Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/009DF604FB5B11F09156818BDAE4EC9C.roa
File: 009DF604FB5B11F09156818BDAE4EC9C.roa (raw, json)
Hash identifier: VVgsUTFD5qpJagRu9ol3g89AzaSIbsbMqpDwDTBNgXQ=
Subject key identifier: 93:A7:61:4D:1D:28:35:D4:86:F6:F2:4F:49:6D:B9:A0:BB:7D:21:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 019A27
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/009DF604FB5B11F09156818BDAE4EC9C.roa
Signing time: Tue 27 Jan 2026 08:34:32 +0000
ROA not before: Tue 27 Jan 2026 08:34:26 +0000
ROA not after: Thu 05 Mar 2026 08:34:26 +0000
asID: 48678
IP address blocks: 45.196.193.0/24 maxlen: 24
45.196.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104999 (0x19a27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 27 08:34:26 2026 GMT
Not After : Mar 5 08:34:26 2026 GMT
Subject: CN=69787898-44b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f4:af:94:17:e8:5a:ed:3e:63:2d:fe:7b:22:
7b:60:f7:3f:ba:e0:1c:85:fc:6f:49:46:cf:1b:c0:
ad:0f:e1:43:d4:f1:da:ed:04:93:61:5b:5b:a8:3b:
d9:84:8b:fb:09:f0:ca:9e:3b:18:f9:94:b5:0f:79:
78:48:e7:ac:f3:9b:90:70:b9:e1:76:c0:24:af:ef:
af:06:07:0d:47:33:8f:bf:96:45:e1:bc:3a:5d:e6:
34:81:ea:c6:35:44:f4:65:37:78:f4:9d:d8:d6:f3:
d0:1e:a1:89:fd:d3:a2:5d:23:5b:9d:a5:31:63:dd:
4d:a0:30:49:f1:0c:16:78:e3:55:3b:33:19:91:3b:
e9:3f:6c:59:4c:79:49:a6:60:91:d3:4c:40:1c:1b:
3b:06:d3:06:89:ee:b7:21:92:fc:d2:23:da:4b:56:
ee:a2:37:6d:9c:f2:7b:35:a8:6a:b8:9c:19:d2:06:
8e:3d:98:e4:a3:01:f5:4c:c7:09:43:71:f4:9e:15:
85:9e:e9:c8:83:32:b1:f3:c4:e4:32:5b:3e:ab:00:
d6:2b:ef:99:2e:c8:59:fb:7f:37:07:ea:c4:4f:69:
6e:f6:32:ed:56:17:ad:42:c7:93:94:cb:e3:a1:a6:
79:c8:93:98:4d:b6:73:79:18:f5:b1:32:c5:24:22:
2c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A7:61:4D:1D:28:35:D4:86:F6:F2:4F:49:6D:B9:A0:BB:7D:21:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/009DF604FB5B11F09156818BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.193.0/24
45.196.197.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:12:16:3f:6f:c7:67:a0:b6:41:bf:c7:54:dd:3b:6a:e5:62:
dd:fd:00:80:a5:f4:d0:73:0a:7f:4b:7b:1f:c3:f8:7f:b5:75:
99:f7:d3:5d:a3:25:7e:40:1e:f0:bd:18:b0:e3:84:2b:08:2f:
2d:25:79:99:28:f7:e7:f4:ea:83:af:8a:a9:38:94:72:f0:86:
c2:e7:39:e4:93:07:68:ab:a7:08:4d:9d:dd:27:92:44:42:73:
32:7b:b0:24:5c:c1:9f:da:11:4e:70:51:cd:69:aa:b3:66:4d:
d8:ef:cc:2b:8f:52:2b:73:cc:5d:94:65:3a:aa:45:28:e2:5d:
17:4b:33:d1:17:30:54:6a:4c:77:c8:a4:0b:c9:48:95:c4:3a:
df:8c:18:78:ff:92:25:6c:29:3b:f4:37:19:8f:c8:61:b0:da:
89:7e:97:36:8b:96:16:b5:21:f3:0f:cc:80:cd:45:66:33:45:
30:e3:76:dc:55:28:42:cf:04:54:50:26:9b:8b:f8:29:95:03:
01:32:ff:61:37:a1:f5:c4:2d:d2:0d:b1:60:a6:7b:97:68:68:
d2:93:13:38:20:66:1b:85:8e:15:f9:b2:4e:46:fc:85:3f:ff:
fd:db:6e:36:ba:b1:fb:db:c6:0b:d3:6a:d6:f6:e5:99:8c:e2:
34:95:33:6f
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAZonMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMTI3MDgzNDI2WhcNMjYwMzA1MDgzNDI2WjAYMRYw
FAYDVQQDEw02OTc4Nzg5OC00NGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2PSvlBfoWu0+Yy3+eyJ7YPc/uuAchfxvSUbPG8CtD+FD1PHa7QSTYVtb
qDvZhIv7CfDKnjsY+ZS1D3l4SOes85uQcLnhdsAkr++vBgcNRzOPv5ZF4bw6XeY0
gerGNUT0ZTd49J3Y1vPQHqGJ/dOiXSNbnaUxY91NoDBJ8QwWeONVOzMZkTvpP2xZ
THlJpmCR00xAHBs7BtMGie63IZL80iPaS1buojdtnPJ7NahquJwZ0gaOPZjkowH1
TMcJQ3H0nhWFnunIgzKx88TkMls+qwDWK++ZLshZ+383B+rET2lu9jLtVhetQseT
lMvjoaZ5yJOYTbZzeRj1sTLFJCIsuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJOn
YU0dKDXUhvbyT0ltuaC7fSHlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMDlERjYwNEZCNUIxMUYwOTE1NjgxOEJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcTBAwQALcTFMA0GCSqGSIb3
DQEBCwUAA4IBAQBtEhY/b8dnoLZBv8dU3Ttq5WLd/QCApfTQcwp/S3sfw/h/tXWZ
99NdoyV+QB7wvRiw44QrCC8tJXmZKPfn9OqDr4qpOJRy8IbC5znkkwdoq6cITZ3d
J5JEQnMye7AkXMGf2hFOcFHNaaqzZk3Y78wrj1Irc8xdlGU6qkUo4l0XSzPRFzBU
akx3yKQLyUiVxDrfjBh4/5IlbCk79DcZj8hhsNqJfpc2i5YWtSHzD8yAzUVmM0Uw
43bcVShCzwRUUCabi/gplQMBMv9hN6H1xC3SDbFgpnuXaGjSkxM4IGYbhY4V+bJO
RvyFP//92242urH728YL02rW9uWZjOI0lTNv
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:17:50 2026 by rpki-client