Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4CBAA0430AB11F19E31C7BEDAE4EC9C.roa
File: D4CBAA0430AB11F19E31C7BEDAE4EC9C.roa (raw, json)
Hash identifier: iE5dM20x8GA49TQdxtClixqTL+W58EHr4HQc150E0FQ=
Subject key identifier: D6:0B:E0:ED:C2:98:07:40:74:0E:6F:5B:FA:EE:9E:38:8B:FE:69:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01A9E5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4CBAA0430AB11F19E31C7BEDAE4EC9C.roa
Signing time: Sun 05 Apr 2026 04:56:40 +0000
ROA not before: Sun 05 Apr 2026 04:56:35 +0000
ROA not after: Tue 05 May 2026 04:56:35 +0000
asID: 61112
IP address blocks: 45.207.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Apr 2026 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109029 (0x1a9e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 5 04:56:35 2026 GMT
Not After : May 5 04:56:35 2026 GMT
Subject: CN=69d1eb87-43e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1e:1b:e2:6f:4e:fe:37:a1:47:d0:74:43:d8:
01:73:66:0a:d4:db:0b:c6:22:e5:48:7f:f7:45:4e:
dc:f4:e9:83:65:98:a9:33:90:83:8f:2b:65:41:2a:
80:cf:84:83:0f:b7:bf:46:0a:29:aa:0d:16:cf:bf:
a4:ae:9b:04:9a:5b:37:82:ca:14:10:3f:18:d8:03:
1d:f1:c1:4a:48:8b:e7:c4:1b:c2:fc:bf:20:33:9e:
98:b9:7d:1f:be:ff:c1:be:b1:af:81:ef:e1:88:69:
fe:8e:f6:8a:67:ee:9d:ce:09:30:7d:5c:1a:d9:e4:
e3:ae:ac:09:a2:41:72:e4:d8:21:ec:ac:11:e9:b6:
7c:d3:15:97:ce:22:ab:c2:f5:bc:c3:3e:ef:aa:53:
61:fd:32:17:27:e7:c3:24:41:a7:08:70:38:dd:77:
8e:99:e0:64:ec:65:d7:ce:b3:ff:56:8f:3e:e9:95:
12:a1:b5:3b:5d:01:53:7f:54:41:f4:c0:4d:6e:42:
d4:87:dd:0e:07:51:d9:b4:49:3e:5e:f7:38:c2:8f:
87:05:aa:bf:51:a2:bc:eb:86:f7:2f:5f:16:e8:63:
41:9f:3e:21:7c:f3:88:ad:21:cf:00:7b:bd:73:94:
bc:1f:79:be:2f:0c:e9:51:ab:52:18:10:66:39:ac:
10:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:0B:E0:ED:C2:98:07:40:74:0E:6F:5B:FA:EE:9E:38:8B:FE:69:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4CBAA0430AB11F19E31C7BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.41.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:1f:de:75:ad:55:69:4a:f7:fd:15:e7:cf:1c:7a:ef:96:06:
11:cc:a4:7e:88:9b:22:70:fc:fc:b6:10:78:f8:29:31:45:b8:
e4:17:00:37:ea:21:c6:11:d6:c9:34:54:40:d7:29:03:7f:15:
72:e3:52:c2:3d:e6:b1:60:60:6f:42:f0:f7:bc:0d:ae:73:4b:
06:57:97:49:24:50:65:2a:67:95:95:d7:5d:8a:37:28:1d:5a:
b2:80:2e:bb:e9:18:81:47:db:ec:de:a6:41:31:5a:89:ba:ea:
ae:89:4e:a5:6e:26:2f:ac:fc:cb:99:a1:71:1a:05:a7:fc:cf:
13:29:c6:80:06:a8:63:41:8a:92:27:05:ae:23:a8:c4:74:1b:
23:91:3c:c2:a1:dc:0f:d3:17:99:24:33:de:58:69:3a:80:f2:
cd:65:59:df:92:ee:40:79:96:4b:85:23:0d:23:95:31:94:52:
1b:6a:92:95:f0:78:ca:46:c0:58:11:c5:e5:e9:40:f9:c7:43:
00:31:11:de:ee:ce:02:c0:f8:b0:bb:cf:cc:3b:61:d7:33:6e:
57:78:c2:3d:fa:30:d8:0c:8f:fb:52:bf:9d:62:9e:1d:de:03:
d0:12:5c:76:82:4a:9b:70:b9:9a:92:1d:b1:1a:cf:78:3b:5e:
94:59:be:ea
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAanlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDA1MDQ1NjM1WhcNMjYwNTA1MDQ1NjM1WjAYMRYw
FAYDVQQDEw02OWQxZWI4Ny00M2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxR4b4m9O/jehR9B0Q9gBc2YK1NsLxiLlSH/3RU7c9OmDZZipM5CDjytl
QSqAz4SDD7e/Rgopqg0Wz7+krpsEmls3gsoUED8Y2AMd8cFKSIvnxBvC/L8gM56Y
uX0fvv/BvrGvge/hiGn+jvaKZ+6dzgkwfVwa2eTjrqwJokFy5Ngh7KwR6bZ80xWX
ziKrwvW8wz7vqlNh/TIXJ+fDJEGnCHA43XeOmeBk7GXXzrP/Vo8+6ZUSobU7XQFT
f1RB9MBNbkLUh90OB1HZtEk+Xvc4wo+HBaq/UaK864b3L18W6GNBnz4hfPOIrSHP
AHu9c5S8H3m+LwzpUatSGBBmOawQiQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNYL
4O3CmAdAdA5vW/runjiL/mk4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENENCQUEwNDMwQUIxMUYxOUUzMUM3QkVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8pMA0GCSqGSIb3DQEBCwUA
A4IBAQB9H951rVVpSvf9FefPHHrvlgYRzKR+iJsicPz8thB4+CkxRbjkFwA36iHG
EdbJNFRA1ykDfxVy41LCPeaxYGBvQvD3vA2uc0sGV5dJJFBlKmeVldddijcoHVqy
gC676RiBR9vs3qZBMVqJuuquiU6lbiYvrPzLmaFxGgWn/M8TKcaABqhjQYqSJwWu
I6jEdBsjkTzCodwP0xeZJDPeWGk6gPLNZVnfku5AeZZLhSMNI5UxlFIbapKV8HjK
RsBYEcXl6UD5x0MAMRHe7s4CwPiwu8/MO2HXM25XeMI9+jDYDI/7Ur+dYp4d3gPQ
Elx2gkqbcLmakh2xGs94O16UWb7q
-----END CERTIFICATE-----
Generated at Sat Apr 18 14:29:29 2026 by rpki-client