Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/620B48E838C211F1BBEE3B1BCF1D38B0.roa
File: 620B48E838C211F1BBEE3B1BCF1D38B0.roa (raw, json)
Hash identifier: Fe9gRiFzXE7YkxBSNec6FcsavUtIuifAUGG84n6VmyA=
Subject key identifier: 2A:38:DB:FB:A2:4E:B9:7B:47:A2:A9:17:D4:23:A1:44:A9:27:93:18
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01ACE6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/620B48E838C211F1BBEE3B1BCF1D38B0.roa
Signing time: Wed 15 Apr 2026 11:58:15 +0000
ROA not before: Wed 15 Apr 2026 11:58:10 +0000
ROA not after: Thu 21 May 2026 11:58:10 +0000
asID: 63199
IP address blocks: 45.195.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109798 (0x1ace6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 15 11:58:10 2026 GMT
Not After : May 21 11:58:10 2026 GMT
Subject: CN=69df7d57-2b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:24:54:c4:c0:27:a3:66:40:b4:3b:72:74:f4:
0c:d1:78:51:4a:72:12:ad:c4:e2:f9:d5:7f:8b:22:
f8:72:d6:0c:d2:24:c6:65:2a:f4:d4:1e:32:29:a5:
fc:be:62:09:d9:ee:85:5e:b7:4a:9a:fe:1a:6e:b0:
da:e1:b9:b1:4e:36:17:e0:dd:03:24:19:12:be:96:
da:1e:4c:eb:f1:76:85:2b:24:97:05:a3:48:80:b2:
63:e8:b5:73:db:94:e9:6b:04:6a:73:35:78:5f:be:
f6:ca:47:7a:13:88:20:8f:3c:f4:97:50:ff:d6:72:
9d:db:65:c8:08:ce:67:09:6d:3e:2c:ab:57:08:90:
b6:d6:7f:bb:b7:bc:0b:ab:0b:b2:47:5d:bf:38:e4:
ca:ac:10:2e:7d:a6:ed:ec:f8:1a:90:cb:03:bf:ec:
54:b6:65:5a:2a:db:3f:0d:ac:20:02:01:ec:5d:79:
d4:2f:a1:dc:e6:90:67:3d:17:63:87:48:d4:7f:bf:
75:e8:7f:74:9e:2f:23:22:4f:6b:0b:57:18:1c:7e:
46:dd:fa:d9:bd:be:c7:b9:23:0c:25:9b:6a:52:d1:
86:15:a7:e8:53:e2:48:81:76:52:b7:b8:63:92:a7:
e0:7c:55:69:51:a0:99:db:2c:07:3a:68:94:f1:21:
71:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:38:DB:FB:A2:4E:B9:7B:47:A2:A9:17:D4:23:A1:44:A9:27:93:18
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/620B48E838C211F1BBEE3B1BCF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.78.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:f9:9d:c6:a1:1f:3b:6f:07:86:63:2f:12:ae:2b:f2:dc:ba:
f8:17:cb:ed:05:e5:c4:24:8e:21:e2:ac:5d:68:05:05:fc:e7:
a7:33:6e:58:36:9b:7e:30:17:33:16:6a:cc:83:74:11:74:18:
87:8d:26:11:2e:3e:10:54:ea:96:0b:1b:b2:a3:68:cb:90:3b:
62:b8:5f:53:c5:47:40:6e:1e:4b:45:82:ff:c5:a0:f2:45:4d:
2b:e0:1f:c7:a7:72:a3:14:8a:10:ba:cf:53:40:b5:9e:f8:e9:
2b:32:97:1a:4b:10:79:35:2d:8d:ff:47:d5:de:83:79:f2:f8:
de:61:f1:20:34:b8:f4:08:48:1e:7c:cd:e7:03:85:aa:81:6b:
d9:f9:00:57:81:6a:09:b1:2c:20:fd:de:d5:6a:56:13:4a:cd:
00:6b:91:94:64:a1:66:a6:8f:3c:fc:31:c0:56:8d:92:0b:e5:
56:95:93:8f:ca:76:38:98:5e:a2:3c:1a:7e:9b:91:d9:31:f5:
48:3f:0e:01:c5:72:93:e9:06:6e:a5:d5:3a:36:07:04:ed:da:
9b:90:88:c0:b1:00:3d:c2:8d:7b:c8:94:fa:ef:e0:d7:c4:c0:
2c:d6:15:72:2b:79:87:e5:0d:36:ac:7a:ab:46:78:b5:31:32:
a4:8e:e9:2b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAazmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDE1MTE1ODEwWhcNMjYwNTIxMTE1ODEwWjAYMRYw
FAYDVQQDEw02OWRmN2Q1Ny0yYjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwiRUxMAno2ZAtDtydPQM0XhRSnISrcTi+dV/iyL4ctYM0iTGZSr01B4y
KaX8vmIJ2e6FXrdKmv4abrDa4bmxTjYX4N0DJBkSvpbaHkzr8XaFKySXBaNIgLJj
6LVz25TpawRqczV4X772ykd6E4ggjzz0l1D/1nKd22XICM5nCW0+LKtXCJC21n+7
t7wLqwuyR12/OOTKrBAufabt7PgakMsDv+xUtmVaKts/DawgAgHsXXnUL6Hc5pBn
PRdjh0jUf7916H90ni8jIk9rC1cYHH5G3frZvb7HuSMMJZtqUtGGFafoU+JIgXZS
t7hjkqfgfFVpUaCZ2ywHOmiU8SFxtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCo4
2/uiTrl7R6KpF9QjoUSpJ5MYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MjBCNDhFODM4QzIxMUYxQkJFRTNCMUJDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcNOMA0GCSqGSIb3DQEBCwUA
A4IBAQCo+Z3GoR87bweGYy8Srivy3Lr4F8vtBeXEJI4h4qxdaAUF/OenM25YNpt+
MBczFmrMg3QRdBiHjSYRLj4QVOqWCxuyo2jLkDtiuF9TxUdAbh5LRYL/xaDyRU0r
4B/Hp3KjFIoQus9TQLWe+OkrMpcaSxB5NS2N/0fV3oN58vjeYfEgNLj0CEgefM3n
A4WqgWvZ+QBXgWoJsSwg/d7ValYTSs0Aa5GUZKFmpo88/DHAVo2SC+VWlZOPynY4
mF6iPBp+m5HZMfVIPw4BxXKT6QZupdU6NgcE7dqbkIjAsQA9wo17yJT67+DXxMAs
1hVyK3mH5Q02rHqrRni1MTKkjukr
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:41:44 2026 by rpki-client