Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24A4CB365CDC11F0ACC1B3D6DAE4EC9C.roa
File: 24A4CB365CDC11F0ACC1B3D6DAE4EC9C.roa (raw, json)
Hash identifier: x4kPUHRG5F3bXVn5GV0KmtF1/l7OneLblUyKEh3+PHI=
Subject key identifier: B3:D6:5F:57:DF:2F:B2:B4:28:21:32:93:27:9E:35:CE:61:A9:A9:64
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016416
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24A4CB365CDC11F0ACC1B3D6DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 15:48:23 +0000
ROA not before: Wed 09 Jul 2025 15:48:17 +0000
ROA not after: Sat 16 Aug 2025 15:48:17 +0000
asID: 142032
IP address blocks: 45.192.96.0/20 maxlen: 24
45.207.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91158 (0x16416)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 9 15:48:17 2025 GMT
Not After : Aug 16 15:48:17 2025 GMT
Subject: CN=686e8f47-340e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5f:8a:98:a4:11:1f:be:f4:0f:e4:18:bb:6e:
a7:68:37:78:1c:33:91:4e:64:91:10:4d:3a:50:c0:
33:43:d8:4f:1a:15:7c:aa:e2:79:cf:c0:0e:2b:26:
63:14:02:6b:bf:48:7f:d5:a2:e7:37:2c:12:da:dc:
f3:01:9e:7b:fb:b6:97:9b:9c:5d:98:7f:ac:3f:22:
a3:88:02:54:9e:e5:d3:95:30:1b:cb:41:91:56:bf:
ae:86:71:d7:74:c0:fe:13:01:ef:ae:ce:bf:56:13:
a1:f3:8d:94:10:1b:c1:ce:ad:8f:41:97:c7:75:ea:
47:5f:cb:1f:7d:55:74:b0:f3:b2:ec:80:68:03:1f:
e9:4d:7a:6c:2c:3b:b5:a2:58:1c:dc:a9:df:e9:5b:
a7:74:a0:9e:aa:39:37:e3:cd:ba:d6:f0:62:db:fc:
05:9e:c7:ff:10:da:30:96:85:cd:58:c6:01:dd:13:
8d:06:97:35:47:62:12:5c:7d:74:c2:f2:c2:4c:54:
c8:48:c6:3d:0d:de:81:8f:24:98:f1:9f:7c:eb:95:
17:a1:bc:ab:a0:b6:53:8d:46:1e:b0:f7:72:f7:0c:
94:16:7f:af:85:d5:9c:1e:97:13:65:4e:88:04:4c:
99:dc:de:9d:af:e3:0e:7b:48:b5:41:44:2a:c7:10:
f5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D6:5F:57:DF:2F:B2:B4:28:21:32:93:27:9E:35:CE:61:A9:A9:64
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24A4CB365CDC11F0ACC1B3D6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/20
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
27:16:35:c6:bc:22:f3:69:00:e8:92:56:71:ad:49:79:47:4d:
c1:ab:eb:a0:cb:3f:a8:a6:c6:06:ac:46:2b:78:81:d2:9a:aa:
4f:0a:a5:af:da:61:32:e9:d1:b8:43:0d:3e:5f:5f:f2:a5:b3:
1f:6a:9a:4b:ea:6e:95:2d:9d:f3:84:d2:e8:fe:67:32:2b:6e:
7d:78:cf:9a:db:5b:5a:a1:b5:f4:d8:a8:0c:4f:58:0e:67:67:
17:11:90:b3:ac:25:6b:88:d1:5c:62:b8:e7:c2:9a:e4:9e:4b:
a0:f8:59:28:01:fa:1d:6d:8e:c8:a9:1c:ff:08:4b:ab:7f:a8:
35:8a:d2:97:6c:de:03:2f:57:ca:e8:9d:c7:e2:77:d4:bc:47:
93:3d:84:23:16:2a:b0:16:3d:44:91:2e:03:5d:74:db:6c:6c:
f9:a5:02:81:71:46:89:12:73:c7:c1:23:26:4e:07:3d:46:07:
63:dd:ad:ab:9e:f8:17:d5:6a:b7:d6:4a:32:04:38:67:d9:8e:
74:97:06:52:e3:c2:c4:8a:a3:70:a7:ee:c9:1d:3a:ba:5d:2b:
af:47:e9:01:b6:72:d4:65:97:ce:b0:44:a1:a4:c0:58:6f:65:
6b:f2:4e:bf:08:6e:30:4c:55:ed:2d:07:4c:8e:db:88:ba:c2:
6d:ae:cc:e3
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWQWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA5MTU0ODE3WhcNMjUwODE2MTU0ODE3WjAYMRYw
FAYDVQQDEw02ODZlOGY0Ny0zNDBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtF+KmKQRH770D+QYu26naDd4HDORTmSREE06UMAzQ9hPGhV8quJ5z8AO
KyZjFAJrv0h/1aLnNywS2tzzAZ57+7aXm5xdmH+sPyKjiAJUnuXTlTAby0GRVr+u
hnHXdMD+EwHvrs6/VhOh842UEBvBzq2PQZfHdepHX8sffVV0sPOy7IBoAx/pTXps
LDu1olgc3Knf6VundKCeqjk348261vBi2/wFnsf/ENowloXNWMYB3RONBpc1R2IS
XH10wvLCTFTISMY9Dd6BjySY8Z9865UXobyroLZTjUYesPdy9wyUFn+vhdWcHpcT
ZU6IBEyZ3N6dr+MOe0i1QUQqxxD1VwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLPW
X1ffL7K0KCEykyeeNc5hqalkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNEE0Q0IzNjVDREMxMUYwQUNDMUIzRDZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQELcBgAwQFLc/AMA0GCSqGSIb3
DQEBCwUAA4IBAQAnFjXGvCLzaQDoklZxrUl5R03Bq+ugyz+opsYGrEYreIHSmqpP
CqWv2mEy6dG4Qw0+X1/ypbMfappL6m6VLZ3zhNLo/mcyK259eM+a21taobX02KgM
T1gOZ2cXEZCzrCVriNFcYrjnwprknkug+FkoAfodbY7IqRz/CEurf6g1itKXbN4D
L1fK6J3H4nfUvEeTPYQjFiqwFj1EkS4DXXTbbGz5pQKBcUaJEnPHwSMmTgc9Rgdj
3a2rnvgX1Wq31koyBDhn2Y50lwZS48LEiqNwp+7JHTq6XSuvR+kBtnLUZZfOsESh
pMBYb2Vr8k6/CG4wTFXtLQdMjtuIusJtrszj
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:38:27 2025 by rpki-client