Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9175638CFA9E11F0B47EB484DAE4EC9C.roa
File: 9175638CFA9E11F0B47EB484DAE4EC9C.roa (raw, json)
Hash identifier: Uz0/R7LFnkAyRByvNumlih8pr0cj1icdcztkfMcd+Ds=
Subject key identifier: EB:DC:D9:7B:37:76:4C:37:BC:EF:D2:6F:D5:C7:6C:2A:98:45:E5:60
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 019A02
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9175638CFA9E11F0B47EB484DAE4EC9C.roa
Signing time: Mon 26 Jan 2026 10:05:41 +0000
ROA not before: Mon 26 Jan 2026 10:05:36 +0000
ROA not after: Thu 12 Mar 2026 10:05:36 +0000
asID: 20326
IP address blocks: 45.202.100.0/23 maxlen: 24
45.206.10.0/23 maxlen: 24
45.206.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104962 (0x19a02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 26 10:05:36 2026 GMT
Not After : Mar 12 10:05:36 2026 GMT
Subject: CN=69773c74-feb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a7:9b:8d:b1:6b:58:6b:0e:4d:a8:e5:be:f4:
01:03:fa:e1:82:f3:98:d4:ab:90:9d:08:b8:63:36:
22:65:b8:44:d1:89:83:05:a6:d3:68:cf:92:42:38:
72:75:a4:de:b2:ab:93:25:b4:2b:94:3b:37:ae:d8:
46:37:13:ae:3a:b9:3d:ba:b5:72:38:e9:0e:4c:00:
d3:83:ea:9d:c7:2e:2e:82:15:f8:8b:66:ab:2a:ab:
8d:e5:59:a6:f5:2d:de:ea:b0:22:e9:ce:bb:c4:69:
a5:7c:40:88:64:20:e6:2b:f5:67:b8:a5:bc:61:0e:
05:3a:52:28:c6:80:bd:ba:24:a5:4e:5a:46:a5:6d:
1f:2c:a9:07:73:14:21:d0:b0:85:14:9e:1c:63:ea:
af:58:50:ed:55:b7:5f:08:36:40:ba:2f:95:a5:59:
69:a8:9f:96:53:c9:2c:85:77:51:e4:7f:03:a1:82:
de:87:49:0a:b6:cc:e8:de:25:7f:ec:99:7f:e3:2a:
83:32:31:f8:de:73:1e:01:3a:1f:ba:d0:23:62:47:
e5:bb:88:71:63:51:8b:6e:3b:29:0c:e9:b6:c9:02:
24:9f:8d:e8:53:66:4e:04:2b:f2:8c:2a:8b:82:8f:
4c:13:10:9d:3d:1a:5a:44:03:9f:c7:b5:42:d6:fc:
d2:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DC:D9:7B:37:76:4C:37:BC:EF:D2:6F:D5:C7:6C:2A:98:45:E5:60
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9175638CFA9E11F0B47EB484DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.100.0/23
45.206.10.0/23
45.206.20.0/22
Signature Algorithm: sha256WithRSAEncryption
11:f1:04:7d:06:22:1f:df:9d:dc:8e:ea:78:bd:97:9f:83:d8:
45:88:0e:cb:be:22:e5:13:b8:b0:a6:43:7f:3f:13:a0:93:34:
d4:4e:f3:4d:b6:92:c9:42:04:6f:61:88:f9:88:44:d0:2a:11:
97:91:16:4a:78:be:c6:22:cb:6e:de:42:6d:93:75:54:f5:fe:
4c:2c:6e:85:4c:06:6e:b3:fa:57:06:47:8b:88:1e:51:14:79:
97:7a:fc:24:67:da:5e:e1:67:ff:5f:35:94:81:ec:67:be:ba:
0d:b3:6d:35:0e:b2:69:75:07:3c:8a:cc:84:dd:89:cf:64:b5:
87:b3:ba:ca:10:de:f1:11:7e:e2:99:8c:57:e0:84:21:7b:56:
b1:f2:5b:e7:b0:22:71:21:fe:85:c3:07:c6:aa:a8:9e:4c:2e:
5e:ac:a3:c2:3d:3c:f4:1b:13:18:fc:00:7b:d9:bc:a9:66:2e:
91:f5:5f:c6:a2:2e:b2:01:94:45:26:c5:c7:23:c8:5e:11:4c:
2f:79:2b:57:10:36:ec:41:f1:81:9a:98:91:ac:ef:87:08:b9:
3a:85:45:6f:eb:e5:26:3b:4f:28:7c:54:b7:d2:3a:0a:0f:55:
8b:02:0d:c9:af:17:d9:a6:3d:a7:69:77:52:f8:b1:76:7b:7d:
df:7e:cf:01
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAZoCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMTI2MTAwNTM2WhcNMjYwMzEyMTAwNTM2WjAYMRYw
FAYDVQQDEw02OTc3M2M3NC1mZWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtaebjbFrWGsOTajlvvQBA/rhgvOY1KuQnQi4YzYiZbhE0YmDBabTaM+S
QjhydaTesquTJbQrlDs3rthGNxOuOrk9urVyOOkOTADTg+qdxy4ughX4i2arKquN
5Vmm9S3e6rAi6c67xGmlfECIZCDmK/VnuKW8YQ4FOlIoxoC9uiSlTlpGpW0fLKkH
cxQh0LCFFJ4cY+qvWFDtVbdfCDZAui+VpVlpqJ+WU8kshXdR5H8DoYLeh0kKtszo
3iV/7Jl/4yqDMjH43nMeATofutAjYkflu4hxY1GLbjspDOm2yQIkn43oU2ZOBCvy
jCqLgo9MExCdPRpaRAOfx7VC1vzSOQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFOvc
2Xs3dkw3vO/Sb9XHbCqYReVgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MTc1NjM4Q0ZBOUUxMUYwQjQ3RUI0ODREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLcpkAwQBLc4KAwQCLc4UMA0G
CSqGSIb3DQEBCwUAA4IBAQAR8QR9BiIf353cjup4vZefg9hFiA7LviLlE7iwpkN/
PxOgkzTUTvNNtpLJQgRvYYj5iETQKhGXkRZKeL7GIstu3kJtk3VU9f5MLG6FTAZu
s/pXBkeLiB5RFHmXevwkZ9pe4Wf/XzWUgexnvroNs201DrJpdQc8isyE3YnPZLWH
s7rKEN7xEX7imYxX4IQhe1ax8lvnsCJxIf6FwwfGqqieTC5erKPCPTz0GxMY/AB7
2bypZi6R9V/Goi6yAZRFJsXHI8heEUwveStXEDbsQfGBmpiRrO+HCLk6hUVv6+Um
O08ofFS30joKD1WLAg3JrxfZpj2naXdS+LF2e33ffs8B
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:25:13 2026 by rpki-client