Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/60E3156418B911F1B3844DF6DAE4EC9C.roa
File: 60E3156418B911F1B3844DF6DAE4EC9C.roa (raw, json)
Hash identifier: JLE+SLhDQxMx7XOWR8Qi2JXpaH4FXr/cEwyhAx0wR1M=
Subject key identifier: EB:35:8F:2F:6F:A1:B6:EE:54:61:78:F9:10:65:26:60:AD:A1:00:AF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A2B9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/60E3156418B911F1B3844DF6DAE4EC9C.roa
Signing time: Thu 05 Mar 2026 17:33:10 +0000
ROA not before: Thu 05 Mar 2026 17:33:05 +0000
ROA not after: Wed 22 Apr 2026 17:33:05 +0000
asID: 142032
IP address blocks: 45.205.24.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 23 Mar 2026 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107193 (0x1a2b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 5 17:33:05 2026 GMT
Not After : Apr 22 17:33:05 2026 GMT
Subject: CN=69a9be56-3c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c9:a4:26:78:d0:c1:85:92:e0:f6:8c:20:f3:
fb:02:cb:78:a4:dd:b7:a5:19:eb:a2:75:4e:9d:47:
dc:c1:1b:7c:8f:c7:9e:f6:df:2a:2b:2a:2a:90:09:
ec:ac:36:f4:20:09:c8:f4:e9:17:58:55:d0:29:38:
49:31:3e:8e:30:69:7e:4e:c4:ba:8b:59:e4:da:6a:
6c:79:e3:3d:e9:24:2a:5c:04:79:2d:58:20:25:43:
4f:8c:28:b9:fa:d3:aa:ac:0c:75:60:c6:40:d2:dc:
9e:68:4d:0e:87:f0:e2:1f:13:68:71:b9:d8:cf:da:
a6:02:83:25:83:9c:2f:40:e9:ac:10:08:be:a8:ff:
bd:61:cd:3e:c3:fe:3a:59:54:6f:1d:0e:05:b2:66:
2f:da:e5:6b:95:af:fd:bd:ca:5e:17:ab:af:f7:7e:
05:c5:12:e5:de:ba:18:48:dd:c4:7e:73:15:7e:9d:
d6:8c:c4:c0:84:97:c4:d0:3b:80:d6:b2:d2:8b:ed:
0c:7f:6c:63:ca:5f:ab:16:49:7d:82:be:98:35:99:
d6:79:3b:aa:17:94:29:8b:d9:02:67:4a:eb:8d:ca:
8f:a2:1e:11:44:ec:ed:21:32:4e:5d:d3:18:1b:e0:
5e:ba:e5:76:b7:2d:24:39:b8:17:97:12:34:65:26:
1a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:35:8F:2F:6F:A1:B6:EE:54:61:78:F9:10:65:26:60:AD:A1:00:AF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/60E3156418B911F1B3844DF6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.24.0/21
Signature Algorithm: sha256WithRSAEncryption
40:52:7e:70:63:eb:dd:25:60:a3:d5:80:c4:51:55:fd:15:7b:
ae:83:5f:2a:67:de:4a:ea:28:57:7d:fe:28:74:c8:ac:fd:23:
f3:7e:3b:66:f4:df:5c:1a:47:6f:58:37:ab:f3:b5:7c:f9:8b:
52:a0:5c:b3:a5:27:8c:7d:e7:a1:0d:b9:b7:57:b2:8b:75:9f:
37:35:7e:bb:f7:03:9b:d8:ff:80:04:04:fd:f0:bb:4c:62:58:
cb:e5:c3:a4:d9:63:b2:7e:0a:fe:6e:2e:65:e5:48:50:e3:2e:
4b:0c:8f:d6:71:21:7d:c8:6d:5f:5c:9a:d8:c4:00:c7:b1:da:
17:3b:fd:ed:94:05:2c:5e:21:2d:71:93:c6:29:d6:75:c5:63:
6a:b7:b5:e9:74:5f:d0:62:97:a7:b5:a7:48:9a:f3:94:50:9f:
3e:c4:b2:af:85:52:62:df:1c:ae:7b:41:48:c3:eb:9b:21:74:
bd:c2:24:c1:ef:a4:a6:15:f3:c9:76:1e:1c:10:bd:c8:64:ff:
d9:9d:19:cc:1e:66:cc:1a:76:fb:f1:b6:93:9c:2c:69:c0:12:
f3:ac:ce:ee:34:c5:2b:15:ba:32:cf:08:8b:70:5a:8c:94:bd:
c5:67:9a:72:ef:cb:fd:49:9f:ca:cf:22:96:3f:3e:f3:0a:da:
c1:5a:12:7a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAaK5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzA1MTczMzA1WhcNMjYwNDIyMTczMzA1WjAYMRYw
FAYDVQQDEw02OWE5YmU1Ni0zYzhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw8mkJnjQwYWS4PaMIPP7Ast4pN23pRnronVOnUfcwRt8j8ee9t8qKyoq
kAnsrDb0IAnI9OkXWFXQKThJMT6OMGl+TsS6i1nk2mpseeM96SQqXAR5LVggJUNP
jCi5+tOqrAx1YMZA0tyeaE0Oh/DiHxNocbnYz9qmAoMlg5wvQOmsEAi+qP+9Yc0+
w/46WVRvHQ4FsmYv2uVrla/9vcpeF6uv934FxRLl3roYSN3EfnMVfp3WjMTAhJfE
0DuA1rLSi+0Mf2xjyl+rFkl9gr6YNZnWeTuqF5Qpi9kCZ0rrjcqPoh4RROztITJO
XdMYG+BeuuV2ty0kObgXlxI0ZSYaEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOs1
jy9vobbuVGF4+RBlJmCtoQCvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MEUzMTU2NDE4QjkxMUYxQjM4NDRERjZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLc0YMA0GCSqGSIb3DQEBCwUA
A4IBAQBAUn5wY+vdJWCj1YDEUVX9FXuug18qZ95K6ihXff4odMis/SPzfjtm9N9c
GkdvWDer87V8+YtSoFyzpSeMfeehDbm3V7KLdZ83NX679wOb2P+ABAT98LtMYljL
5cOk2WOyfgr+bi5l5UhQ4y5LDI/WcSF9yG1fXJrYxADHsdoXO/3tlAUsXiEtcZPG
KdZ1xWNqt7XpdF/QYpentadImvOUUJ8+xLKvhVJi3xyue0FIw+ubIXS9wiTB76Sm
FfPJdh4cEL3IZP/ZnRnMHmbMGnb78baTnCxpwBLzrM7uNMUrFboyzwiLcFqMlL3F
Z5py78v9SZ/KzyKWPz7zCtrBWhJ6
-----END CERTIFICATE-----
Generated at Sat Mar 21 12:01:55 2026 by rpki-client