Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0669F12454D811F18B3596D3CE1D38B0.roa
File: 0669F12454D811F18B3596D3CE1D38B0.roa (raw, json)
Hash identifier: 6M2yiA5qPskGX0Bu9K+Gd/UTGKWzXcgAKGQ+fqDFu58=
Subject key identifier: 76:E9:51:C3:0E:DA:F7:11:46:81:D0:52:19:73:7C:B6:CE:0C:0D:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B6BF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0669F12454D811F18B3596D3CE1D38B0.roa
Signing time: Thu 21 May 2026 05:43:43 +0000
ROA not before: Thu 21 May 2026 05:43:38 +0000
ROA not after: Fri 10 Jul 2026 05:43:38 +0000
asID: 25160
IP address blocks: 45.201.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112319 (0x1b6bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 21 05:43:38 2026 GMT
Not After : Jul 10 05:43:38 2026 GMT
Subject: CN=6a0e9b8e-f573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:5f:c4:68:31:13:e6:9a:64:60:b6:d5:38:c4:
ee:47:5b:37:7e:4c:d7:b0:b8:e6:cb:37:31:ad:69:
b7:9c:d8:1c:5e:36:5b:f1:85:c0:69:9f:97:09:83:
86:01:03:e3:0c:5c:dd:64:a3:ff:9f:b7:9d:1a:dc:
51:30:8e:c3:43:26:bc:c5:9a:b5:9a:e8:6e:11:8f:
f2:89:3f:c1:83:0e:81:40:40:3c:e5:51:95:16:b0:
79:1b:e7:67:22:d9:be:c3:8b:c3:01:fe:56:28:11:
59:4a:a0:62:4f:95:12:12:b2:4c:15:b0:0f:f2:58:
7d:ff:84:4d:0d:0d:92:2e:ee:c0:94:6f:e2:04:ae:
5b:dc:65:44:6a:76:35:9a:27:c4:5e:ec:8c:f4:f7:
c5:4f:b2:5b:33:ea:f7:4d:b1:2e:f9:6b:18:e2:c3:
bf:0a:3d:71:57:37:39:91:e1:b0:de:49:30:a7:9a:
46:10:0d:fa:15:89:98:5d:a3:1c:df:5d:40:55:78:
1b:54:df:0a:18:1e:f6:7e:96:c9:57:0c:88:8b:4e:
ad:e1:5a:76:0e:f4:fe:6e:af:74:08:47:6a:cf:8f:
ff:3e:33:7a:69:68:c0:e9:69:dd:86:65:0f:ca:7e:
de:d2:f6:ee:ad:18:e9:fa:01:0b:d6:5e:dc:00:ef:
32:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E9:51:C3:0E:DA:F7:11:46:81:D0:52:19:73:7C:B6:CE:0C:0D:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0669F12454D811F18B3596D3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.12.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:59:31:f9:a7:ef:cd:e2:3f:a4:97:c3:b0:04:9c:62:b5:cc:
61:17:44:40:e4:5e:5e:f5:ec:49:0a:8b:20:f5:77:c7:f6:49:
18:53:46:9f:52:ef:59:f0:e6:b2:e6:01:60:52:6f:80:a0:c1:
cc:5a:4c:a5:49:d5:ad:11:78:be:36:28:72:59:9b:03:4e:cb:
37:23:e5:6c:21:a7:c6:11:7b:f1:c2:04:53:b6:48:e4:c7:32:
22:2f:ca:fa:2e:7b:a6:cc:2d:bd:32:b1:3e:07:e0:7a:8d:8c:
5d:af:e1:af:db:6e:79:4a:08:bb:19:6f:14:a9:c9:14:98:bc:
5e:d5:b6:3a:1a:58:ae:d8:a7:8b:43:7f:e7:e7:b6:d1:d0:53:
0f:38:4e:c9:34:4b:0e:14:33:d6:2f:d0:ca:9d:0f:0a:8c:04:
00:b5:c4:d2:98:69:89:0b:1c:51:34:27:70:19:21:5e:7d:72:
dd:77:58:77:d4:5e:73:1c:50:62:8c:d6:9b:e4:23:7e:33:b4:
d6:af:c6:73:9e:71:4c:a0:71:27:a1:3e:cb:1a:3c:7a:64:7a:
eb:b8:b3:62:4a:36:0d:ab:14:db:02:07:17:f5:80:7e:cd:eb:
ce:de:4a:14:0d:e5:e6:01:fc:cf:fa:53:77:04:cd:f0:1a:f3:
3a:ee:64:a0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAba/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTIxMDU0MzM4WhcNMjYwNzEwMDU0MzM4WjAYMRYw
FAYDVQQDEw02YTBlOWI4ZS1mNTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA81/EaDET5ppkYLbVOMTuR1s3fkzXsLjmyzcxrWm3nNgcXjZb8YXAaZ+X
CYOGAQPjDFzdZKP/n7edGtxRMI7DQya8xZq1muhuEY/yiT/Bgw6BQEA85VGVFrB5
G+dnItm+w4vDAf5WKBFZSqBiT5USErJMFbAP8lh9/4RNDQ2SLu7AlG/iBK5b3GVE
anY1mifEXuyM9PfFT7JbM+r3TbEu+WsY4sO/Cj1xVzc5keGw3kkwp5pGEA36FYmY
XaMc311AVXgbVN8KGB72fpbJVwyIi06t4Vp2DvT+bq90CEdqz4//PjN6aWjA6Wnd
hmUPyn7e0vburRjp+gEL1l7cAO8ybwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHbp
UcMO2vcRRoHQUhlzfLbODA0GMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNjY5RjEyNDU0RDgxMUYxOEIzNTk2RDNDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLckMMA0GCSqGSIb3DQEBCwUA
A4IBAQB9WTH5p+/N4j+kl8OwBJxitcxhF0RA5F5e9exJCosg9XfH9kkYU0afUu9Z
8Oay5gFgUm+AoMHMWkylSdWtEXi+NihyWZsDTss3I+VsIafGEXvxwgRTtkjkxzIi
L8r6LnumzC29MrE+B+B6jYxdr+Gv2255Sgi7GW8UqckUmLxe1bY6Gliu2KeLQ3/n
57bR0FMPOE7JNEsOFDPWL9DKnQ8KjAQAtcTSmGmJCxxRNCdwGSFefXLdd1h31F5z
HFBijNab5CN+M7TWr8ZznnFMoHEnoT7LGjx6ZHrruLNiSjYNqxTbAgcX9YB+zevO
3koUDeXmAfzP+lN3BM3wGvM67mSg
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:02 2026 by rpki-client