Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BC974DC16FB11F1B5E251C5DAE4EC9C.roa
File: 2BC974DC16FB11F1B5E251C5DAE4EC9C.roa (raw, json)
Hash identifier: 2zNtoS9y5VBsWbIy2afhrrxQnWkziob5OGNPOGsm7+Q=
Subject key identifier: 86:5E:E7:2A:6D:BD:69:7B:CA:A5:57:4C:3C:14:77:3A:A5:EB:8B:FE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A209
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BC974DC16FB11F1B5E251C5DAE4EC9C.roa
Signing time: Tue 03 Mar 2026 12:19:05 +0000
ROA not before: Tue 03 Mar 2026 12:19:01 +0000
ROA not after: Tue 14 Apr 2026 12:19:01 +0000
asID: 141718
IP address blocks: 45.194.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Mar 2026 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107017 (0x1a209)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 3 12:19:01 2026 GMT
Not After : Apr 14 12:19:01 2026 GMT
Subject: CN=69a6d1b9-93fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:09:2e:e9:0f:f0:75:8c:88:68:d2:79:eb:eb:
aa:76:11:0f:18:bd:be:16:c1:54:ba:1b:9d:6b:41:
ff:ad:d6:b5:0c:73:c3:08:dd:6c:ba:6a:87:6c:22:
a0:0c:09:37:83:22:6b:e8:63:f0:88:b2:48:72:cc:
34:4c:21:07:cf:28:78:5b:02:89:22:2e:d1:b0:f4:
23:2f:b8:da:7b:ea:ef:82:55:16:f8:1f:f3:16:91:
0e:15:83:b4:cb:d9:83:73:6c:40:26:3b:0d:90:76:
f6:bf:bb:eb:d6:03:f5:44:2f:89:98:59:b9:37:bd:
b8:0e:f1:6a:ca:99:a3:32:72:6a:6d:b8:49:1e:4b:
c7:0a:ae:15:f2:dc:1e:d4:77:08:d8:84:21:e3:0d:
cd:be:dc:e4:fd:b7:0c:02:20:06:9a:08:c8:bd:13:
d9:09:ce:e4:80:00:ba:9e:64:2e:78:5c:52:52:8d:
6f:7a:1b:87:e0:68:00:e9:68:d9:cc:25:8f:45:1d:
81:c8:7c:eb:6d:0b:5f:c1:91:85:cf:99:8b:39:12:
37:0b:3b:a4:54:54:6d:0e:ba:cc:8a:2e:93:1c:b6:
45:a6:12:c2:f5:ae:1b:e4:b3:b4:7e:0b:d5:c9:81:
14:4b:a5:83:38:31:38:3d:b2:57:08:ed:86:3c:81:
10:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5E:E7:2A:6D:BD:69:7B:CA:A5:57:4C:3C:14:77:3A:A5:EB:8B:FE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BC974DC16FB11F1B5E251C5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.86.0/24
Signature Algorithm: sha256WithRSAEncryption
57:31:05:eb:b0:42:d5:c0:49:8a:c0:40:be:fd:82:c4:a0:22:
b8:6d:7f:26:36:f4:90:56:3b:e3:9d:7d:f7:de:99:51:ff:5d:
21:9b:b6:f6:b1:37:dc:38:d3:bc:fe:3d:93:d1:61:f6:44:9e:
33:44:ca:82:51:0f:2a:74:ce:6d:bc:14:a8:c1:cc:3a:e9:d1:
de:3a:ce:f2:35:8b:70:47:9b:84:f5:04:ad:1e:cd:5f:e0:f3:
46:28:d8:75:96:ba:b4:55:54:70:4e:36:ef:e3:28:af:fa:55:
b4:d6:b2:04:07:84:d3:ec:c7:49:ff:66:68:78:0d:7a:85:f6:
b1:ac:99:93:4a:1d:5e:dd:53:7c:f5:60:9a:53:d1:2d:02:41:
14:9c:c9:69:ec:eb:b6:b5:c9:d9:fb:22:4c:4b:d8:b1:06:c7:
99:74:21:d7:c3:b0:96:90:ba:25:73:32:e5:e0:ce:71:fb:0a:
90:fb:a0:5b:6a:10:76:72:40:bb:ba:27:45:8d:bd:71:e1:cd:
95:2c:75:ef:b7:b3:35:62:75:cd:56:60:55:07:bb:32:97:36:
51:7b:63:ff:9c:53:8d:f1:9b:fd:c5:af:07:f8:05:46:b6:4c:
b9:f0:90:d1:e2:8e:b4:3a:bd:bf:c6:4f:00:96:0e:60:08:89:
dc:18:28:b0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaIJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzAzMTIxOTAxWhcNMjYwNDE0MTIxOTAxWjAYMRYw
FAYDVQQDEw02OWE2ZDFiOS05M2ZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxgku6Q/wdYyIaNJ56+uqdhEPGL2+FsFUuhuda0H/rda1DHPDCN1sumqH
bCKgDAk3gyJr6GPwiLJIcsw0TCEHzyh4WwKJIi7RsPQjL7jae+rvglUW+B/zFpEO
FYO0y9mDc2xAJjsNkHb2v7vr1gP1RC+JmFm5N724DvFqypmjMnJqbbhJHkvHCq4V
8twe1HcI2IQh4w3Nvtzk/bcMAiAGmgjIvRPZCc7kgAC6nmQueFxSUo1vehuH4GgA
6WjZzCWPRR2ByHzrbQtfwZGFz5mLORI3CzukVFRtDrrMii6THLZFphLC9a4b5LO0
fgvVyYEUS6WDODE4PbJXCO2GPIEQ6wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIZe
5yptvWl7yqVXTDwUdzql64v+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQkM5NzREQzE2RkIxMUYxQjVFMjUxQzVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcJWMA0GCSqGSIb3DQEBCwUA
A4IBAQBXMQXrsELVwEmKwEC+/YLEoCK4bX8mNvSQVjvjnX333plR/10hm7b2sTfc
ONO8/j2T0WH2RJ4zRMqCUQ8qdM5tvBSowcw66dHeOs7yNYtwR5uE9QStHs1f4PNG
KNh1lrq0VVRwTjbv4yiv+lW01rIEB4TT7MdJ/2ZoeA16hfaxrJmTSh1e3VN89WCa
U9EtAkEUnMlp7Ou2tcnZ+yJMS9ixBseZdCHXw7CWkLolczLl4M5x+wqQ+6BbahB2
ckC7uidFjb1x4c2VLHXvt7M1YnXNVmBVB7sylzZRe2P/nFON8Zv9xa8H+AVGtky5
8JDR4o60Or2/xk8Alg5gCIncGCiw
-----END CERTIFICATE-----
Generated at Wed Mar 4 11:15:34 2026 by rpki-client