Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAD89E04553C11F196714AB1CE1D38B0.roa
File: AAD89E04553C11F196714AB1CE1D38B0.roa (raw, json)
Hash identifier: EdZnrl1Py64yOQqigHgdeqNEjXJs6kRWeEPC2/Pircg=
Subject key identifier: 79:D5:73:83:BB:B9:21:39:DE:A4:02:14:40:CC:31:C3:5C:C4:73:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01B783
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAD89E04553C11F196714AB1CE1D38B0.roa
Signing time: Thu 21 May 2026 17:44:08 +0000
ROA not before: Thu 21 May 2026 17:44:03 +0000
ROA not after: Fri 10 Jul 2026 17:44:03 +0000
asID: 63023
IP address blocks: 45.195.137.0/24 maxlen: 24
45.196.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 04 Jun 2026 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112515 (0x1b783)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 21 17:44:03 2026 GMT
Not After : Jul 10 17:44:03 2026 GMT
Subject: CN=6a0f4468-ad48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:75:65:19:af:7c:86:04:92:57:0f:d2:e1:d4:
21:90:dd:57:a5:1f:95:fb:0b:22:38:45:0f:8a:74:
39:70:fd:1b:d7:a4:82:9f:23:73:25:bb:6e:08:83:
68:ff:af:1d:7a:b5:93:1c:b4:69:68:d2:69:f3:b7:
c0:81:4e:bf:c7:0c:0f:fa:bf:56:4f:4a:37:aa:79:
b2:a3:81:4c:94:44:27:34:cc:35:cc:41:c4:69:51:
41:0e:13:3c:e6:f7:ee:01:0f:70:b2:1b:ee:b2:f4:
71:7d:30:eb:9d:c2:21:6f:a9:b8:7f:95:62:24:9b:
67:56:7f:29:d3:1b:68:66:f9:eb:22:8e:81:8d:e4:
c2:40:0e:fa:a1:84:35:2e:90:68:b8:e0:db:2a:34:
84:b2:a1:bd:82:a3:1e:db:a6:8d:5a:f3:d6:38:70:
b6:96:84:fb:84:8b:a3:a7:48:ee:fa:47:89:8d:75:
c7:10:8c:fd:fc:43:3d:34:ee:08:41:31:3b:3e:d7:
5e:52:a9:37:50:18:fd:dd:2f:b3:ca:aa:fe:98:30:
19:f1:7c:9d:f0:46:f3:ff:7e:67:41:56:cc:84:ad:
9c:56:d3:06:bf:03:99:8c:21:9b:61:85:cb:d3:9c:
6d:8c:f4:01:4f:f2:df:24:92:c3:5c:b4:83:17:15:
43:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:D5:73:83:BB:B9:21:39:DE:A4:02:14:40:CC:31:C3:5C:C4:73:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAD89E04553C11F196714AB1CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.137.0/24
45.196.224.0/24
Signature Algorithm: sha256WithRSAEncryption
57:69:86:b6:67:23:90:c7:35:90:f2:b4:d8:6b:a8:80:03:3c:
fc:e5:74:28:35:a7:c3:45:c9:92:6c:50:d2:c3:17:9f:b6:66:
b6:83:16:ea:76:56:bc:04:da:82:ad:f4:38:df:c5:f9:89:88:
84:0c:60:f6:03:d4:7e:82:1a:3b:3d:b2:60:c1:29:cc:1d:07:
33:59:cc:bd:05:8a:1a:37:67:e9:61:ae:36:41:21:bf:d4:2d:
fd:b9:ce:00:37:e9:cf:fa:00:46:7b:cc:1f:bd:0b:36:fe:d6:
81:c3:0a:96:2a:89:b8:c3:39:c8:2c:59:88:28:3f:45:43:27:
82:52:68:b9:3f:1a:42:51:62:5f:86:0d:63:9b:9a:66:51:aa:
d8:b0:72:58:a8:58:a8:24:c2:e3:19:b5:a4:73:11:65:1e:98:
cf:be:cc:82:12:f6:bc:e2:e5:a5:0a:f6:48:21:0f:14:8a:bd:
01:5e:bc:46:19:df:12:9b:b3:40:70:2b:db:7a:48:25:ee:c9:
a0:4f:26:b2:ab:95:67:d3:47:0e:f8:76:a4:c0:3b:37:7b:b9:
45:64:a4:be:18:0c:7d:12:6c:5b:4e:0a:b9:45:4c:cb:da:57:
ee:c4:a4:0d:0e:77:18:58:5d:e4:18:e7:d6:7d:aa:67:fa:ae:
31:f7:b6:94
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAbeDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNTIxMTc0NDAzWhcNMjYwNzEwMTc0NDAzWjAYMRYw
FAYDVQQDEw02YTBmNDQ2OC1hZDQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq3VlGa98hgSSVw/S4dQhkN1XpR+V+wsiOEUPinQ5cP0b16SCnyNzJbtu
CINo/68derWTHLRpaNJp87fAgU6/xwwP+r9WT0o3qnmyo4FMlEQnNMw1zEHEaVFB
DhM85vfuAQ9wshvusvRxfTDrncIhb6m4f5ViJJtnVn8p0xtoZvnrIo6BjeTCQA76
oYQ1LpBouODbKjSEsqG9gqMe26aNWvPWOHC2loT7hIujp0ju+keJjXXHEIz9/EM9
NO4IQTE7PtdeUqk3UBj93S+zyqr+mDAZ8Xyd8Ebz/35nQVbMhK2cVtMGvwOZjCGb
YYXL05xtjPQBT/LfJJLDXLSDFxVDywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHnV
c4O7uSE53qQCFEDMMcNcxHNyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQUQ4OUUwNDU1M0MxMUYxOTY3MTRBQjFDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcOJAwQALcTgMA0GCSqGSIb3
DQEBCwUAA4IBAQBXaYa2ZyOQxzWQ8rTYa6iAAzz85XQoNafDRcmSbFDSwxeftma2
gxbqdla8BNqCrfQ438X5iYiEDGD2A9R+gho7PbJgwSnMHQczWcy9BYoaN2fpYa42
QSG/1C39uc4AN+nP+gBGe8wfvQs2/taBwwqWKom4wznILFmIKD9FQyeCUmi5PxpC
UWJfhg1jm5pmUarYsHJYqFioJMLjGbWkcxFlHpjPvsyCEva84uWlCvZIIQ8Uir0B
XrxGGd8Sm7NAcCvbekgl7smgTyayq5Vn00cO+HakwDs3e7lFZKS+GAx9EmxbTgq5
RUzL2lfuxKQNDncYWF3kGOfWfapn+q4x97aU
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:07:04 2026 by rpki-client