Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41206B341B9611F1A512FA99DAE4EC9C.roa
File: 41206B341B9611F1A512FA99DAE4EC9C.roa (raw, json)
Hash identifier: YVPftaxRgVmfaDfIxS/bPLvj7rMS22KGlez6qC5+68s=
Subject key identifier: A6:5F:F4:C0:B4:B3:76:C6:86:B3:09:71:E7:3D:BD:8B:F7:3F:1A:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A371
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41206B341B9611F1A512FA99DAE4EC9C.roa
Signing time: Mon 09 Mar 2026 08:59:18 +0000
ROA not before: Mon 09 Mar 2026 08:59:13 +0000
ROA not after: Wed 25 Mar 2026 08:59:13 +0000
asID: 139613
IP address blocks: 45.194.85.0/24 maxlen: 24
45.195.60.0/24 maxlen: 24
45.195.62.0/24 maxlen: 24
45.195.192.0/24 maxlen: 24
45.195.196.0/24 maxlen: 24
45.195.197.0/24 maxlen: 24
45.195.199.0/24 maxlen: 24
45.197.1.0/24 maxlen: 24
45.197.2.0/24 maxlen: 24
45.197.4.0/24 maxlen: 24
45.197.5.0/24 maxlen: 24
45.197.20.0/24 maxlen: 24
45.199.130.0/24 maxlen: 24
45.199.131.0/24 maxlen: 24
45.199.134.0/24 maxlen: 24
45.199.137.0/24 maxlen: 24
45.199.191.0/24 maxlen: 24
45.202.8.0/24 maxlen: 24
45.202.9.0/24 maxlen: 24
45.202.10.0/24 maxlen: 24
45.202.11.0/24 maxlen: 24
45.202.63.0/24 maxlen: 24
45.204.1.0/24 maxlen: 24
45.204.64.0/24 maxlen: 24
45.204.71.0/24 maxlen: 24
45.207.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 11 Mar 2026 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107377 (0x1a371)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 9 08:59:13 2026 GMT
Not After : Mar 25 08:59:13 2026 GMT
Subject: CN=69ae8be6-b5f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ca:45:66:b1:63:cc:89:15:9b:56:20:fe:82:
22:b6:dc:05:ef:a0:68:67:e0:6d:12:f8:be:8a:fe:
73:b9:b2:67:57:6b:07:97:de:2d:4d:6a:f4:80:6d:
9f:5d:2f:08:a9:ff:bb:ae:9f:08:5d:cb:d3:c2:6c:
18:09:fa:af:1c:77:cf:64:79:29:48:26:84:0a:56:
3a:59:9f:7a:d6:1e:4a:1e:00:95:74:28:a7:1c:fb:
fc:8a:ac:0d:72:26:9d:b1:96:51:05:74:0d:1f:5b:
90:a1:99:be:28:7a:e6:24:90:a5:73:6a:21:cd:1d:
76:b0:c9:e6:45:e4:7b:6a:72:01:1a:22:45:c3:ca:
20:10:57:69:97:9f:bb:e9:16:ec:18:54:f3:10:97:
2c:ae:bf:de:4d:24:13:f4:88:83:1d:e5:a7:c4:85:
75:a0:57:76:95:d0:5c:a2:b4:87:83:71:2b:b9:b3:
5a:fd:83:1d:f9:6f:4d:f6:6f:52:cc:e1:89:0b:b3:
5b:c2:c9:30:f8:47:fb:54:46:e9:68:f7:eb:d4:d7:
37:1a:15:b3:8f:e5:24:6c:ac:25:96:de:84:7f:db:
4f:47:5f:02:ba:ef:7f:d6:45:03:8d:c0:f1:6b:34:
c5:7f:32:3b:ba:e6:0b:5f:cf:2d:91:3c:86:6d:5c:
69:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:5F:F4:C0:B4:B3:76:C6:86:B3:09:71:E7:3D:BD:8B:F7:3F:1A:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41206B341B9611F1A512FA99DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.85.0/24
