Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F932702214E11F180ABB07BDAE4EC9C.roa
File: 9F932702214E11F180ABB07BDAE4EC9C.roa (raw, json)
Hash identifier: 0/qoAyOcXOmhaPQCVUAxx/yLV/1BTYhRpTFw9ZVHCN0=
Subject key identifier: 08:59:9B:71:7A:73:79:8B:A1:9E:4F:E8:10:4B:4D:57:BD:56:A4:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A59D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F932702214E11F180ABB07BDAE4EC9C.roa
Signing time: Mon 16 Mar 2026 15:41:40 +0000
ROA not before: Mon 16 Mar 2026 15:40:24 +0000
ROA not after: Wed 07 Jul 2027 15:40:24 +0000
asID: 328608
IP address blocks: 45.197.160.0/21 maxlen: 24
45.198.234.0/23 maxlen: 24
45.198.236.0/23 maxlen: 24
45.202.48.0/21 maxlen: 24
45.202.56.0/22 maxlen: 24
45.202.60.0/23 maxlen: 24
45.202.62.0/24 maxlen: 24
45.206.4.0/24 maxlen: 24
45.206.6.0/23 maxlen: 24
45.206.8.0/23 maxlen: 24
45.206.12.0/22 maxlen: 24
45.206.17.0/24 maxlen: 24
45.206.18.0/23 maxlen: 24
45.206.24.0/21 maxlen: 24
45.206.28.0/22 maxlen: 24
45.206.32.0/21 maxlen: 24
45.206.36.0/22 maxlen: 24
45.206.40.0/22 maxlen: 24
156.227.204.0/22 maxlen: 24
156.227.208.0/21 maxlen: 24
156.229.66.0/23 maxlen: 24
156.229.68.0/22 maxlen: 24
156.229.72.0/21 maxlen: 24
156.229.96.0/20 maxlen: 24
156.229.112.0/22 maxlen: 24
156.229.172.0/23 maxlen: 24
156.229.174.0/24 maxlen: 24
156.238.183.0/24 maxlen: 24
156.242.26.0/23 maxlen: 24
156.242.69.0/24 maxlen: 24
156.242.70.0/23 maxlen: 24
156.242.72.0/21 maxlen: 24
156.242.81.0/24 maxlen: 24
156.243.134.0/23 maxlen: 24
156.243.138.0/24 maxlen: 24
156.243.145.0/24 maxlen: 24
156.243.146.0/23 maxlen: 24
156.244.204.0/22 maxlen: 24
156.244.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 20 Mar 2026 00:26:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107933 (0x1a59d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 16 15:40:24 2026 GMT
Not After : Jul 7 15:40:24 2027 GMT
Subject: CN=69b824b4-f37f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:14:19:63:0c:20:42:4a:a8:b9:18:35:a6:10:
34:56:e9:f4:e0:56:36:3b:81:b8:98:a4:de:6f:13:
ba:2e:fc:3b:34:67:3d:17:87:60:f0:bf:2d:fc:af:
f2:ff:f3:c1:1b:1c:38:0f:dc:df:86:94:f9:5e:32:
fd:9d:ba:ad:e9:ae:d1:f0:82:86:89:57:3a:ba:14:
59:37:0f:b8:b7:33:85:94:21:90:31:9c:79:58:a2:
12:5f:63:3b:ba:07:96:8d:0d:9c:48:4c:d0:55:51:
ff:e0:69:1c:4e:21:bc:dd:85:88:21:34:c9:93:99:
2a:5b:ae:22:92:7c:f5:2f:ea:5b:d6:bc:d3:d1:94:
4a:f1:01:ee:0c:55:a2:e2:2f:9f:ba:94:9d:9f:0d:
d5:b3:1b:5a:f2:9a:c5:5a:64:ea:0f:c2:b4:27:93:
f4:b0:ef:44:ed:0c:37:72:8c:86:dc:e2:44:10:9d:
be:9a:e5:4f:c3:db:20:8e:67:f0:b4:c0:e8:43:3a:
b8:76:de:32:ae:7d:f0:85:a0:2d:12:17:f2:fa:6d:
b6:ae:61:33:38:ef:86:43:e2:99:51:c2:13:49:89:
22:62:ff:39:77:51:d9:99:54:fa:ad:8c:f9:00:04:
4c:84:43:9a:47:00:e5:0c:ee:a7:12:7c:cc:f2:93:
b9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:59:9B:71:7A:73:79:8B:A1:9E:4F:E8:10:4B:4D:57:BD:56:A4:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F932702214E11F180ABB07BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.160.0/21
