8B:28
Authority info access: rsync://rpki.afrinic.net/repository/arin/HUPkHQHPhf-UD2YG4WRhR9hyiyg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/9CDD40145D9011F1AB2571E6CE1D38B0.roa
Signing time: Mon 01 Jun 2026 08:05:12 +0000
ROA not before: Mon 01 Jun 2026 08:05:07 +0000
ROA not after: Sun 01 Jun 2036 08:05:07 +0000
asID: 37670
IP address blocks: 45.221.200.0/21 maxlen: 24
45.221.200.0/24 maxlen: 24
45.221.201.0/24 maxlen: 24
45.221.202.0/24 maxlen: 24
45.221.203.0/24 maxlen: 24
45.221.204.0/24 maxlen: 24
45.221.205.0/24 maxlen: 24
45.221.206.0/24 maxlen: 24
45.221.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/HUPkHQHPhf-UD2YG4WRhR9hyiyg.crl
rsync://rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/HUPkHQHPhf-UD2YG4WRhR9hyiyg.mft
rsync://rpki.afrinic.net/repository/arin/HUPkHQHPhf-UD2YG4WRhR9hyiyg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 15 Jun 2026 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3533 (0xdcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3651254AR, serialNumber=1D43E41D01CF85FF940F6606E1646147D8728B28
Validity
Not Before: Jun 1 08:05:07 2026 GMT
Not After : Jun 1 08:05:07 2036 GMT
Subject: CN=6a1d3d38-b93e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:08:ed:91:89:80:d3:3d:59:c8:e6:35:41:b7:
a7:ba:b4:8a:ee:5c:c6:4f:13:f9:3f:55:c2:ef:18:
94:30:8f:c2:65:45:37:49:1b:7c:30:72:7f:ad:07:
51:1d:1e:44:9e:df:48:0f:5d:3c:c9:0a:f3:46:64:
e3:5c:fc:28:cc:e9:4c:c8:c7:0d:10:ae:e0:77:25:
eb:a9:5b:e4:7e:82:89:83:47:e6:4d:e0:fb:6f:41:
f8:bd:13:e8:26:5f:e6:fc:68:0b:33:ec:ef:47:60:
b2:03:a5:31:cb:49:a4:bf:23:2f:6b:0b:cc:9f:dc:
96:48:29:b7:e4:c8:57:04:da:8d:e3:f8:7f:aa:24:
75:eb:2d:72:55:0a:7c:31:8a:82:c6:56:4a:fa:1d:
14:48:82:60:4a:0d:d0:1a:dd:4f:fc:f1:12:0b:08:
fc:f5:af:03:95:9e:22:38:a5:85:b0:f1:2e:db:1d:
65:a8:e0:a4:05:27:fb:0a:85:39:1f:90:91:74:d5:
13:8b:91:5f:95:ee:03:e0:f2:12:9d:98:05:4f:b6:
47:4f:97:f3:f5:e9:6e:26:d1:8b:01:b2:e3:2b:80:
ee:b8:ed:78:a3:19:19:8f:e7:45:c6:b8:fb:77:1e:
4f:34:42:e0:3d:f8:4a:26:55:41:49:f2:a7:57:32:
23:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:89:E2:25:6C:C7:DD:BB:90:71:F5:CF:86:A1:D9:A5:3C:8D:FD:AB
X509v3 Authority Key Identifier:
keyid:1D:43:E4:1D:01:CF:85:FF:94:0F:66:06:E1:64:61:47:D8:72:8B:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/HUPkHQHPhf-UD2YG4WRhR9hyiyg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/HUPkHQHPhf-UD2YG4WRhR9hyiyg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/9CDD40145D9011F1AB2571E6CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.221.200.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:0e:d7:6c:6b:ef:a6:5e:7b:17:a2:f5:90:9d:1e:e8:71:56:
