Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22E243D2580411F0B03214CADAE4EC9C.roa
File: 22E243D2580411F0B03214CADAE4EC9C.roa (raw, json)
Hash identifier: cfVatjuRR/b1/Hxq0UxPZKTT8BJ+9C52JP56Jquorgc=
Subject key identifier: 39:33:37:AA:A6:8D:5D:28:ED:E7:39:A5:CE:83:4F:27:37:43:C2:FE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016064
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22E243D2580411F0B03214CADAE4EC9C.roa
Signing time: Thu 03 Jul 2025 11:52:04 +0000
ROA not before: Thu 03 Jul 2025 11:51:56 +0000
ROA not after: Thu 07 Aug 2025 11:51:56 +0000
asID: 214808
IP address blocks: 45.192.242.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90212 (0x16064)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 3 11:51:56 2025 GMT
Not After : Aug 7 11:51:56 2025 GMT
Subject: CN=68666ee4-cfe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9f:2a:81:e1:12:22:f8:22:cf:ec:4b:38:62:
01:34:06:1b:bd:37:75:dd:2f:75:79:9c:ea:9d:66:
4c:b2:cc:c5:a4:a8:4e:01:a2:01:c9:82:ee:b2:d0:
3f:ce:7e:7d:09:44:31:a2:2a:ec:5d:4a:b3:d4:60:
ff:07:f3:10:12:db:1e:f1:fc:43:48:2e:80:88:d9:
ee:4c:fb:b6:9c:fa:a2:8b:c8:79:f8:40:ff:8f:ea:
00:98:4a:83:e0:d9:dd:d0:0e:ca:9a:b4:51:d8:3f:
d6:fc:75:1d:62:8b:51:3f:be:70:a9:b8:61:37:f4:
dd:6e:d3:9b:4e:20:bc:7b:c4:5d:e7:36:b3:1d:f4:
a2:58:6d:21:07:b9:92:f2:6a:37:09:65:35:cf:52:
83:dd:41:1b:f1:64:ab:77:70:0e:ff:73:8a:a9:61:
60:f8:44:e1:29:8a:6f:c1:7f:14:cd:05:d4:02:8c:
f5:ff:92:71:f5:29:8e:4f:0b:17:95:fb:6a:ee:66:
c0:1b:2e:68:b4:b9:5f:3d:56:07:f5:a7:3a:ed:9b:
44:8b:e7:5e:ee:7f:65:19:82:63:d4:f9:98:d6:4f:
03:37:07:d1:59:22:e8:19:cc:5a:6b:40:26:e4:ce:
f0:1c:c1:78:30:ca:34:89:a7:8f:57:6b:b8:38:ad:
77:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:33:37:AA:A6:8D:5D:28:ED:E7:39:A5:CE:83:4F:27:37:43:C2:FE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22E243D2580411F0B03214CADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.242.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:d1:b4:6e:35:94:d4:04:73:d4:3a:4c:49:89:b9:6b:c9:0e:
77:db:0f:78:71:47:aa:d4:cd:9f:6b:ac:03:51:ac:62:7c:18:
0c:e2:59:db:8f:10:85:21:2f:2c:60:6e:fe:5b:52:1a:6f:18:
69:fd:2d:ba:7d:74:e8:4c:a5:8c:5f:56:99:cd:7c:91:b1:9c:
e7:d8:07:05:e4:85:fb:f9:0c:91:3c:cd:75:34:cc:13:cc:7f:
34:0b:c6:b3:97:ce:99:5b:9f:74:37:6d:5b:60:1d:bf:0a:c8:
83:ea:54:65:79:dc:3e:41:ba:df:86:a7:25:41:40:94:2f:a2:
76:e0:f0:21:07:32:08:5f:0c:a4:7a:b2:8f:77:30:cd:12:fc:
20:44:c0:a0:fa:21:2b:4f:b1:83:02:25:37:9b:52:61:cf:85:
07:b8:61:b7:ad:5b:c1:a7:bf:28:10:44:de:33:db:30:3d:73:
a8:8a:f3:ed:26:18:dd:94:2b:11:2d:a8:b9:3b:62:5e:3c:d8:
6d:99:d9:1e:fa:88:fc:b8:91:8e:a5:0f:60:95:9a:22:88:9b:
a4:de:d6:89:ad:5b:0d:ca:43:da:b1:b7:0b:fb:1e:ea:16:34:
97:79:9c:6a:e4:ce:2e:a0:e9:48:0a:07:0f:18:86:b9:5f:c0:
2d:66:db:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWBkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAzMTE1MTU2WhcNMjUwODA3MTE1MTU2WjAYMRYw
FAYDVQQDEw02ODY2NmVlNC1jZmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlZ8qgeESIvgiz+xLOGIBNAYbvTd13S91eZzqnWZMsszFpKhOAaIByYLu
stA/zn59CUQxoirsXUqz1GD/B/MQEtse8fxDSC6AiNnuTPu2nPqii8h5+ED/j+oA
mEqD4Nnd0A7KmrRR2D/W/HUdYotRP75wqbhhN/TdbtObTiC8e8Rd5zazHfSiWG0h
B7mS8mo3CWU1z1KD3UEb8WSrd3AO/3OKqWFg+EThKYpvwX8UzQXUAoz1/5Jx9SmO
TwsXlftq7mbAGy5otLlfPVYH9ac67ZtEi+de7n9lGYJj1PmY1k8DNwfRWSLoGcxa
a0Am5M7wHMF4MMo0iaePV2u4OK13VQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDkz
N6qmjV0o7ec5pc6DTyc3Q8L+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMkUyNDNEMjU4MDQxMUYwQjAzMjE0Q0FEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcDyMA0GCSqGSIb3DQEBCwUA
A4IBAQAN0bRuNZTUBHPUOkxJiblryQ532w94cUeq1M2fa6wDUaxifBgM4lnbjxCF
IS8sYG7+W1Iabxhp/S26fXToTKWMX1aZzXyRsZzn2AcF5IX7+QyRPM11NMwTzH80
C8azl86ZW590N21bYB2/CsiD6lRledw+QbrfhqclQUCUL6J24PAhBzIIXwykerKP
dzDNEvwgRMCg+iErT7GDAiU3m1Jhz4UHuGG3rVvBp78oEETeM9swPXOoivPtJhjd
lCsRLai5O2JePNhtmdke+oj8uJGOpQ9glZoiiJuk3taJrVsNykPasbcL+x7qFjSX
eZxq5M4uoOlICgcPGIa5X8AtZtur
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:30:50 2025 by rpki-client