Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FDD404437DD11F1A78CCFA7CE1D38B0.roa
File: 4FDD404437DD11F1A78CCFA7CE1D38B0.roa (raw, json)
Hash identifier: 0bNDfWVQGAB9JFZ0ciEmWMyVcXq7vr5WnH5HQ0zzzCc=
Subject key identifier: 6A:0C:CE:D8:78:56:56:D4:33:7D:D5:7B:73:D5:10:EB:E4:84:51:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01ACAE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FDD404437DD11F1A78CCFA7CE1D38B0.roa
Signing time: Tue 14 Apr 2026 08:38:30 +0000
ROA not before: Tue 14 Apr 2026 08:38:25 +0000
ROA not after: Sun 10 May 2026 08:38:25 +0000
asID: 61112
IP address blocks: 45.202.254.0/23 maxlen: 24
45.202.254.0/24 maxlen: 24
45.202.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109742 (0x1acae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 14 08:38:25 2026 GMT
Not After : May 10 08:38:25 2026 GMT
Subject: CN=69ddfd05-57fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b5:4b:60:5b:06:38:8b:45:e4:70:13:64:02:
00:1c:c9:06:7c:82:75:33:c7:ee:89:61:7a:39:ac:
96:90:35:86:5e:92:af:4b:94:87:04:96:a2:13:c4:
05:38:76:6e:4f:48:35:a0:7e:56:06:67:81:31:5d:
27:36:6f:4e:7f:4b:fa:96:5e:4e:1c:52:fa:7a:a9:
12:e2:f2:52:64:d0:77:ea:fa:9b:5a:a6:f2:1e:8b:
f8:48:ff:f3:5b:95:40:dd:cf:f4:4d:d1:a4:ea:c2:
b8:67:42:cf:c2:06:aa:a3:b7:63:93:64:51:b3:29:
f7:6f:b8:8b:99:50:16:82:af:22:16:63:14:64:ce:
73:cd:ce:fe:59:26:ef:7d:43:4b:5f:7f:b4:0c:69:
10:be:b1:de:52:61:78:24:87:77:ff:ad:93:6a:00:
ef:d3:53:74:dc:f7:ee:f3:05:a0:8c:cc:b3:e2:46:
08:b9:b7:8b:7e:ad:74:9a:79:f1:03:23:48:a0:b4:
84:77:00:f3:5f:ff:41:1d:35:49:b6:ee:31:77:f7:
e0:ae:a5:57:fe:65:78:8e:dc:90:31:16:64:df:7f:
9c:f0:6a:f4:f2:2e:14:15:44:ba:62:cb:e8:83:50:
9b:24:45:10:e2:02:60:c1:18:15:3e:a8:59:02:fc:
21:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:0C:CE:D8:78:56:56:D4:33:7D:D5:7B:73:D5:10:EB:E4:84:51:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FDD404437DD11F1A78CCFA7CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.254.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:e7:fa:d2:14:54:44:9b:a5:5c:6f:e3:47:0c:ab:5a:62:56:
72:ab:a5:5f:a0:70:0f:d1:27:79:3a:9c:40:7a:e2:fc:f6:f9:
34:a7:12:a4:b3:8b:c8:78:b2:f0:9f:da:56:71:a7:36:87:4d:
7a:3c:24:0b:2e:49:5d:3f:2f:f1:63:f0:72:80:a0:ae:6a:4d:
8a:ea:3c:e1:0b:25:e1:d6:22:4b:ba:d5:88:c0:c4:f7:7c:74:
26:92:d5:db:b4:00:ce:3e:38:83:92:f0:7c:5e:e6:19:09:d1:
07:0c:e2:8b:b2:4b:b6:8b:70:59:af:fb:e2:9b:48:99:b9:4f:
88:fd:db:30:c4:d3:58:b5:92:5c:f1:89:58:a5:9c:96:db:6b:
fb:9b:0e:03:77:d9:56:ae:47:e9:40:27:e5:5c:c0:36:2a:20:
31:3c:e6:8f:53:f7:df:20:d2:f8:2b:ca:ce:05:fb:52:0e:5e:
93:c2:ab:98:06:a5:48:df:8b:64:1c:58:db:58:9a:24:41:cc:
d8:ab:62:89:30:24:86:8a:6b:d8:54:5b:71:30:e9:21:8e:07:
a6:81:e8:64:a8:60:60:f5:cc:80:2d:bf:72:42:e2:21:55:23:
4c:15:66:65:30:99:e7:2d:b7:45:ab:2d:dc:18:fd:55:b6:e3:
9d:db:f1:58
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAayuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDE0MDgzODI1WhcNMjYwNTEwMDgzODI1WjAYMRYw
FAYDVQQDEw02OWRkZmQwNS01N2ZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArbVLYFsGOItF5HATZAIAHMkGfIJ1M8fuiWF6OayWkDWGXpKvS5SHBJai
E8QFOHZuT0g1oH5WBmeBMV0nNm9Of0v6ll5OHFL6eqkS4vJSZNB36vqbWqbyHov4
SP/zW5VA3c/0TdGk6sK4Z0LPwgaqo7djk2RRsyn3b7iLmVAWgq8iFmMUZM5zzc7+
WSbvfUNLX3+0DGkQvrHeUmF4JId3/62TagDv01N03Pfu8wWgjMyz4kYIubeLfq10
mnnxAyNIoLSEdwDzX/9BHTVJtu4xd/fgrqVX/mV4jtyQMRZk33+c8Gr08i4UFUS6
Ysvog1CbJEUQ4gJgwRgVPqhZAvwhCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGoM
zth4VlbUM33Ve3PVEOvkhFHZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RkRENDA0NDM3REQxMUYxQTc4Q0NGQTdDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcr+MA0GCSqGSIb3DQEBCwUA
A4IBAQCu5/rSFFREm6Vcb+NHDKtaYlZyq6VfoHAP0Sd5OpxAeuL89vk0pxKks4vI
eLLwn9pWcac2h016PCQLLkldPy/xY/BygKCuak2K6jzhCyXh1iJLutWIwMT3fHQm
ktXbtADOPjiDkvB8XuYZCdEHDOKLsku2i3BZr/vim0iZuU+I/dswxNNYtZJc8YlY
pZyW22v7mw4Dd9lWrkfpQCflXMA2KiAxPOaPU/ffINL4K8rOBftSDl6TwquYBqVI
34tkHFjbWJokQczYq2KJMCSGimvYVFtxMOkhjgemgehkqGBg9cyALb9yQuIhVSNM
FWZlMJnnLbdFqy3cGP1VtuOd2/FY
-----END CERTIFICATE-----
Generated at Sat Apr 18 14:28:36 2026 by rpki-client