Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC0AD8242AA411F1B49483ECDAE4EC9C.roa
File: DC0AD8242AA411F1B49483ECDAE4EC9C.roa (raw, json)
Hash identifier: 9JnOta8M+38DzdGuXFOqG4Pz76GihcHk2HBftlNgWFU=
Subject key identifier: 71:50:BB:27:98:8B:00:E8:58:1B:9D:67:FC:45:04:F6:BC:F2:FD:4B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A7F3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC0AD8242AA411F1B49483ECDAE4EC9C.roa
Signing time: Sat 28 Mar 2026 12:51:38 +0000
ROA not before: Sat 28 Mar 2026 12:51:33 +0000
ROA not after: Sat 16 May 2026 12:51:33 +0000
asID: 40779
IP address blocks: 45.192.96.0/20 maxlen: 24
45.205.16.0/20 maxlen: 24
45.207.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 Apr 2026 14:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108531 (0x1a7f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 28 12:51:33 2026 GMT
Not After : May 16 12:51:33 2026 GMT
Subject: CN=69c7ceda-1152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:63:86:56:03:f5:4b:d7:30:b8:e0:95:c9:b5:
84:71:c9:cb:ac:aa:6a:36:e6:24:0f:6a:1f:ce:c6:
61:1d:6d:63:59:2d:3c:a0:2f:d5:f4:a0:66:73:3d:
f4:1c:9b:9b:09:1b:7a:0d:19:99:1d:ba:bd:ad:b4:
2a:b4:56:fc:38:d5:5a:c6:4e:3c:99:9c:23:b9:ca:
98:99:14:d7:e5:2f:95:d5:8f:12:4f:84:91:c9:ca:
59:33:0b:29:09:97:dc:8d:ef:4c:e9:34:8d:f4:0b:
cd:7b:54:1a:2f:54:76:11:f2:fb:d1:a1:fb:2a:56:
80:6a:f7:50:10:0c:8a:dc:25:d2:2a:01:3d:e0:e9:
e7:6c:29:bd:28:9f:a2:b8:37:d6:7e:b7:7f:5f:86:
81:94:7b:37:0b:47:57:19:0b:1c:fa:cc:af:02:bd:
8e:d0:74:f1:05:1e:51:20:55:91:fa:c2:ff:ac:25:
42:4e:63:60:72:a8:56:5a:2e:06:a2:c3:f7:a8:0e:
33:48:61:4a:5d:80:c2:62:53:a2:3f:b3:b5:93:bb:
fc:1f:3e:27:ed:e8:5a:ec:ec:b3:96:db:b3:8b:8c:
ef:33:d2:f3:61:91:91:ea:0b:0d:97:50:ab:08:36:
12:e7:90:55:5c:05:a7:0e:e3:7d:ee:d9:78:e1:4b:
89:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:50:BB:27:98:8B:00:E8:58:1B:9D:67:FC:45:04:F6:BC:F2:FD:4B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC0AD8242AA411F1B49483ECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/20
45.205.16.0/20
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
38:cf:0a:7e:97:a5:2e:38:6f:bc:36:25:ac:65:3d:81:7e:2c:
b7:4a:6b:c2:78:b2:2c:27:bf:80:1a:8c:e0:1f:41:71:0d:f9:
99:3b:76:06:b9:1f:fa:2f:87:ec:bf:53:26:9a:75:a8:f5:4f:
4a:e1:7d:55:78:89:37:36:be:7a:0c:8d:33:71:8f:9b:f9:ca:
bc:40:d0:38:a2:09:02:38:6c:da:3c:50:08:58:9c:b1:75:65:
ea:87:72:39:ff:4c:a0:4a:bb:f3:a3:81:78:b9:73:6b:a6:84:
cf:76:dc:2c:98:b2:c1:ec:fe:45:5a:f3:ff:40:e1:b3:7c:57:
b2:5a:cd:8c:c5:4a:36:ce:3a:0f:5b:bd:a7:23:e3:39:48:c4:
45:fa:28:a3:6e:c6:5c:3d:14:7d:e2:15:77:e4:09:49:c8:0f:
c3:5a:7c:c4:61:89:a2:25:3f:39:57:3d:5d:9e:0a:60:c7:12:
ae:7e:ff:7e:cc:a3:fc:98:96:3f:10:9b:80:fc:51:96:26:bc:
0b:dd:4f:65:f0:7c:32:76:75:dc:f4:b0:bc:65:f4:5d:3e:25:
ac:75:bc:2b:31:d3:37:fa:51:95:5b:bf:30:71:65:bf:b4:bd:
af:90:14:4d:72:46:a8:88:8f:24:47:f5:c1:33:34:9d:8b:3a:
bb:bf:89:c9
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAafzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzI4MTI1MTMzWhcNMjYwNTE2MTI1MTMzWjAYMRYw
FAYDVQQDEw02OWM3Y2VkYS0xMTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAumOGVgP1S9cwuOCVybWEccnLrKpqNuYkD2ofzsZhHW1jWS08oC/V9KBm
cz30HJubCRt6DRmZHbq9rbQqtFb8ONVaxk48mZwjucqYmRTX5S+V1Y8ST4SRycpZ
MwspCZfcje9M6TSN9AvNe1QaL1R2EfL70aH7KlaAavdQEAyK3CXSKgE94OnnbCm9
KJ+iuDfWfrd/X4aBlHs3C0dXGQsc+syvAr2O0HTxBR5RIFWR+sL/rCVCTmNgcqhW
Wi4GosP3qA4zSGFKXYDCYlOiP7O1k7v8Hz4n7eha7Oyzltuzi4zvM9LzYZGR6gsN
l1CrCDYS55BVXAWnDuN97tl44UuJZQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFHFQ
uyeYiwDoWBudZ/xFBPa88v1LMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQzBBRDgyNDJBQTQxMUYxQjQ5NDgzRUNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQELcBgAwQELc0QAwQFLc/AMA0G
CSqGSIb3DQEBCwUAA4IBAQA4zwp+l6UuOG+8NiWsZT2Bfiy3SmvCeLIsJ7+AGozg
H0FxDfmZO3YGuR/6L4fsv1MmmnWo9U9K4X1VeIk3Nr56DI0zcY+b+cq8QNA4ogkC
OGzaPFAIWJyxdWXqh3I5/0ygSrvzo4F4uXNrpoTPdtwsmLLB7P5FWvP/QOGzfFey
Ws2MxUo2zjoPW72nI+M5SMRF+iijbsZcPRR94hV35AlJyA/DWnzEYYmiJT85Vz1d
ngpgxxKufv9+zKP8mJY/EJuA/FGWJrwL3U9l8HwydnXc9LC8ZfRdPiWsdbwrMdM3
+lGVW78wcWW/tL2vkBRNckaoiI8kR/XBMzSdizq7v4nJ
-----END CERTIFICATE-----
Generated at Sat Apr 18 01:20:11 2026 by rpki-client