Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85B3BAD02F3211F18B4193C0DAE4EC9C.roa
File: 85B3BAD02F3211F18B4193C0DAE4EC9C.roa (raw, json)
Hash identifier: WV/NIMXu7O3xBu3u3cSTl0pI7/z1aEEiyBYbvZ+zNN0=
Subject key identifier: 9A:8C:8B:4C:87:AE:5B:83:32:A6:4B:0C:DC:F6:BE:BB:F1:4D:FF:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A99A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85B3BAD02F3211F18B4193C0DAE4EC9C.roa
Signing time: Fri 03 Apr 2026 07:55:47 +0000
ROA not before: Fri 03 Apr 2026 07:55:41 +0000
ROA not after: Wed 13 May 2026 07:55:41 +0000
asID: 272854
IP address blocks: 45.195.12.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108954 (0x1a99a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 3 07:55:41 2026 GMT
Not After : May 13 07:55:41 2026 GMT
Subject: CN=69cf7282-d729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ea:fb:55:b3:07:60:8c:05:c4:d1:d4:39:9b:
90:8d:b0:5e:8d:7a:e3:39:44:24:c0:54:2e:83:56:
98:c5:0f:85:17:cb:62:c4:4e:af:0b:60:90:aa:8c:
8c:91:f6:5f:5f:14:fd:a2:0d:d6:1a:33:19:0e:f5:
8e:6c:2f:c4:42:f6:18:51:b9:1e:c4:24:d4:81:d4:
87:01:20:80:bd:ef:62:b2:23:4f:ce:51:c2:23:be:
1c:0e:25:75:5a:ce:5b:7d:1e:18:e0:71:b1:26:b4:
cd:18:93:42:2d:aa:a8:8f:44:bd:32:f0:ec:d6:e5:
2f:83:1a:ed:f2:c8:1b:57:c7:88:1c:ac:98:d4:04:
9f:d3:29:9a:7c:57:f7:4e:dd:2c:f7:db:ee:a8:fa:
ca:8c:8d:98:45:5e:98:78:32:1c:e7:d9:c3:a5:ba:
8d:15:ed:38:c6:5e:ca:89:73:53:3d:42:6d:0b:c9:
d5:35:b1:18:37:dd:93:b1:52:6e:34:0e:ab:24:da:
a6:55:eb:d6:f3:a5:78:f7:e2:2a:9e:86:18:3b:d6:
d5:65:76:d6:75:51:69:f5:97:70:ff:af:74:84:51:
87:b8:f3:6f:32:51:b0:54:8b:e0:70:e5:b2:3e:ed:
ec:6c:78:57:ce:34:46:f1:be:3c:2c:0a:9f:ec:01:
1b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8C:8B:4C:87:AE:5B:83:32:A6:4B:0C:DC:F6:BE:BB:F1:4D:FF:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85B3BAD02F3211F18B4193C0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.12.0/23
Signature Algorithm: sha256WithRSAEncryption
11:58:b2:13:63:cd:15:f4:e5:50:bc:c8:f5:85:7c:37:6d:3a:
f9:bf:90:a8:a3:35:b1:73:62:29:10:2f:84:15:cb:d2:85:4b:
2f:09:60:5d:fc:b1:fb:db:9f:4d:8a:f9:43:2b:3d:9d:5c:34:
34:fd:95:2b:62:1c:fa:23:26:8e:7a:d6:90:ef:90:db:89:68:
d6:36:7a:f5:bf:22:03:2e:45:ed:70:fe:88:72:64:c2:8e:6a:
de:26:36:6e:77:c9:27:fa:0a:de:d3:7c:50:f3:6f:11:82:fa:
70:1c:52:dc:cc:a5:d9:ae:b3:c6:5d:3d:12:61:5d:42:23:e3:
d6:72:01:76:87:af:73:36:17:87:8d:13:8d:a9:70:a7:d5:1a:
87:58:e3:d3:36:50:53:83:16:73:27:d0:e0:8b:a9:9b:ad:4d:
d0:50:76:c6:2e:6d:7b:2c:71:00:e2:58:8f:35:e7:a5:04:60:
27:97:2b:a6:75:d6:77:47:6d:7f:e6:03:51:75:4b:6b:b2:5d:
0e:c8:ac:35:d5:b5:a9:1e:32:42:2a:1b:e1:b7:50:1f:81:ab:
92:2e:51:22:0e:29:26:0d:a1:98:ef:db:36:80:71:b4:db:f2:
66:c2:b7:58:7e:07:52:5a:2b:b9:cb:60:2a:4c:47:c8:91:b8:
70:30:44:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAamaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDAzMDc1NTQxWhcNMjYwNTEzMDc1NTQxWjAYMRYw
FAYDVQQDEw02OWNmNzI4Mi1kNzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu+r7VbMHYIwFxNHUOZuQjbBejXrjOUQkwFQug1aYxQ+FF8tixE6vC2CQ
qoyMkfZfXxT9og3WGjMZDvWObC/EQvYYUbkexCTUgdSHASCAve9isiNPzlHCI74c
DiV1Ws5bfR4Y4HGxJrTNGJNCLaqoj0S9MvDs1uUvgxrt8sgbV8eIHKyY1ASf0yma
fFf3Tt0s99vuqPrKjI2YRV6YeDIc59nDpbqNFe04xl7KiXNTPUJtC8nVNbEYN92T
sVJuNA6rJNqmVevW86V49+IqnoYYO9bVZXbWdVFp9Zdw/690hFGHuPNvMlGwVIvg
cOWyPu3sbHhXzjRG8b48LAqf7AEbSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJqM
i0yHrluDMqZLDNz2vrvxTf8ZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NUIzQkFEMDJGMzIxMUYxOEI0MTkzQzBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcMMMA0GCSqGSIb3DQEBCwUA
A4IBAQARWLITY80V9OVQvMj1hXw3bTr5v5CoozWxc2IpEC+EFcvShUsvCWBd/LH7
259NivlDKz2dXDQ0/ZUrYhz6IyaOetaQ75DbiWjWNnr1vyIDLkXtcP6IcmTCjmre
JjZud8kn+gre03xQ828RgvpwHFLczKXZrrPGXT0SYV1CI+PWcgF2h69zNheHjRON
qXCn1RqHWOPTNlBTgxZzJ9Dgi6mbrU3QUHbGLm17LHEA4liPNeelBGAnlyumddZ3
R21/5gNRdUtrsl0OyKw11bWpHjJCKhvht1AfgauSLlEiDikmDaGY79s2gHG02/Jm
wrdYfgdSWiu5y2AqTEfIkbhwMES6
-----END CERTIFICATE-----
Generated at Sat Apr 18 14:28:32 2026 by rpki-client