Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/442B69E8132411F18A3179ACDAE4EC9C.roa
File: 442B69E8132411F18A3179ACDAE4EC9C.roa (raw, json)
Hash identifier: tysaeYSsu/P1PRq17d5cKcfIgzZqqLa/wY7jR+9j0X8=
Subject key identifier: E0:3C:08:AE:69:F7:35:BD:A5:A0:EA:66:33:F2:CE:F1:52:E4:95:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A0DD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/442B69E8132411F18A3179ACDAE4EC9C.roa
Signing time: Thu 26 Feb 2026 15:03:11 +0000
ROA not before: Thu 26 Feb 2026 15:03:05 +0000
ROA not after: Thu 09 Apr 2026 15:03:05 +0000
asID: 10103
IP address blocks: 45.196.206.0/23 maxlen: 24
45.196.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106717 (0x1a0dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 26 15:03:05 2026 GMT
Not After : Apr 9 15:03:05 2026 GMT
Subject: CN=69a060af-6d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bf:9f:cd:59:9d:95:75:1d:bb:61:fc:82:64:
0b:93:41:5e:20:f3:d1:7d:b0:c6:e0:25:83:6e:2e:
ee:19:4a:1c:1a:0b:51:6f:be:a0:ba:0c:c0:dc:14:
a6:91:15:ad:54:bc:d9:c1:83:06:e2:cd:89:25:89:
a8:8f:ad:eb:10:d8:6f:f2:52:17:46:03:83:fe:57:
8f:14:6a:bf:d6:bc:a6:4e:a1:73:b1:f5:9d:05:93:
5c:4e:42:db:88:b2:08:14:fc:52:89:5d:cc:14:7b:
96:40:c0:d8:12:3e:90:ad:d2:3b:6f:1c:97:33:d7:
32:9d:cf:b4:40:92:2a:c9:3c:ca:77:cf:fd:32:85:
b0:a9:d7:d3:d0:86:1a:17:f7:47:d8:cd:22:ad:17:
b5:fd:3f:5e:71:aa:ad:24:a9:8a:72:72:da:8a:62:
f6:67:ad:af:d3:7f:a4:21:9c:da:83:06:84:59:1b:
9a:86:e9:29:ed:3c:b9:24:6d:e4:ed:d0:fc:bd:12:
ae:c6:66:1a:00:de:b9:c1:e3:2a:74:de:8c:ee:29:
3c:a9:24:a6:f8:21:ff:a0:74:9f:97:0c:08:e4:ec:
77:e4:f5:34:97:60:62:53:fd:4d:66:8a:a7:c8:23:
eb:2c:36:91:4e:41:5d:b5:71:45:93:74:61:8a:13:
a7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3C:08:AE:69:F7:35:BD:A5:A0:EA:66:33:F2:CE:F1:52:E4:95:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/442B69E8132411F18A3179ACDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.206.0/23
45.196.228.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:fe:cf:98:aa:0c:22:83:4d:9b:fe:9e:d1:61:e1:f6:f4:09:
58:a0:2b:47:55:20:4e:7b:c8:8d:96:38:e7:c5:89:79:43:c8:
91:a0:71:6c:65:a7:d2:81:da:66:b5:54:99:40:b9:9b:54:80:
5f:a8:85:0d:15:4a:f2:e4:eb:e3:f1:d1:81:9a:f7:3f:77:f4:
bd:a6:2c:66:a0:e3:e9:a4:29:4c:bd:62:54:69:98:bd:e9:1a:
54:b6:aa:17:41:4c:30:d3:57:73:c6:7a:6f:84:03:bb:30:6e:
d1:a5:8d:60:6a:1f:da:37:31:19:dc:0c:2d:b8:ac:b0:02:ea:
2b:43:c9:90:21:c7:e0:d6:bb:e6:fd:78:8f:10:f8:80:f3:40:
3a:a6:0f:f9:15:3f:84:26:b0:10:78:e4:1b:66:9a:8a:d9:e8:
b6:65:9c:83:4e:47:7e:35:90:d2:54:e6:82:90:7f:0c:9b:45:
f3:10:58:9e:0c:81:95:03:91:67:22:e1:0d:44:3b:26:3b:19:
2c:dd:cb:df:10:67:48:7b:c6:b7:e1:6e:27:d1:37:9d:2f:35:
ed:9e:03:fa:ba:a1:1b:84:17:d0:b4:90:a1:50:69:4c:12:2a:
f9:32:d8:c7:70:03:92:60:c2:60:55:d7:c4:ee:95:58:e7:e1:
48:d3:6a:30
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAaDdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjI2MTUwMzA1WhcNMjYwNDA5MTUwMzA1WjAYMRYw
FAYDVQQDEw02OWEwNjBhZi02ZDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApb+fzVmdlXUdu2H8gmQLk0FeIPPRfbDG4CWDbi7uGUocGgtRb76gugzA
3BSmkRWtVLzZwYMG4s2JJYmoj63rENhv8lIXRgOD/lePFGq/1rymTqFzsfWdBZNc
TkLbiLIIFPxSiV3MFHuWQMDYEj6QrdI7bxyXM9cync+0QJIqyTzKd8/9MoWwqdfT
0IYaF/dH2M0irRe1/T9ecaqtJKmKcnLaimL2Z62v03+kIZzagwaEWRuahukp7Ty5
JG3k7dD8vRKuxmYaAN65weMqdN6M7ik8qSSm+CH/oHSflwwI5Ox35PU0l2BiU/1N
ZoqnyCPrLDaRTkFdtXFFk3RhihOnRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOA8
CK5p9zW9paDqZjPyzvFS5JX0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NDJCNjlFODEzMjQxMUYxOEEzMTc5QUNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLcTOAwQALcTkMA0GCSqGSIb3
DQEBCwUAA4IBAQA//s+Yqgwig02b/p7RYeH29AlYoCtHVSBOe8iNljjnxYl5Q8iR
oHFsZafSgdpmtVSZQLmbVIBfqIUNFUry5Ovj8dGBmvc/d/S9pixmoOPppClMvWJU
aZi96RpUtqoXQUww01dzxnpvhAO7MG7RpY1gah/aNzEZ3AwtuKywAuorQ8mQIcfg
1rvm/XiPEPiA80A6pg/5FT+EJrAQeOQbZpqK2ei2ZZyDTkd+NZDSVOaCkH8Mm0Xz
EFieDIGVA5FnIuENRDsmOxks3cvfEGdIe8a34W4n0TedLzXtngP6uqEbhBfQtJCh
UGlMEir5MtjHcAOSYMJgVdfE7pVY5+FI02ow
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:03:15 2026 by rpki-client