4f:a6:d5:09:30:7f:95:c7:30:fe:d2:1d:cb:8b:d6:a6:cc:bf:
51:d6:6d:25:36:59:8b:23:3e:92:3c:b4:42:1a:36:95:fa:9e:
9c:1f:1c:f8:cb:90:64:33:b5:4b:ab:c6:b7:05:09:43:92:e2:
68:d1:ff:45:92:9e:5d:3b:18:7b:eb:54:8f:1d:de:64:1d:a8:
76:1d:57:71:38:67:df:44:64:f1:c6:4c:dc:c1:76:ce:dd:62:
40:27:dd:0d:be:5a:2a:56:61:a6:cd:07:4e:c5:9e:cb:35:19:
64:65:2f:80:eb:81:75:80:d1:0f:38:43:8c:d5:9b:0e:27:c1:
d7:c8:89:0e:72:05:ef:0f:ed:29:d9:13:bd:f1:92:2b:5d:5c:
b7:e7:46:52:76:c1:fa:93:b9:c3:d0:7d:e8:5a:45:f1:04:96:
00:10:74:db:ac:2f:0f:61:76:80:2b:86:82:47:70:0b:e9:5b:
2d:c4:f7:2d:85:45:b2:08:8d:d5:e2:cf:b3:2c:a1:90:67:72:
98:ac:d4:da:ea:d4:e1:be:20:8e:a9:dc:c0:84:80:be:32:f0:
a1:c4:da:81:96:a3:9d:03:4c:85:9e:22:72:7d:5f:d9:b0:2b:
b8:10:ff:17
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDc0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTEyNTRBUjExMC8GA1UEBRMoMUQ0M0U0MUQwMUNGODVGRjk0MEY2NjA2RTE2NDYx
NDdEODcyOEIyODAeFw0yNjA2MDEwODA1MDdaFw0zNjA2MDEwODA1MDdaMBgxFjAU
BgNVBAMTDTZhMWQzZDM4LWI5M2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpCO2RiYDTPVnI5jVBt6e6tIruXMZPE/k/VcLvGJQwj8JlRTdJG3wwcn+t
B1EdHkSe30gPXTzJCvNGZONc/CjM6UzIxw0QruB3JeupW+R+gomDR+ZN4PtvQfi9
E+gmX+b8aAsz7O9HYLIDpTHLSaS/Iy9rC8yf3JZIKbfkyFcE2o3j+H+qJHXrLXJV
CnwxioLGVkr6HRRIgmBKDdAa3U/88RILCPz1rwOVniI4pYWw8S7bHWWo4KQFJ/sK
hTkfkJF01ROLkV+V7gPg8hKdmAVPtkdPl/P16W4m0YsBsuMrgO647XijGRmP50XG
uPt3Hk80QuA9+EomVUFJ8qdXMiOTAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUrIni
JWzH3buQcfXPhqHZpTyN/aswHwYDVR0jBBgwFoAUHUPkHQHPhf+UD2YG4WRhR9hy
iygwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjUxMjU0L0NEMDJBNjEyQzg1MzExRTY5MTk4RUE1N0Y4QUVBMjI4L0hVUGtI
UUhQaGYtVUQyWUc0V1JoUjloeWl5Zy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0hVUGtIUUhQaGYtVUQyWUc0V1JoUjloeWl5Zy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjUxMjU0L0NEMDJBNjEyQzg1MzExRTY5MTk4RUE1N0Y4QUVB
MjI4LzlDREQ0MDE0NUQ5MDExRjFBQjI1NzFFNkNFMUQzOEIwLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMt3cgwDQYJKoZIhvcNAQELBQAD
ggEBAJ4O12xr76Zeexei9ZCdHuhxVk+m1Qkwf5XHMP7SHcuL1qbMv1HWbSU2WYsj
PpI8tEIaNpX6npwfHPjLkGQztUurxrcFCUOS4mjR/0WSnl07GHvrVI8d3mQdqHYd
V3E4Z99EZPHGTNzBds7dYkAn3Q2+WipWYabNB07Fnss1GWRlL4DrgXWA0Q84Q4zV
mw4nwdfIiQ5yBe8P7SnZE73xkitdXLfnRlJ2wfqTucPQfehaRfEElgAQdNusLw9h
doArhoJHcAvpWy3E9y2FRbIIjdXiz7MsoZBncpis1Nrq1OG+II6p3MCEgL4y8KHE
2oGWo50DTIWeInJ9X9mwK7gQ/xc=
-----END CERTIFICATE-----
Generated at Sat Jun 13 19:29:50 2026 by rpki-client