Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4021450E109311F18F555978DAE4EC9C.roa
File: 4021450E109311F18F555978DAE4EC9C.roa (raw, json)
Hash identifier: XBJLs3qc8fzT+HCuzwUHhTRA03/xcM2ravjKJ5XY0pQ=
Subject key identifier: 05:F7:0A:51:F9:51:68:BD:9D:F6:60:C1:73:3B:DD:23:AC:AE:6A:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 019FF0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4021450E109311F18F555978DAE4EC9C.roa
Signing time: Mon 23 Feb 2026 08:40:05 +0000
ROA not before: Mon 23 Feb 2026 08:40:00 +0000
ROA not after: Mon 30 Mar 2026 08:40:00 +0000
asID: 62468
IP address blocks: 45.204.218.0/24 maxlen: 24
45.204.219.0/24 maxlen: 24
45.204.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106480 (0x19ff0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 23 08:40:00 2026 GMT
Not After : Mar 30 08:40:00 2026 GMT
Subject: CN=699c1265-58dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9e:9e:fe:54:46:c1:2f:fd:36:be:e5:8f:ed:
5c:8f:ee:67:5d:13:43:a1:1e:ce:9b:01:41:dc:24:
97:56:83:b1:42:da:4a:f4:29:de:c1:25:21:84:8c:
b0:45:dd:64:ad:2b:82:d2:69:f9:c3:86:ec:0e:de:
29:bf:dd:29:65:ab:e5:50:ba:4e:87:75:1e:09:ac:
d9:ac:de:6d:aa:79:65:bd:ec:93:4e:c6:90:2a:4a:
6c:ad:5f:2f:09:7a:ff:16:a1:61:fd:6d:4c:b1:9b:
88:5b:20:c5:cd:cd:f2:52:b2:da:21:8d:ef:d7:a5:
b0:94:27:ff:83:37:1f:10:6e:38:f9:c2:1c:3f:14:
6e:fe:7b:9f:bf:1d:e5:35:8b:75:a4:b0:8d:01:f4:
80:15:e3:6f:68:a5:ad:ff:7c:56:a2:f4:f1:69:b9:
be:ff:b1:38:7f:04:3e:77:f4:df:b9:bc:19:89:88:
58:cf:a5:67:bf:a5:9b:61:a2:20:95:1f:c0:54:6a:
31:28:8b:4d:d4:59:93:21:e5:80:c3:b5:d1:0c:4f:
e9:4b:11:ef:9b:23:dc:2a:06:95:37:8b:17:88:49:
e2:63:c5:df:f9:b2:a0:d7:93:37:e5:67:08:0d:32:
77:a4:71:40:57:5f:ec:01:b0:d4:75:6a:88:34:f8:
70:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F7:0A:51:F9:51:68:BD:9D:F6:60:C1:73:3B:DD:23:AC:AE:6A:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4021450E109311F18F555978DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.218.0-45.204.220.255
Signature Algorithm: sha256WithRSAEncryption
08:b4:50:2c:2d:c6:21:a5:25:1b:02:8a:f7:27:bf:6b:51:dd:
27:96:fe:90:1c:e0:3f:ea:1a:ee:88:e9:92:3c:4a:cd:bf:ed:
8c:72:5a:3f:cb:3b:85:72:96:dd:89:66:ee:17:d5:57:e0:9e:
b5:98:42:84:30:1d:a0:2d:78:60:4b:1b:b9:d6:7c:d6:78:aa:
0e:b5:e7:b3:e5:77:57:36:c0:2d:a5:58:d2:28:0c:79:b3:cf:
d0:d0:00:22:a7:61:f5:67:a5:8f:7e:7c:6e:5f:76:1a:53:d6:
fc:56:2f:7a:f7:cb:70:50:34:00:52:12:83:10:27:40:b4:c0:
79:47:54:09:ef:f9:5b:5d:b1:02:2a:e0:95:45:25:ca:51:75:
58:1b:d4:53:c4:b8:7a:b0:33:89:2b:7c:75:2b:e0:c2:93:11:
f8:fa:17:83:55:19:ea:f4:b5:4a:a5:da:1a:a6:d3:fd:3c:88:
1b:3d:a8:87:da:30:a5:0a:2a:96:56:cc:61:c1:8b:94:d8:fa:
2c:9f:ff:9c:20:46:93:2f:44:31:90:b2:c1:0b:80:e7:61:f7:
a4:85:17:75:cb:16:c2:de:9e:1c:c4:30:05:a5:1b:a2:8b:1d:
85:6b:f0:1b:c4:b6:f2:16:a2:f3:25:19:01:30:ac:0e:b4:10:
47:d7:a5:53
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAZ/wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjIzMDg0MDAwWhcNMjYwMzMwMDg0MDAwWjAYMRYw
FAYDVQQDEw02OTljMTI2NS01OGRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtp6e/lRGwS/9Nr7lj+1cj+5nXRNDoR7OmwFB3CSXVoOxQtpK9CnewSUh
hIywRd1krSuC0mn5w4bsDt4pv90pZavlULpOh3UeCazZrN5tqnllveyTTsaQKkps
rV8vCXr/FqFh/W1MsZuIWyDFzc3yUrLaIY3v16WwlCf/gzcfEG44+cIcPxRu/nuf
vx3lNYt1pLCNAfSAFeNvaKWt/3xWovTxabm+/7E4fwQ+d/TfubwZiYhYz6Vnv6Wb
YaIglR/AVGoxKItN1FmTIeWAw7XRDE/pSxHvmyPcKgaVN4sXiEniY8Xf+bKg15M3
5WcIDTJ3pHFAV1/sAbDUdWqINPhwhQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAX3
ClH5UWi9nfZgwXM73SOsrmpyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MDIxNDUwRTEwOTMxMUYxOEY1NTU5NzhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEtzNoDBAAtzNwwDQYJKoZI
hvcNAQELBQADggEBAAi0UCwtxiGlJRsCivcnv2tR3SeW/pAc4D/qGu6I6ZI8Ss2/
7YxyWj/LO4Vylt2JZu4X1VfgnrWYQoQwHaAteGBLG7nWfNZ4qg6157Pld1c2wC2l
WNIoDHmzz9DQACKnYfVnpY9+fG5fdhpT1vxWL3r3y3BQNABSEoMQJ0C0wHlHVAnv
+VtdsQIq4JVFJcpRdVgb1FPEuHqwM4krfHUr4MKTEfj6F4NVGer0tUql2hqm0/08
iBs9qIfaMKUKKpZWzGHBi5TY+iyf/5wgRpMvRDGQssELgOdh96SFF3XLFsLenhzE
MAWlG6KLHYVr8BvEtvIWovMlGQEwrA60EEfXpVM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:35:24 2026 by rpki-client