Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/654A7AB4555111F181358DACCE1D38B0.roa
File: 654A7AB4555111F181358DACCE1D38B0.roa (raw, json)
Hash identifier: +F6RzO+vc7puEx7Y+/O0rN7ioUyVVj7h21oIJ7MCClo=
Subject key identifier: 7A:C3:49:AD:9D:F9:0D:5E:92:6E:CB:4A:F2:36:8D:F0:B7:D4:19:B9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B7B3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/654A7AB4555111F181358DACCE1D38B0.roa
Signing time: Thu 21 May 2026 20:12:31 +0000
ROA not before: Thu 21 May 2026 20:12:26 +0000
ROA not after: Sat 27 Jun 2026 20:12:26 +0000
asID: 11427
IP address blocks: 45.198.188.0/22 maxlen: 24
45.203.240.0/22 maxlen: 24
45.203.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112563 (0x1b7b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 21 20:12:26 2026 GMT
Not After : Jun 27 20:12:26 2026 GMT
Subject: CN=6a0f672f-6ebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f0:b0:01:58:90:de:ed:08:83:40:6a:ea:60:
04:fa:3b:c5:55:17:72:e0:bd:85:50:cb:88:ad:d2:
86:5c:bd:87:85:d1:d3:d2:57:ac:66:78:e7:94:dc:
b2:c3:91:9b:3f:48:f4:5b:05:bc:77:88:6e:74:a6:
d3:62:05:cc:ad:1e:e9:4d:b1:27:75:b8:b5:5f:6b:
a7:3a:4e:bb:1e:91:f0:d1:23:fa:1a:24:cb:41:18:
3f:d8:ef:ca:7a:aa:3a:7f:27:b3:ef:a2:80:10:c5:
c2:1d:5b:58:0c:7f:a8:a9:09:60:25:1a:69:95:df:
41:fb:8e:be:cf:b4:c2:e5:bf:db:40:e9:d3:fb:9f:
5a:f8:de:ba:f8:6c:1a:31:39:8a:93:79:57:9e:88:
0a:40:14:42:cb:8f:db:c5:04:7b:85:d6:b7:b4:91:
27:8a:85:5b:9d:b0:81:bb:19:e7:5f:5d:69:ca:44:
d5:04:b3:b9:ae:fc:fb:dd:42:df:43:bc:1c:c3:92:
a1:09:d4:4e:d6:d9:79:19:56:39:2d:e0:dc:e0:19:
93:c5:0a:d4:65:0a:60:97:52:4f:32:f7:b2:fc:f5:
4b:47:44:f1:e3:1b:17:7d:f6:e5:dd:2f:85:fb:07:
50:74:d0:b2:da:4e:3d:22:fa:aa:a2:e1:4a:94:0b:
65:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C3:49:AD:9D:F9:0D:5E:92:6E:CB:4A:F2:36:8D:F0:B7:D4:19:B9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/654A7AB4555111F181358DACCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.188.0/22
45.203.240.0/22
45.203.252.0/22
Signature Algorithm: sha256WithRSAEncryption
81:37:e0:7a:a2:9a:fc:cf:56:65:76:85:e9:ef:9d:2c:08:53:
2e:3f:b6:59:37:23:0f:a5:d1:13:ec:88:15:b0:85:74:01:b4:
6d:de:fa:fb:cf:bc:c5:df:21:9e:04:b5:1f:7d:96:b2:78:70:
75:74:cf:00:bb:66:a5:b0:8e:9b:2c:89:5f:0b:6e:7b:e9:bd:
fc:4e:fe:e4:60:b9:78:c0:3d:37:72:56:23:4b:d6:a4:86:01:
08:4e:98:b3:5c:3c:09:3e:09:09:73:67:3f:c4:e1:f1:d5:ca:
d7:75:e4:f7:70:5f:d5:95:93:71:a3:ce:8b:31:ec:f1:f6:e9:
7d:02:42:d1:39:91:a1:a0:24:31:e9:37:fe:88:17:2d:6e:ae:
01:6d:29:5c:65:31:fb:5c:46:c4:1d:be:76:1c:05:db:f1:bf:
8b:74:ba:df:2a:15:a0:21:2b:6f:cf:5a:95:3c:90:6d:8a:14:
71:5e:02:3e:a2:92:8f:42:3f:d6:c8:4a:5f:44:32:e9:dc:c3:
fb:b6:27:80:77:75:74:06:45:16:92:b4:b0:32:a5:cb:2b:61:
db:4d:2f:d7:3c:c3:ff:44:4a:b8:01:a6:c8:01:8d:08:98:e0:
12:b9:03:9b:82:14:a0:45:70:4e:cf:b0:6e:68:31:69:cb:2d:
2e:35:c7:ef
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAbezMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTIxMjAxMjI2WhcNMjYwNjI3MjAxMjI2WjAYMRYw
FAYDVQQDEw02YTBmNjcyZi02ZWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2fCwAViQ3u0Ig0Bq6mAE+jvFVRdy4L2FUMuIrdKGXL2HhdHT0lesZnjn
lNyyw5GbP0j0WwW8d4hudKbTYgXMrR7pTbEndbi1X2unOk67HpHw0SP6GiTLQRg/
2O/Keqo6fyez76KAEMXCHVtYDH+oqQlgJRppld9B+46+z7TC5b/bQOnT+59a+N66
+GwaMTmKk3lXnogKQBRCy4/bxQR7hda3tJEnioVbnbCBuxnnX11pykTVBLO5rvz7
3ULfQ7wcw5KhCdRO1tl5GVY5LeDc4BmTxQrUZQpgl1JPMvey/PVLR0Tx4xsXffbl
3S+F+wdQdNCy2k49IvqqouFKlAtlZwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFHrD
Sa2d+Q1ekm7LSvI2jfC31Bm5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NTRBN0FCNDU1NTExMUYxODEzNThEQUNDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLca8AwQCLcvwAwQCLcv8MA0G
CSqGSIb3DQEBCwUAA4IBAQCBN+B6opr8z1ZldoXp750sCFMuP7ZZNyMPpdET7IgV
sIV0AbRt3vr7z7zF3yGeBLUffZayeHB1dM8Au2alsI6bLIlfC2576b38Tv7kYLl4
wD03clYjS9akhgEITpizXDwJPgkJc2c/xOHx1crXdeT3cF/VlZNxo86LMezx9ul9
AkLROZGhoCQx6Tf+iBctbq4BbSlcZTH7XEbEHb52HAXb8b+LdLrfKhWgIStvz1qV
PJBtihRxXgI+opKPQj/WyEpfRDLp3MP7tieAd3V0BkUWkrSwMqXLK2HbTS/XPMP/
REq4AabIAY0ImOASuQObghSgRXBOz7BuaDFpyy0uNcfv
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:28:51 2026 by rpki-client