Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/215D18EA4B5F11F0BB4EFB7EDAE4EC9C.roa
File: 215D18EA4B5F11F0BB4EFB7EDAE4EC9C.roa (raw, json)
Hash identifier: zUHpQupLk+261qCF0tTfH9tQYMLutg4aN42fip7sPhg=
Subject key identifier: 72:7D:A6:BE:9E:C2:B0:5B:07:20:F3:D8:20:27:CF:04:BB:6C:5D:75
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015C88
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/215D18EA4B5F11F0BB4EFB7EDAE4EC9C.roa
Signing time: Tue 17 Jun 2025 09:40:41 +0000
ROA not before: Tue 17 Jun 2025 09:40:35 +0000
ROA not after: Tue 22 Jul 2025 09:40:35 +0000
asID: 273222
IP address blocks: 45.194.7.0/24 maxlen: 24
45.194.8.0/23 maxlen: 24
45.194.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89224 (0x15c88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 17 09:40:35 2025 GMT
Not After : Jul 22 09:40:35 2025 GMT
Subject: CN=68513819-0dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:27:14:52:3d:63:53:d8:03:54:7b:46:b0:76:
4e:47:ea:83:80:42:04:25:d4:6e:22:96:cc:c5:92:
08:59:59:a2:47:c8:a5:b4:40:f4:4f:4c:c9:30:3f:
1b:9c:65:e2:8e:4e:e5:bf:16:2d:5d:ac:d1:62:73:
92:bb:6d:83:60:d2:5f:c4:b8:53:09:08:33:96:6c:
19:16:9b:a0:1b:d1:a7:20:af:a9:f3:a4:0e:75:c7:
5d:9e:55:1c:67:45:ad:fc:ea:4f:ed:e7:f2:8e:d3:
b7:ea:89:d1:22:30:8e:09:57:d0:89:b2:16:18:29:
8d:d6:80:ce:71:76:4c:ad:a3:df:21:d1:b3:f8:1b:
aa:e5:75:b5:8b:38:6b:1c:c7:2f:0d:a8:f7:3b:11:
c3:f2:37:50:03:3b:33:f3:34:88:fb:d1:1d:29:ec:
27:06:8a:f4:86:b0:6d:71:ab:04:c3:fb:73:63:3a:
64:c4:7e:03:a1:bd:ed:a0:4f:5d:55:8c:ce:ca:cc:
0e:8f:a3:c8:f9:11:92:4c:ff:b8:1d:f8:4b:15:a7:
24:99:e8:97:7b:0a:77:9e:11:40:d5:27:40:34:a6:
fc:ca:7a:28:12:ac:34:75:3d:45:bf:44:3f:5a:80:
43:4c:df:47:9d:19:4c:2d:c9:5b:f5:aa:fd:4c:28:
57:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7D:A6:BE:9E:C2:B0:5B:07:20:F3:D8:20:27:CF:04:BB:6C:5D:75
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/215D18EA4B5F11F0BB4EFB7EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.7.0-45.194.10.255
Signature Algorithm: sha256WithRSAEncryption
3b:18:9b:44:5f:1e:a1:ee:1b:50:22:f7:d1:ad:4f:26:09:52:
da:07:ba:ab:ea:26:b1:10:7f:7d:1e:48:10:62:72:c2:dd:c4:
41:f5:90:c5:af:be:0a:17:65:3d:4d:ab:6f:80:ae:94:30:6e:
22:20:77:67:ae:da:8c:7e:c5:ac:73:a4:bf:86:c2:0a:72:af:
db:a2:c1:78:70:b1:1d:42:29:77:33:92:a4:15:f2:e2:3d:3e:
bb:92:44:cf:e9:d2:21:fb:e2:19:85:06:50:aa:f4:bb:99:f0:
9a:24:58:72:60:85:e5:53:1f:3d:17:17:df:2f:c6:d5:8f:91:
29:e2:7d:9b:40:d3:f2:6d:12:5b:79:28:ef:5a:cd:1b:d6:cc:
50:c0:46:05:d7:a4:0f:dc:af:09:b0:5a:a2:5e:99:e9:d5:91:
73:a2:53:2f:a6:8e:be:1c:4c:4b:b9:d5:18:3f:de:8d:c8:bf:
f3:44:c9:68:46:53:e2:a7:10:8a:34:bb:62:f3:34:af:45:9d:
9f:b4:70:db:2e:0d:56:30:19:2e:0c:f2:e1:75:91:46:e2:a8:
6e:2a:d8:d4:b6:b3:00:7c:e8:2e:05:4e:2f:dc:3c:a3:0e:d7:
00:65:a0:28:55:7c:61:31:ac:91:0d:c6:e2:ff:21:7b:ab:68:
7f:7e:e0:8c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVyIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE3MDk0MDM1WhcNMjUwNzIyMDk0MDM1WjAYMRYw
FAYDVQQDEw02ODUxMzgxOS0wZGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmycUUj1jU9gDVHtGsHZOR+qDgEIEJdRuIpbMxZIIWVmiR8iltED0T0zJ
MD8bnGXijk7lvxYtXazRYnOSu22DYNJfxLhTCQgzlmwZFpugG9GnIK+p86QOdcdd
nlUcZ0Wt/OpP7efyjtO36onRIjCOCVfQibIWGCmN1oDOcXZMraPfIdGz+Buq5XW1
izhrHMcvDaj3OxHD8jdQAzsz8zSI+9EdKewnBor0hrBtcasEw/tzYzpkxH4Dob3t
oE9dVYzOyswOj6PI+RGSTP+4HfhLFackmeiXewp3nhFA1SdANKb8ynooEqw0dT1F
v0Q/WoBDTN9HnRlMLclb9ar9TChXWQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFHJ9
pr6ewrBbByDz2CAnzwS7bF11MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMTVEMThFQTRCNUYxMUYwQkI0RUZCN0VEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtwgcDBAAtwgowDQYJKoZI
hvcNAQELBQADggEBADsYm0RfHqHuG1Ai99GtTyYJUtoHuqvqJrEQf30eSBBicsLd
xEH1kMWvvgoXZT1Nq2+ArpQwbiIgd2eu2ox+xaxzpL+Gwgpyr9uiwXhwsR1CKXcz
kqQV8uI9PruSRM/p0iH74hmFBlCq9LuZ8JokWHJgheVTHz0XF98vxtWPkSnifZtA
0/JtElt5KO9azRvWzFDARgXXpA/crwmwWqJemenVkXOiUy+mjr4cTEu51Rg/3o3I
v/NEyWhGU+KnEIo0u2LzNK9FnZ+0cNsuDVYwGS4M8uF1kUbiqG4q2NS2swB86C4F
Ti/cPKMO1wBloChVfGExrJENxuL/IXuraH9+4Iw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:38:33 2025 by rpki-client