Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68D3D854124111F1977577C5DAE4EC9C.roa
File: 68D3D854124111F1977577C5DAE4EC9C.roa (raw, json)
Hash identifier: Cd74A2Mu5+H268waL8kHvBHuHyjDpEL95u57dNwvahg=
Subject key identifier: 12:C1:53:7E:6C:FC:EB:69:C3:0A:98:2B:51:3E:64:69:1C:58:35:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A08A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68D3D854124111F1977577C5DAE4EC9C.roa
Signing time: Wed 25 Feb 2026 11:59:17 +0000
ROA not before: Wed 25 Feb 2026 11:59:12 +0000
ROA not after: Sun 25 Feb 2029 11:59:12 +0000
asID: 17561
IP address blocks: 45.195.254.0/24 maxlen: 24
45.196.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Mar 2026 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106634 (0x1a08a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 25 11:59:12 2026 GMT
Not After : Feb 25 11:59:12 2029 GMT
Subject: CN=699ee415-2069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f6:74:46:62:a6:5b:98:73:13:71:da:1a:11:
2f:d6:c5:64:53:97:9a:b7:57:a0:01:45:0e:77:ac:
84:bc:95:3e:4e:de:b7:fe:d1:76:d0:b4:e1:3e:22:
4a:24:66:f8:05:0f:b4:7a:e2:cc:ad:ac:b9:6d:ad:
9b:db:20:ec:96:7c:06:68:b6:cd:fa:1b:83:df:78:
38:68:b9:af:03:3a:d3:87:0c:f2:c9:a8:e1:9f:12:
54:19:21:dd:af:f8:ef:0c:70:3f:d5:07:6b:fb:c4:
7b:17:97:6b:82:a3:4d:fc:c8:6b:5f:e3:f1:c3:f7:
67:7a:55:12:46:68:29:de:0b:b6:7b:5c:16:01:9a:
6e:08:0e:e2:ea:be:c5:29:2d:79:64:2c:02:b1:04:
db:d1:1a:41:62:d2:e0:16:4d:e6:7c:bd:94:06:7f:
80:04:1a:18:4d:ba:6d:9e:ca:9d:f3:32:51:ea:a3:
52:4f:ff:26:00:15:e2:00:90:98:d4:90:3e:e5:56:
f1:bb:61:b7:85:1c:a1:ce:27:23:c3:17:60:fa:d5:
2f:bc:f1:40:a0:ad:c9:c8:d1:7f:52:e5:e6:be:1c:
9e:46:35:9c:f6:31:8d:55:22:32:88:02:98:96:7a:
56:1d:2a:84:4a:9b:e3:b5:64:04:1a:44:32:3b:68:
fb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C1:53:7E:6C:FC:EB:69:C3:0A:98:2B:51:3E:64:69:1C:58:35:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68D3D854124111F1977577C5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.254.0/24
45.196.91.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:76:0b:8b:3c:1d:16:7b:73:4f:8e:54:45:3a:5a:76:82:42:
46:b1:4a:5c:eb:97:5d:22:70:7a:ee:a2:5c:7d:1b:db:9e:64:
24:ae:3a:2e:a8:6c:50:38:d5:38:87:06:6e:a5:f9:47:c3:ec:
b1:2f:7f:33:a6:50:31:22:0c:ce:0a:5d:97:5e:c5:df:07:1d:
9e:b0:85:9c:f0:32:61:68:50:35:bf:0c:31:3e:fc:b2:29:c9:
29:a7:de:75:97:b7:0b:19:dc:90:3c:45:fc:d9:98:f4:4e:fb:
23:60:57:b1:22:c4:ef:d9:00:b5:cf:dc:19:2f:8a:e7:1f:a5:
4b:c8:93:90:7f:d6:52:a2:bb:e3:d5:88:59:ea:3d:ef:35:1f:
03:79:20:97:92:1d:8f:4b:1a:52:6c:16:45:fc:f6:c6:73:5d:
2e:1c:33:ac:96:4d:fb:21:7e:bd:9e:da:22:33:4b:8d:40:ba:
8a:3b:a2:8d:bb:1d:33:e0:e9:26:60:15:ed:04:43:b0:cb:a0:
08:a1:f8:d8:3a:2c:fb:dc:0c:ef:df:bd:33:a2:0c:e4:3d:0a:
57:d9:6d:cb:c3:bf:f6:f1:d1:d5:79:07:5e:82:d5:b9:93:a1:
ce:0c:e1:61:1e:03:35:cc:df:ed:f7:cb:12:92:04:8e:7b:4b:
31:99:10:45
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAaCKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMjI1MTE1OTEyWhcNMjkwMjI1MTE1OTEyWjAYMRYw
FAYDVQQDEw02OTllZTQxNS0yMDY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2vZ0RmKmW5hzE3HaGhEv1sVkU5eat1egAUUOd6yEvJU+Tt63/tF20LTh
PiJKJGb4BQ+0euLMray5ba2b2yDslnwGaLbN+huD33g4aLmvAzrThwzyyajhnxJU
GSHdr/jvDHA/1Qdr+8R7F5drgqNN/MhrX+Pxw/dnelUSRmgp3gu2e1wWAZpuCA7i
6r7FKS15ZCwCsQTb0RpBYtLgFk3mfL2UBn+ABBoYTbptnsqd8zJR6qNST/8mABXi
AJCY1JA+5Vbxu2G3hRyhzicjwxdg+tUvvPFAoK3JyNF/UuXmvhyeRjWc9jGNVSIy
iAKYlnpWHSqESpvjtWQEGkQyO2j70wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBLB
U35s/OtpwwqYK1E+ZGkcWDXKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OEQzRDg1NDEyNDExMUYxOTc3NTc3QzVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcP+AwQALcRbMA0GCSqGSIb3
DQEBCwUAA4IBAQALdguLPB0We3NPjlRFOlp2gkJGsUpc65ddInB67qJcfRvbnmQk
rjouqGxQONU4hwZupflHw+yxL38zplAxIgzOCl2XXsXfBx2esIWc8DJhaFA1vwwx
PvyyKckpp951l7cLGdyQPEX82Zj0TvsjYFexIsTv2QC1z9wZL4rnH6VLyJOQf9ZS
orvj1YhZ6j3vNR8DeSCXkh2PSxpSbBZF/PbGc10uHDOslk37IX69ntoiM0uNQLqK
O6KNux0z4OkmYBXtBEOwy6AIofjYOiz73Azv370zogzkPQpX2W3Lw7/28dHVeQde
gtW5k6HODOFhHgM1zN/t98sSkgSOe0sxmRBF
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:51:31 2026 by rpki-client