Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8646DC0E536111F1A2535CE3CE1D38B0.roa
File: 8646DC0E536111F1A2535CE3CE1D38B0.roa (raw, json)
Hash identifier: hLwNy397Q0JjSM+G/QudBt3GVFF5SbzNhMELVyp+9IQ=
Subject key identifier: 53:29:36:A1:65:F7:47:02:A9:58:67:A6:B8:E6:71:BE:44:55:D1:CB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B5C9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8646DC0E536111F1A2535CE3CE1D38B0.roa
Signing time: Tue 19 May 2026 09:02:56 +0000
ROA not before: Tue 19 May 2026 09:02:51 +0000
ROA not after: Wed 19 Aug 2026 09:02:51 +0000
asID: 139923
IP address blocks: 45.195.112.0/21 maxlen: 24
45.195.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112073 (0x1b5c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 19 09:02:51 2026 GMT
Not After : Aug 19 09:02:51 2026 GMT
Subject: CN=6a0c2740-260e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8a:e9:04:30:f2:e4:4b:ef:85:2a:82:08:30:
c1:28:5f:c8:54:7c:1b:a1:d7:0d:c9:13:bb:bf:08:
0a:d2:f1:b3:98:c7:16:9d:95:d5:90:b5:8c:08:12:
c5:a8:c0:19:2d:bb:50:3d:2f:90:5b:60:cf:c3:df:
17:25:54:d3:b4:97:63:3b:0e:44:4d:35:53:3b:0d:
77:47:71:27:42:64:43:f8:f4:e4:13:df:95:bd:e5:
1f:6b:1d:ee:b4:f2:7a:b7:ae:69:ce:9d:fc:a7:3b:
c8:cc:6d:2b:8b:b2:e9:64:08:97:15:79:3e:fb:d6:
93:96:89:9e:ae:66:bf:62:6e:d7:f8:55:29:6f:9c:
b9:1d:d5:04:20:15:96:03:5a:f5:69:75:27:4d:f8:
45:07:b6:9c:44:ff:53:69:cd:8c:b8:59:56:14:26:
b9:ff:57:9c:c2:ba:f3:0b:f7:99:39:10:5d:5c:08:
1f:c5:58:e3:e7:88:f9:5c:bc:79:a8:18:a5:91:72:
c8:55:5d:64:10:51:d9:ff:04:be:bf:39:75:b9:f0:
1c:c0:6a:85:65:d6:6d:1b:98:a5:34:aa:2e:dc:f8:
48:08:3d:32:c3:2d:50:79:e7:1e:f5:cd:6d:31:4c:
b1:8a:f0:e6:58:14:dd:20:bd:6b:69:9d:09:01:1d:
15:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:29:36:A1:65:F7:47:02:A9:58:67:A6:B8:E6:71:BE:44:55:D1:CB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8646DC0E536111F1A2535CE3CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.112.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:22:82:ca:72:9c:6a:54:2c:bd:e2:1e:38:25:68:8d:fa:00:
67:9d:9c:27:15:99:12:bf:9e:09:73:9a:b2:22:c0:94:c4:e0:
dd:ea:34:2b:b6:99:64:1d:82:2b:78:5c:20:37:7c:fa:7a:48:
5f:44:35:22:2b:41:6d:41:66:ce:ad:07:8f:2d:57:83:87:0e:
dc:18:35:40:3a:3d:ee:0f:ca:e5:4d:43:47:25:9c:3f:49:cb:
c6:28:e3:85:ad:33:cd:25:0a:bc:13:ea:ad:ef:54:fd:86:ee:
6b:3e:5c:18:8d:e7:06:3d:ef:bc:a0:fc:b8:8d:bc:58:01:ed:
ac:bb:d1:de:ce:eb:8c:1c:6b:23:09:01:9c:30:cd:6b:2f:19:
6a:d7:8d:25:8b:e2:05:9c:fd:d1:70:eb:ca:cb:90:a2:70:3e:
50:a8:9b:7b:35:ea:dd:5c:14:34:08:63:c2:4f:10:14:d3:99:
8c:a2:cb:90:73:eb:1d:3d:bf:b8:a4:aa:e3:d9:4f:58:f3:c2:
da:2b:83:d1:cc:bc:a1:87:2b:de:89:22:f4:cb:ad:37:4b:d4:
85:e0:29:bb:5d:a7:c1:1c:37:3c:c1:51:c8:0d:23:59:64:77:
77:bd:34:f7:72:6a:51:d9:63:dc:e2:a1:36:fa:a7:cc:9a:ff:
f3:ad:7a:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbXJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTE5MDkwMjUxWhcNMjYwODE5MDkwMjUxWjAYMRYw
FAYDVQQDEw02YTBjMjc0MC0yNjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx4rpBDDy5EvvhSqCCDDBKF/IVHwbodcNyRO7vwgK0vGzmMcWnZXVkLWM
CBLFqMAZLbtQPS+QW2DPw98XJVTTtJdjOw5ETTVTOw13R3EnQmRD+PTkE9+VveUf
ax3utPJ6t65pzp38pzvIzG0ri7LpZAiXFXk++9aTlomerma/Ym7X+FUpb5y5HdUE
IBWWA1r1aXUnTfhFB7acRP9Tac2MuFlWFCa5/1ecwrrzC/eZORBdXAgfxVjj54j5
XLx5qBilkXLIVV1kEFHZ/wS+vzl1ufAcwGqFZdZtG5ilNKou3PhICD0ywy1Qeece
9c1tMUyxivDmWBTdIL1raZ0JAR0VDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFMp
NqFl90cCqVhnprjmcb5EVdHLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NjQ2REMwRTUzNjExMUYxQTI1MzVDRTNDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcNwMA0GCSqGSIb3DQEBCwUA
A4IBAQCKIoLKcpxqVCy94h44JWiN+gBnnZwnFZkSv54Jc5qyIsCUxODd6jQrtplk
HYIreFwgN3z6ekhfRDUiK0FtQWbOrQePLVeDhw7cGDVAOj3uD8rlTUNHJZw/ScvG
KOOFrTPNJQq8E+qt71T9hu5rPlwYjecGPe+8oPy4jbxYAe2su9HezuuMHGsjCQGc
MM1rLxlq140li+IFnP3RcOvKy5CicD5QqJt7NerdXBQ0CGPCTxAU05mMosuQc+sd
Pb+4pKrj2U9Y88LaK4PRzLyhhyveiSL0y603S9SF4Cm7XafBHDc8wVHIDSNZZHd3
vTT3cmpR2WPc4qE2+qfMmv/zrXrc
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:07 2026 by rpki-client