Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/27FE4B7030D711F18965B8C7DAE4EC9C.roa
File: 27FE4B7030D711F18965B8C7DAE4EC9C.roa (raw, json)
Hash identifier: 8XlacG8d9EJ6DcEXr/IhnfBNYEFDRZakKzz4US61waU=
Subject key identifier: C9:44:B3:32:40:E8:A0:51:0A:57:CD:5E:63:2A:2B:CE:BE:4B:7E:6E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01AA1E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/27FE4B7030D711F18965B8C7DAE4EC9C.roa
Signing time: Sun 05 Apr 2026 10:06:47 +0000
ROA not before: Sun 05 Apr 2026 10:06:40 +0000
ROA not after: Sun 03 May 2026 10:06:40 +0000
asID: 38136
IP address blocks: 45.196.98.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:26:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109086 (0x1aa1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 5 10:06:40 2026 GMT
Not After : May 3 10:06:40 2026 GMT
Subject: CN=69d23437-feaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:74:cb:46:01:02:74:bd:10:42:c2:04:95:56:
81:ab:c7:7e:b4:7f:7d:45:95:52:d4:2c:c8:a0:ca:
4c:7c:c3:95:dd:94:c7:68:ba:e8:da:41:af:7f:e9:
71:e1:58:75:20:5b:f6:21:06:59:d5:3e:6d:c6:ba:
26:ec:9a:46:48:03:49:ec:3d:6b:e0:ff:a2:2a:65:
1a:39:a6:f5:b5:32:ed:6d:ce:b4:7c:9b:ac:f2:db:
d2:9b:4b:93:d2:69:c0:68:bc:96:a1:f0:33:af:8b:
ef:b7:c2:11:9b:f6:63:25:e5:fa:f1:b4:ae:df:c5:
90:88:11:73:27:37:1a:bb:41:fc:77:b8:43:f0:a3:
d4:80:d8:3c:39:1c:6b:39:50:2e:c5:fd:8e:1f:13:
a7:ac:de:55:e2:d7:dc:dd:bf:31:d2:14:8f:3f:8b:
2a:21:4e:23:40:39:1d:4e:6a:0e:ae:47:25:9c:9a:
dc:7c:4a:e4:94:b7:12:7d:c8:c7:7e:e5:2a:a4:c9:
dc:ea:47:9c:d6:90:61:10:d5:57:f6:b0:23:6a:dd:
50:bb:53:a5:f8:56:b2:41:92:f3:52:69:8c:d5:c3:
90:9e:e2:92:b8:88:6b:52:8f:a1:cc:55:4d:33:08:
7c:ac:dd:4f:a0:43:e7:4d:df:9b:53:47:da:21:c0:
12:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:44:B3:32:40:E8:A0:51:0A:57:CD:5E:63:2A:2B:CE:BE:4B:7E:6E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/27FE4B7030D711F18965B8C7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.98.0/23
Signature Algorithm: sha256WithRSAEncryption
52:ae:7f:54:cb:a7:bb:41:35:dc:09:a6:6d:c7:d4:c9:9f:c6:
f4:ee:a7:62:a6:6d:10:c2:f3:61:82:1e:08:4e:f7:9b:f4:47:
65:64:68:65:9e:82:96:ac:8f:c4:52:f3:6a:53:17:71:1b:6c:
15:86:66:08:28:b5:08:65:14:ab:f2:4b:ab:85:b3:dc:a6:33:
07:14:f7:36:7f:b9:33:05:ed:6a:0a:4f:26:5d:fb:20:cc:ae:
4a:9f:c3:bd:79:39:d7:da:cb:51:1a:49:9f:26:36:06:22:b8:
1e:3c:0e:85:dc:67:72:04:ef:fb:0d:b8:e8:2c:4d:9f:12:84:
d5:0b:44:72:d4:7c:d3:5d:b8:89:25:d5:7f:59:4c:bb:66:64:
10:28:e9:12:a3:83:ae:3f:c5:58:90:92:22:c5:55:5c:05:88:
7f:04:05:ba:01:7d:17:c9:e6:24:08:b6:9b:08:b3:c4:59:0f:
d6:47:c1:88:4a:3d:7a:d1:2d:c9:c0:68:50:29:36:8b:f7:35:
c7:d0:6c:31:0a:65:75:31:d4:96:be:39:d3:3f:9e:04:ca:48:
6f:38:c7:95:ff:1c:1e:7c:06:a0:ef:79:3f:70:91:b6:95:bb:
ed:19:d1:15:bb:e0:8f:33:31:12:b6:2b:75:f4:0e:3d:cb:87:
e8:5d:c5:8d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaoeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDA1MTAwNjQwWhcNMjYwNTAzMTAwNjQwWjAYMRYw
FAYDVQQDEw02OWQyMzQzNy1mZWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2nTLRgECdL0QQsIElVaBq8d+tH99RZVS1CzIoMpMfMOV3ZTHaLro2kGv
f+lx4Vh1IFv2IQZZ1T5txrom7JpGSANJ7D1r4P+iKmUaOab1tTLtbc60fJus8tvS
m0uT0mnAaLyWofAzr4vvt8IRm/ZjJeX68bSu38WQiBFzJzcau0H8d7hD8KPUgNg8
ORxrOVAuxf2OHxOnrN5V4tfc3b8x0hSPP4sqIU4jQDkdTmoOrkclnJrcfErklLcS
fcjHfuUqpMnc6kec1pBhENVX9rAjat1Qu1Ol+FayQZLzUmmM1cOQnuKSuIhrUo+h
zFVNMwh8rN1PoEPnTd+bU0faIcASPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMlE
szJA6KBRClfNXmMqK86+S35uMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yN0ZFNEI3MDMwRDcxMUYxODk2NUI4QzdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcRiMA0GCSqGSIb3DQEBCwUA
A4IBAQBSrn9Uy6e7QTXcCaZtx9TJn8b07qdipm0QwvNhgh4ITveb9EdlZGhlnoKW
rI/EUvNqUxdxG2wVhmYIKLUIZRSr8kurhbPcpjMHFPc2f7kzBe1qCk8mXfsgzK5K
n8O9eTnX2stRGkmfJjYGIrgePA6F3GdyBO/7DbjoLE2fEoTVC0Ry1HzTXbiJJdV/
WUy7ZmQQKOkSo4OuP8VYkJIixVVcBYh/BAW6AX0XyeYkCLabCLPEWQ/WR8GISj16
0S3JwGhQKTaL9zXH0GwxCmV1MdSWvjnTP54EykhvOMeV/xwefAag73k/cJG2lbvt
GdEVu+CPMzEStit19A49y4foXcWN
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:54:28 2026 by rpki-client