Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1124EE56579F11F19D8326BBCE1D38B0.roa
File: 1124EE56579F11F19D8326BBCE1D38B0.roa (raw, json)
Hash identifier: +NPf+Fspy5/7eAgr5yZ447UGkeGA5D3y2gqilhUPpA8=
Subject key identifier: FC:C0:CB:A9:1B:69:60:30:A1:43:70:8E:56:C5:EA:DB:C9:3F:97:52
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B932
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1124EE56579F11F19D8326BBCE1D38B0.roa
Signing time: Sun 24 May 2026 18:33:33 +0000
ROA not before: Sun 24 May 2026 18:33:27 +0000
ROA not after: Thu 04 Jun 2026 18:33:27 +0000
asID: 23764
IP address blocks: 45.196.24.0/24 maxlen: 24
45.196.25.0/24 maxlen: 24
45.196.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112946 (0x1b932)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 24 18:33:27 2026 GMT
Not After : Jun 4 18:33:27 2026 GMT
Subject: CN=6a13447d-1d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:03:33:26:82:cb:38:05:5e:50:fb:76:40:4c:
90:3f:b0:d0:27:35:8b:96:c2:75:1a:ee:38:ff:76:
7c:93:3c:6e:77:65:69:7b:a9:38:0e:01:4a:ae:69:
3f:c3:69:a2:80:6a:51:36:6d:5d:7d:0f:e6:cf:46:
8d:8d:64:19:a3:ff:7b:31:d7:a1:c5:d9:a0:40:86:
68:47:b7:1e:e1:2e:42:56:ff:32:61:d4:14:23:e4:
e5:ab:49:de:5a:0c:51:32:e3:41:f1:be:e2:9e:bf:
8a:8b:8b:57:2c:dd:84:ab:fe:86:2d:8d:0d:b5:64:
5e:07:10:42:b9:0b:47:d1:92:34:e8:0c:89:0f:1a:
cc:3e:aa:1c:2d:cc:05:15:0a:08:08:0d:e5:40:f3:
a0:f7:61:2f:87:d4:29:13:d6:72:af:4e:88:d4:7a:
a4:2c:f7:73:7e:31:6c:d9:f5:a7:91:43:da:78:8a:
00:f7:7e:2c:3d:13:7d:70:9a:f1:4b:78:70:ff:da:
45:57:1f:c4:46:06:9d:7d:ea:3e:d6:e2:90:43:39:
cc:36:63:76:98:8c:50:c6:c1:23:6f:db:6f:92:f0:
3e:e0:92:97:40:64:00:a3:ab:85:f4:a2:41:be:31:
b6:03:d1:30:60:e8:b6:7f:ed:20:80:5e:c7:e5:05:
0d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C0:CB:A9:1B:69:60:30:A1:43:70:8E:56:C5:EA:DB:C9:3F:97:52
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1124EE56579F11F19D8326BBCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.24.0/23
45.196.27.0/24
Signature Algorithm: sha256WithRSAEncryption
42:70:30:f6:e5:4a:2b:dd:c6:60:20:6e:4e:7f:5b:34:40:64:
99:7e:a7:94:0f:e8:d5:4f:5a:d2:af:b0:dc:52:d5:59:64:2a:
82:99:86:8d:d2:6e:fd:7e:73:8b:bb:02:0d:4e:af:4e:1b:d1:
ef:0f:f2:9a:d9:68:12:5e:33:e2:fd:57:c6:d3:6d:c8:a9:d4:
20:b8:db:37:32:2b:9b:f0:ee:c2:b7:9a:48:2e:a6:95:0d:b1:
f3:53:ba:cd:d6:9b:dd:7f:64:6f:63:9a:7f:59:ab:30:3a:ad:
15:58:fa:2f:00:82:31:22:7a:e0:31:45:08:8b:2c:aa:5f:25:
15:63:e0:76:bd:56:e2:3d:53:26:d7:73:07:7a:67:74:bc:01:
db:70:5e:ef:00:7b:b3:9a:91:11:de:c9:28:4d:bc:df:34:65:
8c:e6:84:50:d3:43:c6:d5:b0:7b:a9:9c:c4:5a:5f:43:0e:f8:
98:d5:b6:72:80:f4:5b:b7:31:93:73:97:71:85:8d:ae:78:f6:
b5:ef:49:65:04:fb:c4:72:90:19:08:26:ad:9d:ce:31:31:f9:
ae:2e:23:99:21:64:3b:0c:7a:16:97:27:19:ae:0b:b7:20:eb:
30:85:5d:47:f3:9c:4e:5d:ba:f6:26:0b:c0:a8:f7:da:c8:26:
3a:98:f9:5d
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAbkyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTI0MTgzMzI3WhcNMjYwNjA0MTgzMzI3WjAYMRYw
FAYDVQQDEw02YTEzNDQ3ZC0xZDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQMzJoLLOAVeUPt2QEyQP7DQJzWLlsJ1Gu44/3Z8kzxud2Vpe6k4DgFK
rmk/w2migGpRNm1dfQ/mz0aNjWQZo/97MdehxdmgQIZoR7ce4S5CVv8yYdQUI+Tl
q0neWgxRMuNB8b7inr+Ki4tXLN2Eq/6GLY0NtWReBxBCuQtH0ZI06AyJDxrMPqoc
LcwFFQoICA3lQPOg92Evh9QpE9Zyr06I1HqkLPdzfjFs2fWnkUPaeIoA934sPRN9
cJrxS3hw/9pFVx/ERgadfeo+1uKQQznMNmN2mIxQxsEjb9tvkvA+4JKXQGQAo6uF
9KJBvjG2A9EwYOi2f+0ggF7H5QUN9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPzA
y6kbaWAwoUNwjlbF6tvJP5dSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMTI0RUU1NjU3OUYxMUYxOUQ4MzI2QkJDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLcQYAwQALcQbMA0GCSqGSIb3
DQEBCwUAA4IBAQBCcDD25Uor3cZgIG5Of1s0QGSZfqeUD+jVT1rSr7DcUtVZZCqC
mYaN0m79fnOLuwINTq9OG9HvD/Ka2WgSXjPi/VfG023IqdQguNs3Miub8O7Ct5pI
LqaVDbHzU7rN1pvdf2RvY5p/WaswOq0VWPovAIIxInrgMUUIiyyqXyUVY+B2vVbi
PVMm13MHemd0vAHbcF7vAHuzmpER3skoTbzfNGWM5oRQ00PG1bB7qZzEWl9DDviY
1bZygPRbtzGTc5dxhY2uePa170llBPvEcpAZCCatnc4xMfmuLiOZIWQ7DHoWlycZ
rgu3IOswhV1H85xOXbr2JgvAqPfayCY6mPld
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:06:51 2026 by rpki-client