45.198.234.0-45.198.237.255
45.202.48.0-45.202.62.255
45.206.4.0/24
45.206.6.0-45.206.9.255
45.206.12.0/22
45.206.17.0-45.206.19.255
45.206.24.0-45.206.43.255
156.227.204.0-156.227.215.255
156.229.66.0-156.229.79.255
156.229.96.0-156.229.115.255
156.229.172.0-156.229.174.255
156.238.183.0/24
156.242.26.0/23
156.242.69.0-156.242.79.255
156.242.81.0/24
156.243.134.0/23
156.243.138.0/24
156.243.145.0-156.243.147.255
156.244.204.0-156.244.208.255
Signature Algorithm: sha256WithRSAEncryption
81:29:74:d5:b8:e7:d9:55:5b:92:d7:da:22:2b:36:79:b4:16:
f8:b0:6a:b2:a2:1a:fa:3c:ef:1f:13:df:bd:e5:8a:b7:d0:58:
e4:d9:f6:44:5c:19:b7:b9:7a:c3:8f:78:56:a2:73:8b:12:fc:
87:96:7c:95:e6:24:32:b1:1a:85:4e:13:7e:b7:28:82:1d:12:
fb:08:71:61:34:85:3f:c6:82:c3:73:3d:09:28:95:8b:05:47:
33:3b:32:d7:38:0e:a6:02:bd:b7:a2:88:de:c6:75:20:b4:ca:
f0:f5:ab:b5:19:48:b9:87:fc:6f:17:df:78:62:bf:26:0e:f3:
7e:ec:d2:32:b3:fa:09:89:6d:35:b5:c7:30:3b:a6:5c:d9:60:
1c:b2:43:e4:47:52:28:55:6f:0a:28:c2:32:be:7d:f3:34:1e:
b2:f0:c1:d9:f6:a2:cb:eb:fa:05:ff:36:fb:d8:72:b1:fe:94:
c7:ba:b9:3a:2d:6f:e8:41:53:db:5f:e2:a6:28:34:38:04:d4:
da:40:69:eb:2d:f4:5e:2c:e5:df:8f:3a:d4:07:c4:7b:d9:e5:
d7:92:ce:3d:1c:2f:bf:50:05:94:0b:2e:76:b4:df:e0:2a:99:
97:dd:22:58:66:10:69:56:2d:6d:3a:fe:e9:a0:c0:3b:c3:a9:
db:6a:03:74
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgIDAaWdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwMzE2MTU0MDI0WhcNMjcwNzA3MTU0MDI0WjAYMRYw
FAYDVQQDEw02OWI4MjRiNC1mMzdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnxQZYwwgQkqouRg1phA0Vun04FY2O4G4mKTebxO6Lvw7NGc9F4dg8L8t
/K/y//PBGxw4D9zfhpT5XjL9nbqt6a7R8IKGiVc6uhRZNw+4tzOFlCGQMZx5WKIS
X2M7ugeWjQ2cSEzQVVH/4GkcTiG83YWIITTJk5kqW64iknz1L+pb1rzT0ZRK8QHu
DFWi4i+fupSdnw3Vsxta8prFWmTqD8K0J5P0sO9E7Qw3coyG3OJEEJ2+muVPw9sg
jmfwtMDoQzq4dt4yrn3whaAtEhfy+m22rmEzOO+GQ+KZUcITSYkiYv85d1HZmVT6
rYz5AARMhEOaRwDlDO6nEnzM8pO5lwIDAQABo4IDeTCCA3UwHQYDVR0OBBYEFAhZ
m3F6c3mLoZ5P6BBLTVe9VqS8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RjkzMjcwMjIxNEUxMUYxODBBQkIwN0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgDBAMtxaAwDAMEAS3G6gME
AS3G7DAMAwQELcowAwQALco+AwQALc4EMAwDBAEtzgYDBAEtzggDBAItzgwwDAME
AC3OEQMEAi3OEDAMAwQDLc4YAwQCLc4oMAwDBAKc48wDBAOc49AwDAMEAZzlQgME
BJzlQDAMAwQFnOVgAwQCnOVwMAwDBAKc5awDBACc5a4DBACc7rcDBAGc8howDAME
AJzyRQMEBJzyQAMEAJzyUQMEAZzzhgMEAJzzijAMAwQAnPORAwQCnPOQMAwDBAKc
9MwDBACc9NAwDQYJKoZIhvcNAQELBQADggEBAIEpdNW459lVW5LX2iIrNnm0Fviw
arKiGvo87x8T373lirfQWOTZ9kRcGbe5esOPeFaic4sS/IeWfJXmJDKxGoVOE363
KIIdEvsIcWE0hT/GgsNzPQkolYsFRzM7Mtc4DqYCvbeiiN7GdSC0yvD1q7UZSLmH
/G8X33hivyYO837s0jKz+gmJbTW1xzA7plzZYByyQ+RHUihVbwoowjK+ffM0HrLw
wdn2osvr+gX/NvvYcrH+lMe6uTotb+hBU9tf4qYoNDgE1NpAaest9F4s5d+POtQH
xHvZ5deSzj0cL79QBZQLLna03+AqmZfdIlhmEGlWLW06/umgwDvDqdtqA3Q=
-----END CERTIFICATE-----
Generated at Wed Mar 18 06:59:52 2026 by rpki-client