Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20540C54115411F1A5BA7F96DAE4EC9C.roa
File: 20540C54115411F1A5BA7F96DAE4EC9C.roa (raw, json)
Hash identifier: p0RScpqAVw3ys+C65GYe4GbFUE07Qz6rPEoqWD/9Urk=
Subject key identifier: D7:CE:A7:0C:86:46:C7:04:5E:C9:75:E4:33:29:F4:CD:50:C5:70:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A009
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20540C54115411F1A5BA7F96DAE4EC9C.roa
Signing time: Tue 24 Feb 2026 07:40:44 +0000
ROA not before: Tue 24 Feb 2026 07:40:40 +0000
ROA not after: Thu 19 Mar 2026 07:40:40 +0000
asID: 214143
IP address blocks: 45.207.128.0/21 maxlen: 24
45.207.136.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106505 (0x1a009)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 24 07:40:40 2026 GMT
Not After : Mar 19 07:40:40 2026 GMT
Subject: CN=699d55fc-48bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:32:b2:c5:77:b0:6d:26:d2:6e:12:1c:18:e9:
6d:af:42:c6:ee:e2:14:e5:a8:ca:57:71:34:0d:1d:
cc:7a:56:16:f9:d3:14:20:22:f8:a6:5e:c3:76:6e:
20:2c:97:ec:82:7b:6c:70:86:d7:03:ca:44:d8:83:
de:e8:2e:a7:d2:be:68:09:b5:d4:af:6b:5e:1e:60:
4a:9f:63:9e:7b:5d:f8:5b:b9:5e:70:7e:eb:36:ce:
36:0d:a0:7d:77:44:63:8a:ff:85:da:a0:e3:d7:c0:
58:3b:84:3f:30:5e:93:f7:f6:e8:d2:02:77:4e:84:
e1:9d:bb:ea:2b:df:be:51:c8:de:9b:12:01:3e:da:
08:f8:f2:95:d4:fb:3b:6f:cf:b0:82:36:b0:55:5e:
c5:29:d4:07:cc:b8:d5:ee:80:6a:19:4a:cd:9d:04:
a4:51:73:76:24:5f:b2:e6:41:0e:ed:76:dc:18:60:
23:5e:eb:07:3a:21:87:79:3b:0b:e3:7e:a9:91:c1:
89:60:61:68:db:e9:07:92:fb:58:bf:9d:a9:33:bb:
bc:6b:2c:94:e6:d6:63:79:c8:0c:6a:f4:27:52:d3:
7a:58:6b:9f:03:ce:1d:e3:3e:af:8f:92:c7:ed:a8:
da:c3:dd:e2:89:e7:db:2b:83:4f:4e:83:d2:6e:7f:
79:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CE:A7:0C:86:46:C7:04:5E:C9:75:E4:33:29:F4:CD:50:C5:70:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20540C54115411F1A5BA7F96DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.128.0-45.207.137.255
Signature Algorithm: sha256WithRSAEncryption
7c:ed:e8:3d:92:cf:6b:bd:18:00:1f:de:22:9d:36:84:06:28:
93:35:f7:71:d4:c9:3b:49:9e:a7:c2:b3:74:ce:2c:2c:d9:b1:
24:4d:a9:65:ce:b0:0f:97:f8:34:72:52:9b:b3:dc:ef:27:0e:
db:e3:26:8b:07:ed:fa:14:ee:40:df:a3:2b:ec:f9:d9:cd:c6:
4e:99:ec:bb:51:ce:30:8c:cb:d7:33:9b:ff:93:92:29:19:4f:
50:1f:53:10:17:b3:e8:7c:73:0b:af:1d:0e:01:28:e5:35:52:
dd:6b:80:b0:d7:7a:91:0f:a1:91:61:ab:b8:fd:e9:40:3f:f5:
c3:32:d9:4e:a9:7b:5a:ec:89:34:bb:0c:f5:54:29:f4:58:e2:
57:06:b1:22:07:dd:41:55:92:a8:d6:55:06:82:bd:76:10:8d:
59:c9:30:64:fb:66:6b:23:60:bf:a8:ba:e8:3d:0e:94:80:ad:
f5:be:5e:90:69:a9:be:c8:ec:42:e7:e3:a8:f3:b4:b2:54:c0:
92:b4:f7:6a:21:e7:78:8f:dd:c1:4c:54:ba:cb:ce:f2:b0:0e:
ca:11:1a:40:5f:25:57:dd:11:da:88:1a:94:a4:f9:99:27:fc:
7c:ba:e1:82:31:18:8c:6f:54:e6:db:e1:46:40:00:f5:7e:4e:
b4:32:a0:67
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAaAJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjI0MDc0MDQwWhcNMjYwMzE5MDc0MDQwWjAYMRYw
FAYDVQQDEw02OTlkNTVmYy00OGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAujKyxXewbSbSbhIcGOltr0LG7uIU5ajKV3E0DR3MelYW+dMUICL4pl7D
dm4gLJfsgntscIbXA8pE2IPe6C6n0r5oCbXUr2teHmBKn2Oee134W7lecH7rNs42
DaB9d0Rjiv+F2qDj18BYO4Q/MF6T9/bo0gJ3ToThnbvqK9++UcjemxIBPtoI+PKV
1Ps7b8+wgjawVV7FKdQHzLjV7oBqGUrNnQSkUXN2JF+y5kEO7XbcGGAjXusHOiGH
eTsL436pkcGJYGFo2+kHkvtYv52pM7u8ayyU5tZjecgMavQnUtN6WGufA84d4z6v
j5LH7ajaw93iiefbK4NPToPSbn955QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNfO
pwyGRscEXsl15DMp9M1QxXDdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMDU0MEM1NDExNTQxMUYxQTVCQTdGOTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBActz4ADBAEtz4gwDQYJKoZI
hvcNAQELBQADggEBAHzt6D2Sz2u9GAAf3iKdNoQGKJM193HUyTtJnqfCs3TOLCzZ
sSRNqWXOsA+X+DRyUpuz3O8nDtvjJosH7foU7kDfoyvs+dnNxk6Z7LtRzjCMy9cz
m/+TkikZT1AfUxAXs+h8cwuvHQ4BKOU1Ut1rgLDXepEPoZFhq7j96UA/9cMy2U6p
e1rsiTS7DPVUKfRY4lcGsSIH3UFVkqjWVQaCvXYQjVnJMGT7ZmsjYL+ouug9DpSA
rfW+XpBpqb7I7ELn46jztLJUwJK092oh53iP3cFMVLrLzvKwDsoRGkBfJVfdEdqI
GpSk+Zkn/Hy64YIxGIxvVObb4UZAAPV+TrQyoGc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:43:54 2026 by rpki-client