45.195.60.0/24
45.195.62.0/24
45.195.192.0/24
45.195.196.0/23
45.195.199.0/24
45.197.1.0-45.197.2.255
45.197.4.0/23
45.197.20.0/24
45.199.130.0/23
45.199.134.0/24
45.199.137.0/24
45.199.191.0/24
45.202.8.0/22
45.202.63.0/24
45.204.1.0/24
45.204.64.0/24
45.204.71.0/24
45.207.163.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:0d:8b:c9:30:87:ca:61:fe:6f:ba:0a:d3:8a:97:f1:86:62:
25:9a:e6:36:4a:39:76:cf:1b:a8:7b:8f:c1:b5:ae:33:5b:e1:
f5:eb:1a:68:e2:59:a3:8a:91:f3:6d:7a:57:1d:60:47:7d:36:
ae:5a:9e:7f:c3:90:25:5b:b8:e1:aa:5a:8d:8c:7c:bc:11:66:
ae:42:aa:fa:ed:60:98:32:b5:18:a7:35:78:7f:c3:e3:b8:8f:
f8:7d:d3:db:32:8c:4b:5f:b5:9e:9e:5b:d8:5a:ef:6a:ef:83:
35:49:2b:19:0f:06:db:31:b7:8d:15:9b:17:ef:02:05:aa:56:
3b:ba:59:0e:48:d1:ea:ef:35:f6:90:ba:a2:e2:41:28:ba:5a:
91:ba:8b:3c:60:bd:95:51:af:d5:49:87:38:21:db:ce:8f:5e:
ae:65:dd:35:a1:76:4b:e7:9e:4b:bc:8c:3b:e0:49:33:5a:11:
e7:4a:0d:08:11:c3:49:6d:c6:81:e8:cf:b9:40:7e:ae:0a:ae:
ec:9f:58:d0:25:32:c7:48:ba:b1:7d:fb:76:5a:fe:db:05:2e:
70:a4:f0:5d:cc:1d:21:38:c4:5f:64:4f:6b:a8:a7:6d:e6:ec:
0b:e1:ce:3d:24:5c:59:c3:2f:16:0f:da:73:11:d9:86:89:0c:
f9:4d:40:9b
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIDAaNxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzA5MDg1OTEzWhcNMjYwMzI1MDg1OTEzWjAYMRYw
FAYDVQQDEw02OWFlOGJlNi1iNWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt8pFZrFjzIkVm1Yg/oIittwF76BoZ+BtEvi+iv5zubJnV2sHl94tTWr0
gG2fXS8Iqf+7rp8IXcvTwmwYCfqvHHfPZHkpSCaEClY6WZ961h5KHgCVdCinHPv8
iqwNciadsZZRBXQNH1uQoZm+KHrmJJClc2ohzR12sMnmReR7anIBGiJFw8ogEFdp
l5+76RbsGFTzEJcsrr/eTSQT9IiDHeWnxIV1oFd2ldBcorSHg3ErubNa/YMd+W9N
9m9SzOGJC7Nbwskw+Ef7VEbpaPfr1Nc3GhWzj+UkbKwllt6Ef9tPR18Cuu9/1kUD
jcDxazTFfzI7uuYLX88tkTyGbVxpvwIDAQABo4IDGjCCAxYwHQYDVR0OBBYEFKZf
9MC0s3bGhrMJcec9vYv3PxoiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MTIwNkIzNDFCOTYxMUYxQTUxMkZBOTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAC3CVQMEAC3DPAMEAC3D
PgMEAC3DwAMEAS3DxAMEAC3DxzAMAwQALcUBAwQALcUCAwQBLcUEAwQALcUUAwQB
LceCAwQALceGAwQALceJAwQALce/AwQCLcoIAwQALco/AwQALcwBAwQALcxAAwQA
LcxHAwQALc+jMA0GCSqGSIb3DQEBCwUAA4IBAQCqDYvJMIfKYf5vugrTipfxhmIl
muY2Sjl2zxuoe4/Bta4zW+H16xpo4lmjipHzbXpXHWBHfTauWp5/w5AlW7jhqlqN
jHy8EWauQqr67WCYMrUYpzV4f8PjuI/4fdPbMoxLX7WenlvYWu9q74M1SSsZDwbb
MbeNFZsX7wIFqlY7ulkOSNHq7zX2kLqi4kEoulqRuos8YL2VUa/VSYc4IdvOj16u
Zd01oXZL555LvIw74EkzWhHnSg0IEcNJbcaB6M+5QH6uCq7sn1jQJTLHSLqxfft2
Wv7bBS5wpPBdzB0hOMRfZE9rqKdt5uwL4c49JFxZwy8WD9pzEdmGiQz5TUCb
-----END CERTIFICATE-----
Generated at Mon Mar 9 14:05:28 2026 by rpki-client