Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/056F18FA583711F1A5A83FDCCE1D38B0.roa
File: 056F18FA583711F1A5A83FDCCE1D38B0.roa (raw, json)
Hash identifier: sW5P1jjRRYMXlreSkXqfQ6zcYBsYKveLYXb1wEErHqk=
Subject key identifier: B4:3C:CC:7E:69:EC:F5:DC:03:E9:4A:D0:E2:54:C3:3A:D1:54:41:97
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B988
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/056F18FA583711F1A5A83FDCCE1D38B0.roa
Signing time: Mon 25 May 2026 12:41:17 +0000
ROA not before: Mon 25 May 2026 12:41:12 +0000
ROA not after: Wed 19 Aug 2026 12:41:12 +0000
asID: 54600
IP address blocks: 45.195.112.0/21 maxlen: 24
45.195.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113032 (0x1b988)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 25 12:41:12 2026 GMT
Not After : Aug 19 12:41:12 2026 GMT
Subject: CN=6a14436c-1e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:58:29:a8:97:df:6a:75:3b:53:87:70:e1:2d:
ca:9e:a3:be:5d:d8:de:f5:1f:2d:82:bc:01:1d:3c:
ff:be:11:88:18:4e:5d:a3:a2:9c:a1:a6:98:47:86:
76:c2:aa:d4:ff:cd:fa:1d:5f:8e:82:3c:70:9e:ce:
a4:32:fe:0d:a3:94:4f:69:76:67:80:b0:cb:4e:57:
7a:dc:3d:51:51:32:fa:87:16:db:ef:d7:8d:6e:f1:
d3:dd:03:1b:92:76:a0:03:1d:e6:40:e5:36:bd:ec:
bd:e1:30:bd:6e:b5:f8:a3:64:d9:a3:a2:72:46:ba:
9e:de:e7:42:19:2f:7f:ae:dc:6f:fb:17:b4:31:97:
97:e9:aa:8a:2d:7f:89:73:36:8f:cb:70:ce:63:b9:
28:4d:29:b0:60:29:c2:1a:de:3e:4a:5d:6b:00:bf:
94:ff:e0:99:56:fa:d6:6d:9c:3d:34:60:1c:58:73:
32:ec:29:79:46:b7:da:ba:0e:ae:75:08:5a:e5:53:
9a:4d:22:71:c9:3e:45:32:63:12:1e:08:ac:07:cb:
14:51:44:2a:8f:62:cb:75:84:50:0c:96:e3:4e:ee:
e5:26:cc:7c:0d:cc:10:ab:fb:ac:c9:21:dd:cc:7b:
b9:76:95:41:2e:85:41:e7:4b:e5:69:94:fd:08:d9:
9d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3C:CC:7E:69:EC:F5:DC:03:E9:4A:D0:E2:54:C3:3A:D1:54:41:97
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/056F18FA583711F1A5A83FDCCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.112.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:dc:7d:04:55:13:10:29:5f:c7:d7:dd:3d:57:1d:8d:0f:91:
0a:74:bc:d4:43:1e:84:f1:2c:7f:c8:2d:6a:5c:00:a3:e9:f9:
b8:c6:6a:3e:1f:d6:f1:73:14:1e:23:d7:f5:25:33:0e:6c:cc:
1e:46:84:1b:64:e5:6e:57:e7:d9:c4:04:09:76:5c:2e:1d:6f:
ef:81:3f:f2:fb:a0:54:89:8b:2c:14:cd:8a:2a:a8:2a:3d:15:
c6:2e:5b:b4:c3:c9:c3:70:cf:d2:f0:4c:74:64:ea:43:ae:9d:
c5:fd:df:be:e6:95:7d:8a:48:ea:38:c8:34:10:a7:23:25:43:
4f:5f:56:e0:32:f0:3b:56:01:df:e6:ca:d9:96:56:2f:8c:c2:
98:f0:b3:dd:20:ad:a5:7e:85:54:4c:80:3c:0b:c2:d1:c5:a5:
bd:7d:2b:d0:7e:9e:ce:fb:3e:2a:6b:21:ba:0b:0b:7a:f7:1b:
76:3b:45:76:eb:b5:7d:21:a2:26:9d:1e:44:a7:d7:b5:3c:c9:
01:e6:cc:43:10:0d:00:2e:de:c7:34:92:c4:20:43:a5:94:b3:
23:2a:fe:ae:47:c0:7f:31:84:32:ad:d4:5e:1a:3a:7a:cb:be:
89:f5:2d:98:46:36:4f:cf:d6:16:ca:0f:09:00:87:d0:18:0a:
ae:08:d9:f5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbmIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTI1MTI0MTEyWhcNMjYwODE5MTI0MTEyWjAYMRYw
FAYDVQQDEw02YTE0NDM2Yy0xZTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2FgpqJffanU7U4dw4S3KnqO+Xdje9R8tgrwBHTz/vhGIGE5do6KcoaaY
R4Z2wqrU/836HV+Ogjxwns6kMv4No5RPaXZngLDLTld63D1RUTL6hxbb79eNbvHT
3QMbknagAx3mQOU2vey94TC9brX4o2TZo6JyRrqe3udCGS9/rtxv+xe0MZeX6aqK
LX+JczaPy3DOY7koTSmwYCnCGt4+Sl1rAL+U/+CZVvrWbZw9NGAcWHMy7Cl5Rrfa
ug6udQha5VOaTSJxyT5FMmMSHgisB8sUUUQqj2LLdYRQDJbjTu7lJsx8DcwQq/us
ySHdzHu5dpVBLoVB50vlaZT9CNmdhwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLQ8
zH5p7PXcA+lK0OJUwzrRVEGXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNTZGMThGQTU4MzcxMUYxQTVBODNGRENDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcNwMA0GCSqGSIb3DQEBCwUA
A4IBAQBN3H0EVRMQKV/H1909Vx2ND5EKdLzUQx6E8Sx/yC1qXACj6fm4xmo+H9bx
cxQeI9f1JTMObMweRoQbZOVuV+fZxAQJdlwuHW/vgT/y+6BUiYssFM2KKqgqPRXG
Llu0w8nDcM/S8Ex0ZOpDrp3F/d++5pV9ikjqOMg0EKcjJUNPX1bgMvA7VgHf5srZ
llYvjMKY8LPdIK2lfoVUTIA8C8LRxaW9fSvQfp7O+z4qayG6Cwt69xt2O0V267V9
IaImnR5Ep9e1PMkB5sxDEA0ALt7HNJLEIEOllLMjKv6uR8B/MYQyrdReGjp6y76J
9S2YRjZPz9YWyg8JAIfQGAquCNn1
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:03 2026 by rpki-client