Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D6B418AFB4D11F0B13062B8DAE4EC9C.roa
File: 3D6B418AFB4D11F0B13062B8DAE4EC9C.roa (raw, json)
Hash identifier: LZ2ZYiggRCj4xnLSozxgU8TYj1DQGByS8IvHQ2p0WPk=
Subject key identifier: 00:3B:94:8A:C3:92:53:A4:11:1A:B0:1D:4C:57:7F:F6:7E:B1:51:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 019A0D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D6B418AFB4D11F0B13062B8DAE4EC9C.roa
Signing time: Tue 27 Jan 2026 06:56:01 +0000
ROA not before: Tue 27 Jan 2026 06:55:56 +0000
ROA not after: Mon 09 Mar 2026 06:55:56 +0000
asID: 3257
IP address blocks: 45.199.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104973 (0x19a0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 27 06:55:56 2026 GMT
Not After : Mar 9 06:55:56 2026 GMT
Subject: CN=69786181-58da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:75:72:01:fe:64:93:a1:db:06:10:24:fe:d4:
b8:61:17:dc:4d:90:48:6c:f5:3c:64:bc:4e:2b:5b:
c3:fd:85:0c:4b:1f:83:5a:30:11:bd:c3:3c:12:bd:
96:fa:89:bd:49:e2:f3:37:95:9b:f6:f9:03:0e:ae:
5a:1f:05:fc:de:3c:af:6d:58:4a:67:0a:3a:32:d6:
d0:75:6c:61:04:b8:ae:23:76:16:15:72:8d:3d:90:
da:7a:4c:bb:e4:55:7f:f8:bf:64:84:a0:ce:68:1e:
06:d3:94:1e:3c:e6:1a:fe:3f:6e:0d:5f:d5:c9:4d:
64:05:10:65:14:f1:fa:19:0d:8d:a1:fe:f0:cb:dd:
ed:4d:1e:34:f0:6c:a2:f5:7f:f3:0c:f5:b5:b1:7d:
1b:6d:93:09:db:52:4f:ca:42:9c:c0:3b:af:f4:85:
b5:97:c0:91:ac:f2:15:a9:f3:8d:38:ee:b9:78:32:
99:1b:0a:0d:f4:fc:d6:b7:1e:f0:ee:7a:37:ef:8e:
40:63:e3:06:c3:09:d7:b8:9e:c7:e5:7f:a4:a5:a2:
ef:20:13:81:a2:61:ec:91:24:18:3a:c4:d9:02:3c:
7c:be:59:37:fd:19:bd:30:fb:c4:c7:53:8f:c6:bc:
04:b6:c7:fc:89:5e:b3:ee:23:d6:f1:29:73:0f:ad:
d0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:3B:94:8A:C3:92:53:A4:11:1A:B0:1D:4C:57:7F:F6:7E:B1:51:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D6B418AFB4D11F0B13062B8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.149.0/24
Signature Algorithm: sha256WithRSAEncryption
40:0a:5e:6a:ad:18:42:2a:b8:af:4b:62:99:d6:8a:ce:07:1e:
2b:d2:01:9f:db:e3:3d:db:c1:54:67:8e:30:35:b1:2a:7e:33:
f7:3a:17:61:00:c2:61:d7:c2:6e:f6:fe:63:cb:ff:8e:cc:fd:
f8:a6:8e:a9:ca:2b:75:6f:f9:e9:79:e3:25:48:b1:2c:55:86:
94:58:71:c0:12:19:47:4d:d3:f8:82:07:be:c5:61:39:88:1a:
bc:e7:3a:0c:4e:a5:75:a1:e5:94:46:c9:8b:0e:7d:7c:83:e1:
b8:f9:ae:6f:e7:3d:70:b8:c8:9c:71:ec:1c:1a:c6:da:37:b7:
e7:ad:ac:da:e3:02:86:cd:00:98:a1:30:ec:93:bb:0e:f3:c5:
05:5e:4b:f3:0b:2a:70:ce:2e:9a:20:77:d5:ee:9b:13:bb:bd:
79:1c:3a:75:00:c2:37:ee:ad:07:d7:30:ef:b0:92:1e:67:1f:
c5:e0:be:41:7d:8a:9f:9c:a8:84:2d:6f:81:fa:ad:37:2f:c2:
52:03:94:8f:ed:d3:0d:4e:54:ab:52:16:1d:77:78:d1:a4:31:
ba:7d:4a:ad:e3:3b:f0:9e:75:37:88:e4:4a:0e:69:c7:53:2d:
c4:d2:62:3a:0f:66:e7:22:18:a8:02:e0:a6:44:d9:3f:92:4c:
c0:b7:e7:d5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAZoNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMTI3MDY1NTU2WhcNMjYwMzA5MDY1NTU2WjAYMRYw
FAYDVQQDEw02OTc4NjE4MS01OGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1nVyAf5kk6HbBhAk/tS4YRfcTZBIbPU8ZLxOK1vD/YUMSx+DWjARvcM8
Er2W+om9SeLzN5Wb9vkDDq5aHwX83jyvbVhKZwo6MtbQdWxhBLiuI3YWFXKNPZDa
eky75FV/+L9khKDOaB4G05QePOYa/j9uDV/VyU1kBRBlFPH6GQ2Nof7wy93tTR40
8Gyi9X/zDPW1sX0bbZMJ21JPykKcwDuv9IW1l8CRrPIVqfONOO65eDKZGwoN9PzW
tx7w7no3745AY+MGwwnXuJ7H5X+kpaLvIBOBomHskSQYOsTZAjx8vlk3/Rm9MPvE
x1OPxrwEtsf8iV6z7iPW8SlzD63QQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAA7
lIrDklOkERqwHUxXf/Z+sVE/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRDZCNDE4QUZCNEQxMUYwQjEzMDYyQjhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALceVMA0GCSqGSIb3DQEBCwUA
A4IBAQBACl5qrRhCKrivS2KZ1orOBx4r0gGf2+M928FUZ44wNbEqfjP3OhdhAMJh
18Ju9v5jy/+OzP34po6pyit1b/npeeMlSLEsVYaUWHHAEhlHTdP4gge+xWE5iBq8
5zoMTqV1oeWURsmLDn18g+G4+a5v5z1wuMiccewcGsbaN7fnraza4wKGzQCYoTDs
k7sO88UFXkvzCypwzi6aIHfV7psTu715HDp1AMI37q0H1zDvsJIeZx/F4L5BfYqf
nKiELW+B+q03L8JSA5SP7dMNTlSrUhYdd3jRpDG6fUqt4zvwnnU3iORKDmnHUy3E
0mI6D2bnIhioAuCmRNk/kkzAt+fV
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:19:52 2026 by rpki-client