Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/83AB90FC29AE11F1A878DAD8DAE4EC9C.roa
File: 83AB90FC29AE11F1A878DAD8DAE4EC9C.roa (raw, json)
Hash identifier: 7LZo7PD6spUhrnHagw5SsMGmFivJotp+4DqPuAz6JB8=
Subject key identifier: 9B:22:16:EA:17:F0:16:58:3D:04:FB:7C:6D:25:64:43:BE:31:5C:4F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A7AB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/83AB90FC29AE11F1A878DAD8DAE4EC9C.roa
Signing time: Fri 27 Mar 2026 07:28:14 +0000
ROA not before: Fri 27 Mar 2026 07:28:09 +0000
ROA not after: Fri 01 May 2026 07:28:09 +0000
asID: 214143
IP address blocks: 45.207.128.0/21 maxlen: 24
45.207.136.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 00:26:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108459 (0x1a7ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 27 07:28:09 2026 GMT
Not After : May 1 07:28:09 2026 GMT
Subject: CN=69c6318e-63fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:32:45:0e:43:47:6d:49:97:fd:4c:ca:55:fc:
5e:de:d6:83:db:e9:29:84:57:eb:17:55:59:16:01:
27:02:e2:97:92:81:23:0f:8d:f2:d5:1b:86:3c:2c:
c3:65:f9:98:3d:70:ea:22:9f:8b:8e:6f:fe:60:3a:
4f:6b:a2:28:96:2a:69:94:7d:65:9d:e9:b5:83:87:
c5:50:0d:a4:bd:1d:f8:ca:68:09:14:17:f7:4d:e0:
4f:4c:fe:6c:0c:fe:35:0e:af:2e:19:b1:03:77:d8:
ba:2a:ef:65:c6:fc:db:9c:f3:02:ec:c1:7b:3d:59:
8b:95:67:ad:55:62:a6:69:0d:a7:5d:99:50:26:02:
da:ef:13:60:10:65:2b:72:37:58:00:26:95:37:a5:
8b:af:67:df:21:68:9c:cf:2b:19:e3:84:30:c2:72:
d6:60:ac:06:cc:50:42:30:10:d6:fe:db:35:37:b3:
f0:b0:2e:75:bd:8c:f7:62:98:ff:c8:06:8a:1d:8d:
50:2b:64:f9:14:56:67:b0:47:93:9b:5a:13:1e:27:
be:60:cf:80:da:63:91:04:52:2d:ef:fe:0d:33:92:
c3:ec:7f:b9:96:91:fd:29:d8:17:c0:a5:20:2a:0f:
91:97:7c:68:be:44:c7:3f:69:65:ed:b8:fb:69:d6:
c9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:22:16:EA:17:F0:16:58:3D:04:FB:7C:6D:25:64:43:BE:31:5C:4F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/83AB90FC29AE11F1A878DAD8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.128.0-45.207.137.255
Signature Algorithm: sha256WithRSAEncryption
5b:1d:7b:51:23:53:04:e7:0f:92:88:9b:9c:97:b9:2b:82:68:
95:19:b5:b2:fc:f7:8a:f6:7a:aa:b0:8c:a0:bb:76:06:32:9f:
c0:b4:89:fa:02:8c:45:d9:59:0d:bf:10:0a:e5:e7:b9:df:ec:
8c:cc:a4:4e:60:56:c9:ae:da:fb:4a:d0:1a:f1:44:d0:31:d1:
2c:e3:9d:aa:dd:be:00:ab:f3:f8:0f:f0:11:c1:c4:6b:21:29:
ce:96:5c:6f:82:5f:5e:b8:a4:2c:85:13:02:b0:3b:f9:a5:13:
a0:65:3f:12:1c:32:38:45:01:02:ab:88:f8:f7:39:83:fa:59:
a0:94:84:8f:87:7b:d6:a6:9b:e1:61:74:81:ec:73:c4:a8:84:
db:5d:a4:58:61:b1:67:93:23:39:74:75:b0:ba:bf:33:42:2a:
5a:bc:ac:87:15:5b:bc:e0:62:f1:70:8d:79:1d:24:36:b0:22:
da:4a:cd:c1:0c:46:26:61:d7:e8:dc:31:04:90:95:7b:b9:b2:
b6:c6:f2:ba:51:13:36:0f:c3:29:59:ed:8a:b9:e2:17:f2:8f:
28:71:1f:63:b6:0d:c5:0f:26:db:7f:91:83:73:00:f6:91:1b:
93:4b:9a:54:58:53:07:73:0f:95:b9:cb:30:59:d1:c9:62:d1:
e0:d0:de:f5
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAaerMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzI3MDcyODA5WhcNMjYwNTAxMDcyODA5WjAYMRYw
FAYDVQQDEw02OWM2MzE4ZS02M2ZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7jJFDkNHbUmX/UzKVfxe3taD2+kphFfrF1VZFgEnAuKXkoEjD43y1RuG
PCzDZfmYPXDqIp+Ljm/+YDpPa6IolipplH1lnem1g4fFUA2kvR34ymgJFBf3TeBP
TP5sDP41Dq8uGbEDd9i6Ku9lxvzbnPMC7MF7PVmLlWetVWKmaQ2nXZlQJgLa7xNg
EGUrcjdYACaVN6WLr2ffIWiczysZ44QwwnLWYKwGzFBCMBDW/ts1N7PwsC51vYz3
Ypj/yAaKHY1QK2T5FFZnsEeTm1oTHie+YM+A2mORBFIt7/4NM5LD7H+5lpH9KdgX
wKUgKg+Rl3xovkTHP2ll7bj7adbJQwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJsi
FuoX8BZYPQT7fG0lZEO+MVxPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84M0FCOTBGQzI5QUUxMUYxQTg3OERBRDhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBActz4ADBAEtz4gwDQYJKoZI
hvcNAQELBQADggEBAFsde1EjUwTnD5KIm5yXuSuCaJUZtbL894r2eqqwjKC7dgYy
n8C0ifoCjEXZWQ2/EArl57nf7IzMpE5gVsmu2vtK0BrxRNAx0SzjnardvgCr8/gP
8BHBxGshKc6WXG+CX164pCyFEwKwO/mlE6BlPxIcMjhFAQKriPj3OYP6WaCUhI+H
e9amm+FhdIHsc8SohNtdpFhhsWeTIzl0dbC6vzNCKlq8rIcVW7zgYvFwjXkdJDaw
ItpKzcEMRiZh1+jcMQSQlXu5srbG8rpREzYPwylZ7Yq54hfyjyhxH2O2DcUPJtt/
kYNzAPaRG5NLmlRYUwdzD5W5yzBZ0cli0eDQ3vU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:19:38 2026 by rpki-client