Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/905FD696583E11F1B63C0B09CF1D38B0.roa
File: 905FD696583E11F1B63C0B09CF1D38B0.roa (raw, json)
Hash identifier: HPDMxfcCv0C/KEm8a/rYt9h2F82HTIMRI33SIKhSSKs=
Subject key identifier: 4D:B5:20:0D:18:EE:81:15:79:BB:2E:4A:1F:81:B2:1F:7A:24:F2:3D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B9A2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/905FD696583E11F1B63C0B09CF1D38B0.roa
Signing time: Mon 25 May 2026 13:35:16 +0000
ROA not before: Mon 25 May 2026 13:35:11 +0000
ROA not after: Wed 19 Aug 2026 13:35:11 +0000
asID: 139923
IP address blocks: 45.195.112.0/21 maxlen: 24
45.195.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113058 (0x1b9a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 25 13:35:11 2026 GMT
Not After : Aug 19 13:35:11 2026 GMT
Subject: CN=6a145014-ae0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:34:fe:bf:c3:2d:4e:c8:34:4b:2e:21:99:99:
bd:17:91:46:40:93:41:7e:9c:ca:51:52:a6:de:8d:
20:d8:3e:0c:4c:a0:a8:9d:b1:75:48:4c:c5:2d:56:
e4:cd:e3:72:15:59:0d:4f:6b:bf:07:30:e5:0e:24:
07:a3:3f:33:cc:05:ec:d1:60:d2:ce:a7:04:71:44:
53:74:17:85:6e:03:8b:70:bf:0c:b8:20:32:d8:f7:
bf:13:76:df:88:d2:23:29:cf:b8:a5:35:74:94:c1:
08:6a:f2:c0:31:db:1b:5d:1f:ae:60:67:67:88:8c:
cf:8c:d4:57:0c:c8:f6:6e:14:66:c0:7f:1a:7d:6f:
ac:64:b3:28:3c:29:48:4e:f7:ea:27:f0:a8:8d:d0:
b1:48:d4:c3:10:e9:00:73:eb:8f:8c:56:a7:60:bf:
24:dc:f3:21:81:5b:75:0f:c0:35:1c:df:f9:c2:08:
9a:f7:a3:12:18:ac:df:d1:c2:35:e0:59:82:5d:ea:
9f:64:cf:cf:86:ee:89:81:53:88:90:9b:32:58:d7:
dc:16:fa:12:f9:dd:61:7f:15:2a:01:78:a6:7b:12:
38:9e:42:97:2d:3d:88:7e:45:b5:75:0e:3c:de:01:
ef:2a:d3:c8:4e:cb:b5:ea:69:17:9e:c4:ea:bb:51:
44:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B5:20:0D:18:EE:81:15:79:BB:2E:4A:1F:81:B2:1F:7A:24:F2:3D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/905FD696583E11F1B63C0B09CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.112.0/20
Signature Algorithm: sha256WithRSAEncryption
6e:60:45:4e:9b:83:ba:1b:9e:22:bf:6c:3d:73:9f:55:e5:3d:
dd:e3:24:a3:cf:bc:87:ec:e7:5f:1a:de:1b:ee:47:35:fd:b3:
69:d4:8b:d4:e2:b1:3a:79:bd:0c:54:89:e5:b8:63:d7:6a:5e:
7a:f2:3b:7c:f7:24:84:41:6f:6b:4f:1a:65:54:6b:2f:05:fe:
1b:97:65:5e:91:06:e3:c6:41:dd:8a:b6:89:8c:ee:c8:4c:ca:
42:43:56:94:6c:eb:e8:c4:5d:e5:e7:48:73:e8:00:e4:1e:c8:
47:c5:bf:1d:84:f4:a9:7d:a8:91:56:a9:e6:4e:71:bd:b3:2d:
fd:ed:e3:a5:3a:f5:8e:93:a3:34:c8:d9:d4:e1:ad:1c:e3:04:
99:33:d2:e6:f5:07:56:d5:22:67:43:4f:c8:a2:75:0b:13:7a:
6f:05:ac:a8:3f:06:33:c0:f5:61:86:ed:76:70:d5:89:59:1e:
6c:d8:e4:4d:02:0e:e8:67:91:e5:d2:f4:f6:3f:37:72:76:80:
3e:e3:61:27:90:34:b8:99:a1:88:5d:35:45:ea:48:60:53:ca:
a9:fb:4f:3e:ba:2a:0a:e5:8f:a5:a0:14:f9:0e:31:d5:b7:48:
90:27:70:dc:43:90:f6:d2:4a:58:51:3f:db:0a:d9:97:66:5c:
af:8a:7d:31
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbmiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTI1MTMzNTExWhcNMjYwODE5MTMzNTExWjAYMRYw
FAYDVQQDEw02YTE0NTAxNC1hZTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsDT+v8MtTsg0Sy4hmZm9F5FGQJNBfpzKUVKm3o0g2D4MTKConbF1SEzF
LVbkzeNyFVkNT2u/BzDlDiQHoz8zzAXs0WDSzqcEcURTdBeFbgOLcL8MuCAy2Pe/
E3bfiNIjKc+4pTV0lMEIavLAMdsbXR+uYGdniIzPjNRXDMj2bhRmwH8afW+sZLMo
PClITvfqJ/CojdCxSNTDEOkAc+uPjFanYL8k3PMhgVt1D8A1HN/5wgia96MSGKzf
0cI14FmCXeqfZM/Phu6JgVOIkJsyWNfcFvoS+d1hfxUqAXimexI4nkKXLT2IfkW1
dQ483gHvKtPITsu16mkXnsTqu1FE/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE21
IA0Y7oEVebsuSh+Bsh96JPI9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MDVGRDY5NjU4M0UxMUYxQjYzQzBCMDlDRjFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcNwMA0GCSqGSIb3DQEBCwUA
A4IBAQBuYEVOm4O6G54iv2w9c59V5T3d4ySjz7yH7OdfGt4b7kc1/bNp1IvU4rE6
eb0MVInluGPXal568jt89ySEQW9rTxplVGsvBf4bl2VekQbjxkHdiraJjO7ITMpC
Q1aUbOvoxF3l50hz6ADkHshHxb8dhPSpfaiRVqnmTnG9sy397eOlOvWOk6M0yNnU
4a0c4wSZM9Lm9QdW1SJnQ0/IonULE3pvBayoPwYzwPVhhu12cNWJWR5s2ORNAg7o
Z5Hl0vT2PzdydoA+42EnkDS4maGIXTVF6khgU8qp+08+uioK5Y+loBT5DjHVt0iQ
J3DcQ5D20kpYUT/bCtmXZlyvin0x
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:06 2026 by rpki-client