Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20CD7DF4123611F191BBA580DAE4EC9C.roa
File: 20CD7DF4123611F191BBA580DAE4EC9C.roa (raw, json)
Hash identifier: nHX60nCLKXaBN5Ncf1bauwESbWxPYuAwJ4CRnXL0AP0=
Subject key identifier: 02:A2:50:88:9E:C2:2E:F4:FB:45:CC:08:21:F5:69:FC:23:B2:9A:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A076
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20CD7DF4123611F191BBA580DAE4EC9C.roa
Signing time: Wed 25 Feb 2026 10:38:31 +0000
ROA not before: Wed 25 Feb 2026 10:38:27 +0000
ROA not after: Sun 12 Apr 2026 10:38:27 +0000
asID: 20326
IP address blocks: 45.202.100.0/23 maxlen: 24
45.206.10.0/23 maxlen: 24
45.206.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106614 (0x1a076)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 25 10:38:27 2026 GMT
Not After : Apr 12 10:38:27 2026 GMT
Subject: CN=699ed127-2796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bf:70:9a:7b:ca:62:44:32:e1:b7:af:65:75:
c1:9d:91:91:3b:0f:02:81:b2:22:1f:cd:86:83:fb:
44:96:30:a9:95:e2:ed:e4:a4:bf:50:9b:bc:de:2f:
da:42:24:b5:f8:23:04:46:f9:b1:13:a7:ff:88:94:
17:34:71:9a:94:9c:15:dc:e1:ea:96:3e:5d:32:30:
cc:eb:06:a3:31:6f:7f:f7:8b:82:9d:93:92:86:5b:
af:41:35:f8:7a:f7:f0:1b:ae:c4:db:c1:42:3e:14:
90:d1:1a:27:d7:ca:d6:e7:d4:db:55:a7:a4:bf:fa:
6d:04:01:46:e5:2e:c6:d2:1e:83:f7:8b:ae:81:3a:
a5:7c:2f:bf:d3:75:f1:35:55:76:55:a9:a3:dc:a3:
f0:a4:8b:eb:6d:a3:5c:22:75:18:88:cd:42:d9:45:
5e:05:e9:c2:6a:e2:19:bc:ea:78:07:41:3d:a3:ee:
06:b0:e9:fb:bb:ba:21:14:d1:e8:9e:8f:02:3a:0b:
6a:45:87:02:52:d9:60:3b:8e:b7:a9:07:12:72:42:
9c:f4:ab:12:18:f3:cb:4c:dc:3e:2b:8a:1b:46:9c:
48:94:b1:b3:df:a7:3e:c3:81:6a:47:73:eb:f4:82:
70:cd:d7:2c:33:bf:9f:56:31:b2:47:3f:cc:89:d5:
e0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A2:50:88:9E:C2:2E:F4:FB:45:CC:08:21:F5:69:FC:23:B2:9A:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20CD7DF4123611F191BBA580DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.100.0/23
45.206.10.0/23
45.206.20.0/22
Signature Algorithm: sha256WithRSAEncryption
89:a3:c4:bb:fa:95:2d:d0:d3:ce:74:1d:da:6c:d7:e6:49:aa:
ea:fc:0b:db:d6:93:9b:ad:83:27:8d:45:4b:9b:3a:da:f8:d0:
97:37:81:6e:87:4b:18:30:05:91:6b:d8:3f:52:dc:c8:98:c9:
25:ef:4d:d1:7f:94:ae:c2:3f:e8:e8:c1:ab:40:82:58:00:e9:
c4:9a:67:1d:c0:95:ae:15:56:0d:57:13:1e:9b:db:80:4d:6e:
f4:81:3a:6e:15:92:c2:f3:d6:66:9c:84:00:2b:e9:e0:4e:80:
ff:b2:a7:ee:85:cc:14:64:28:03:82:a9:1c:af:f9:73:cc:70:
91:40:91:7c:3e:a8:dd:6d:0a:75:14:fb:0d:a1:ea:3c:5b:b7:
f7:d5:9d:e1:18:f0:e8:35:a1:99:9e:7b:eb:5c:d7:5f:13:75:
89:c8:dd:47:08:28:e6:81:55:36:08:1d:45:d0:29:72:3f:3c:
96:b7:d2:85:45:69:e2:97:13:4c:56:9a:65:94:06:fa:ea:6c:
97:88:2b:ce:44:88:82:6c:5d:c2:34:0f:e7:b4:b4:e3:69:a3:
7e:a9:8d:59:6f:2c:9b:8e:39:99:a9:67:c9:ad:a3:b9:8e:f5:
9c:60:08:f9:4b:51:2a:56:17:d0:8b:a6:40:81:12:84:00:18:
5a:be:e6:8e
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAaB2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjI1MTAzODI3WhcNMjYwNDEyMTAzODI3WjAYMRYw
FAYDVQQDEw02OTllZDEyNy0yNzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwL9wmnvKYkQy4bevZXXBnZGROw8CgbIiH82Gg/tEljCpleLt5KS/UJu8
3i/aQiS1+CMERvmxE6f/iJQXNHGalJwV3OHqlj5dMjDM6wajMW9/94uCnZOShluv
QTX4evfwG67E28FCPhSQ0Ron18rW59TbVaekv/ptBAFG5S7G0h6D94uugTqlfC+/
03XxNVV2Vamj3KPwpIvrbaNcInUYiM1C2UVeBenCauIZvOp4B0E9o+4GsOn7u7oh
FNHono8COgtqRYcCUtlgO463qQcSckKc9KsSGPPLTNw+K4obRpxIlLGz36c+w4Fq
R3Pr9IJwzdcsM7+fVjGyRz/MidXgjQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFAKi
UIiewi70+0XMCCH1afwjspoNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMENEN0RGNDEyMzYxMUYxOTFCQkE1ODBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLcpkAwQBLc4KAwQCLc4UMA0G
CSqGSIb3DQEBCwUAA4IBAQCJo8S7+pUt0NPOdB3abNfmSarq/Avb1pObrYMnjUVL
mzra+NCXN4Fuh0sYMAWRa9g/UtzImMkl703Rf5Suwj/o6MGrQIJYAOnEmmcdwJWu
FVYNVxMem9uATW70gTpuFZLC89ZmnIQAK+ngToD/sqfuhcwUZCgDgqkcr/lzzHCR
QJF8PqjdbQp1FPsNoeo8W7f31Z3hGPDoNaGZnnvrXNdfE3WJyN1HCCjmgVU2CB1F
0ClyPzyWt9KFRWnilxNMVppllAb66myXiCvORIiCbF3CNA/ntLTjaaN+qY1Zbyyb
jjmZqWfJraO5jvWcYAj5S1EqVhfQi6ZAgRKEABhavuaO
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:42:38 2026 by rpki-client