Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/986B87F6546D11F18317FCBACE1D38B0.roa
File: 986B87F6546D11F18317FCBACE1D38B0.roa (raw, json)
Hash identifier: l8tG909DZxKRTyr/FIFuiGwsdZy/MMJJLnwuMCnjyRY=
Subject key identifier: D4:96:D3:4F:44:57:37:20:40:2B:64:4A:0D:4E:6D:40:7D:DD:25:70
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B674
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/986B87F6546D11F18317FCBACE1D38B0.roa
Signing time: Wed 20 May 2026 17:01:51 +0000
ROA not before: Wed 20 May 2026 17:01:47 +0000
ROA not after: Sat 20 Jun 2026 17:01:47 +0000
asID: 5483
IP address blocks: 45.195.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112244 (0x1b674)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 20 17:01:47 2026 GMT
Not After : Jun 20 17:01:47 2026 GMT
Subject: CN=6a0de8ff-47bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f2:b1:bb:69:20:32:91:05:db:93:77:81:df:
12:3f:a8:2d:35:0c:7e:05:4a:97:47:5e:07:ae:dc:
4e:c6:30:e3:f3:bc:37:0e:4b:0a:2e:ee:48:6f:31:
3a:11:96:8a:2e:39:28:76:07:9b:46:a9:3d:4d:75:
ec:34:03:ee:64:28:37:25:e8:78:fa:b8:c5:ba:85:
b6:ff:77:67:4a:ac:b6:57:70:2b:0f:74:35:60:ad:
72:db:fc:8b:9c:cd:d1:e9:5a:2f:db:24:b2:e4:e1:
b9:22:f7:1b:cd:f3:b8:57:63:5d:23:5f:58:80:93:
d5:2a:fd:b9:15:92:5c:35:61:9a:bc:c2:58:02:f2:
a1:4b:d2:9a:39:61:87:ce:ae:96:28:08:47:ef:53:
ba:19:99:5d:6b:3f:a4:24:4e:f7:22:64:be:9e:73:
1d:1e:7a:0d:1b:53:6d:01:cd:bd:f5:54:e9:43:2c:
e4:11:ee:46:bd:ee:20:cb:70:6d:d6:71:7e:57:50:
ce:20:b3:dc:28:c1:81:21:e8:0f:36:39:a6:33:2e:
23:21:6d:7e:da:70:dd:ba:ed:8e:b5:d6:b8:99:63:
96:36:8b:b2:e2:5d:5f:a5:fe:06:e7:38:e3:76:4b:
98:b4:2f:f2:0a:66:36:43:3f:8c:39:b2:2e:0c:aa:
d3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:96:D3:4F:44:57:37:20:40:2B:64:4A:0D:4E:6D:40:7D:DD:25:70
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/986B87F6546D11F18317FCBACE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.111.0/24
Signature Algorithm: sha256WithRSAEncryption
96:99:ba:e3:de:58:96:44:a0:74:50:e8:0f:fc:ed:03:7a:94:
c3:e4:a4:df:00:bd:e1:cd:b3:78:1e:15:2f:fd:cb:0c:5f:f6:
b9:70:a3:f1:2f:ad:34:42:7f:64:26:46:9d:a6:f6:a6:42:b9:
d5:8a:a9:7a:96:2d:7d:e9:00:cb:ed:3a:8b:62:fc:68:ca:79:
a5:bf:7c:2c:53:0a:8f:7b:8a:89:96:65:0e:1e:8b:cc:c1:c4:
12:60:52:0f:88:04:31:b7:f9:b2:48:44:4c:86:d4:29:dc:54:
3a:cb:ee:6d:00:50:7f:14:7b:dc:f3:42:4d:0b:be:ad:a6:1c:
cb:14:58:d8:c9:19:a2:b4:24:bd:48:53:1e:67:dd:87:0a:ca:
66:51:21:61:1d:57:72:55:67:b9:07:02:19:84:88:3d:ad:79:
0b:a8:31:7a:a1:e7:f4:0a:b4:de:bf:13:9e:9a:70:e7:37:3e:
05:55:62:f2:44:03:91:c5:d9:4c:4e:3e:e6:3f:d5:85:7f:cf:
e0:55:5a:85:ff:dd:ee:bc:5a:4e:9b:92:91:bd:92:fc:4b:d9:
1a:d3:5c:20:ee:ca:30:f0:1e:c3:78:fd:b7:ca:8c:13:21:67:
8f:39:d7:04:32:f4:96:24:97:fb:13:ab:6e:62:20:7d:86:b6:
f5:a9:1a:31
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAbZ0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTIwMTcwMTQ3WhcNMjYwNjIwMTcwMTQ3WjAYMRYw
FAYDVQQDEw02YTBkZThmZi00N2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1vKxu2kgMpEF25N3gd8SP6gtNQx+BUqXR14HrtxOxjDj87w3DksKLu5I
bzE6EZaKLjkodgebRqk9TXXsNAPuZCg3Jeh4+rjFuoW2/3dnSqy2V3ArD3Q1YK1y
2/yLnM3R6Vov2ySy5OG5IvcbzfO4V2NdI19YgJPVKv25FZJcNWGavMJYAvKhS9Ka
OWGHzq6WKAhH71O6GZldaz+kJE73ImS+nnMdHnoNG1NtAc299VTpQyzkEe5Gve4g
y3Bt1nF+V1DOILPcKMGBIegPNjmmMy4jIW1+2nDduu2Otda4mWOWNouy4l1fpf4G
5zjjdkuYtC/yCmY2Qz+MObIuDKrT6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNSW
009EVzcgQCtkSg1ObUB93SVwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85ODZCODdGNjU0NkQxMUYxODMxN0ZDQkFDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcNvMA0GCSqGSIb3DQEBCwUA
A4IBAQCWmbrj3liWRKB0UOgP/O0DepTD5KTfAL3hzbN4HhUv/csMX/a5cKPxL600
Qn9kJkadpvamQrnViql6li196QDL7TqLYvxoynmlv3wsUwqPe4qJlmUOHovMwcQS
YFIPiAQxt/mySERMhtQp3FQ6y+5tAFB/FHvc80JNC76tphzLFFjYyRmitCS9SFMe
Z92HCspmUSFhHVdyVWe5BwIZhIg9rXkLqDF6oef0CrTevxOemnDnNz4FVWLyRAOR
xdlMTj7mP9WFf8/gVVqF/93uvFpOm5KRvZL8S9ka01wg7sow8B7DeP23yowTIWeP
OdcEMvSWJJf7E6tuYiB9hrb1qRox
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:14:05 2026 by rpki-client