Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2BE9E4E37D011F1B4F85FDBCE1D38B0.roa
File: C2BE9E4E37D011F1B4F85FDBCE1D38B0.roa (raw, json)
Hash identifier: Vjkwb4f3LdG2HOINnpSnWbhIVkWIjpEUT1rjKnmL9cY=
Subject key identifier: 4A:E6:62:B7:0C:13:CD:9A:8A:9C:B5:76:C6:20:8A:F6:6E:F6:82:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01ACA8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2BE9E4E37D011F1B4F85FDBCE1D38B0.roa
Signing time: Tue 14 Apr 2026 07:08:39 +0000
ROA not before: Tue 14 Apr 2026 07:08:34 +0000
ROA not after: Tue 07 Jul 2026 07:08:34 +0000
asID: 141968
IP address blocks: 45.198.36.0/24 maxlen: 24
45.198.37.0/24 maxlen: 24
45.198.38.0/24 maxlen: 24
45.198.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109736 (0x1aca8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 14 07:08:34 2026 GMT
Not After : Jul 7 07:08:34 2026 GMT
Subject: CN=69dde7f7-a8b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7f:3f:ae:3a:79:73:23:a5:b9:81:48:24:ff:
80:5e:9f:97:df:d7:e8:30:e9:e3:49:0a:12:bb:47:
9d:c9:c7:0b:93:ad:c9:ae:75:95:d3:46:64:e7:82:
e7:d2:50:bb:f4:38:f5:be:33:47:64:da:68:89:7d:
f2:03:a6:ca:31:2d:e9:95:5a:7f:90:ac:39:44:67:
7f:6f:4c:70:3d:ba:b6:cd:6e:21:c3:c7:3d:50:13:
18:1f:1c:95:77:fb:95:52:99:81:85:f4:45:a7:be:
36:60:1d:74:cb:54:78:81:fb:52:8c:e9:db:06:70:
86:e2:d7:a7:36:3d:a8:e7:90:36:53:33:fb:d5:4b:
11:49:b2:27:88:ca:4f:44:1d:e3:36:f3:8f:7c:40:
20:9a:d5:9a:b7:ac:13:22:46:3f:b1:02:ba:9a:32:
2b:3f:4b:39:8a:23:58:30:1b:1d:dc:7d:9c:9e:af:
d3:a0:6e:2d:37:41:e6:ef:08:c9:37:7f:57:db:ec:
7e:fc:73:df:3e:3b:d2:99:16:f4:02:95:a9:2a:da:
70:b9:40:dc:3a:2f:57:f8:42:11:02:36:48:63:a2:
8e:33:b8:dc:57:fb:5a:05:b6:08:b6:8d:7e:6f:7c:
2e:bf:4e:4e:bf:0c:f4:b4:e9:f8:bc:96:f5:d5:3d:
c5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E6:62:B7:0C:13:CD:9A:8A:9C:B5:76:C6:20:8A:F6:6E:F6:82:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2BE9E4E37D011F1B4F85FDBCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.36.0/22
Signature Algorithm: sha256WithRSAEncryption
29:d5:5b:28:80:77:87:1c:d6:15:72:02:30:df:41:22:0b:b5:
f2:ad:6a:f1:e9:cf:fa:db:b6:52:87:d5:5e:16:40:e5:59:0e:
d7:e2:65:b1:b7:f4:07:47:32:87:22:b8:83:d1:fc:95:ae:2e:
0b:f2:42:a0:c5:3e:94:44:2d:09:56:0a:3d:1a:35:86:01:53:
9d:9d:aa:df:04:e2:80:59:e7:49:fa:43:53:ac:e1:4a:a1:45:
86:38:7e:f8:ca:3a:4f:fd:3d:a1:52:a6:60:9f:27:0b:c0:50:
fd:e5:12:1b:16:88:68:a5:60:80:36:af:d8:38:61:00:3c:14:
2c:9c:d4:22:ff:c1:93:81:99:5f:5e:e9:bb:3b:eb:f9:17:91:
30:19:df:9d:19:29:a0:89:39:aa:39:d1:d1:09:a3:8f:2d:35:
3f:d4:ed:27:59:9b:f6:58:10:6a:24:f0:a2:47:2f:7e:47:e3:
59:ef:df:3b:e5:1b:e0:04:b1:1f:bd:1f:ea:70:e3:f9:97:8d:
2b:65:d8:f7:4d:ae:aa:ce:0c:98:1d:80:19:28:2c:4e:ef:91:
d5:46:3e:65:d2:de:3b:12:47:3a:90:a6:44:8d:a7:9b:ec:7b:
d2:19:16:38:0d:10:0e:e4:73:59:57:c1:37:18:26:c1:c1:a5:
81:3a:f0:06
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAayoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDE0MDcwODM0WhcNMjYwNzA3MDcwODM0WjAYMRYw
FAYDVQQDEw02OWRkZTdmNy1hOGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArn8/rjp5cyOluYFIJP+AXp+X39foMOnjSQoSu0edyccLk63JrnWV00Zk
54Ln0lC79Dj1vjNHZNpoiX3yA6bKMS3plVp/kKw5RGd/b0xwPbq2zW4hw8c9UBMY
HxyVd/uVUpmBhfRFp742YB10y1R4gftSjOnbBnCG4tenNj2o55A2UzP71UsRSbIn
iMpPRB3jNvOPfEAgmtWat6wTIkY/sQK6mjIrP0s5iiNYMBsd3H2cnq/ToG4tN0Hm
7wjJN39X2+x+/HPfPjvSmRb0ApWpKtpwuUDcOi9X+EIRAjZIY6KOM7jcV/taBbYI
to1+b3wuv05Ovwz0tOn4vJb11T3FNwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFErm
YrcME82aipy1dsYgivZu9oJdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMkJFOUU0RTM3RDAxMUYxQjRGODVGREJDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcYkMA0GCSqGSIb3DQEBCwUA
A4IBAQAp1VsogHeHHNYVcgIw30EiC7XyrWrx6c/627ZSh9VeFkDlWQ7X4mWxt/QH
RzKHIriD0fyVri4L8kKgxT6URC0JVgo9GjWGAVOdnarfBOKAWedJ+kNTrOFKoUWG
OH74yjpP/T2hUqZgnycLwFD95RIbFohopWCANq/YOGEAPBQsnNQi/8GTgZlfXum7
O+v5F5EwGd+dGSmgiTmqOdHRCaOPLTU/1O0nWZv2WBBqJPCiRy9+R+NZ79875Rvg
BLEfvR/qcOP5l40rZdj3Ta6qzgyYHYAZKCxO75HVRj5l0t47Ekc6kKZEjaeb7HvS
GRY4DRAO5HNZV8E3GCbBwaWBOvAG
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:54:54 2026 by rpki-client