Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C0259565D7811F09CC393D6DAE4EC9C.roa
File: 2C0259565D7811F09CC393D6DAE4EC9C.roa (raw, json)
Hash identifier: vuXevoMpwXZnNGiHA87o/NKOaIbjUVVwW4L1ikvPTXo=
Subject key identifier: F0:72:82:1C:7C:6F:38:A8:AF:0F:3B:18:51:2D:8E:99:46:A7:FB:AB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016478
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C0259565D7811F09CC393D6DAE4EC9C.roa
Signing time: Thu 10 Jul 2025 10:25:17 +0000
ROA not before: Thu 10 Jul 2025 10:25:12 +0000
ROA not after: Wed 20 Aug 2025 10:25:12 +0000
asID: 401615
IP address blocks: 45.196.234.0/23 maxlen: 24
45.196.238.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91256 (0x16478)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 10 10:25:12 2025 GMT
Not After : Aug 20 10:25:12 2025 GMT
Subject: CN=686f950d-a760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0a:1d:54:2f:6c:7e:0d:3b:10:9f:e7:81:3a:
df:a3:25:af:1c:a5:54:f8:8b:ef:d2:6b:17:46:90:
dd:b5:9c:d7:d8:f9:75:7f:62:4d:fa:f5:61:0c:1d:
f8:6a:f1:da:32:6c:90:0a:ac:c8:7c:26:03:48:b0:
62:96:82:70:18:64:35:28:96:f5:91:ac:a8:6d:74:
0c:de:dd:16:25:54:b7:a1:97:98:e7:22:ea:7a:41:
38:4c:42:95:73:22:ed:48:07:56:35:04:d5:ae:5c:
10:4b:08:3a:7f:b3:38:e5:ef:7f:a2:7b:3c:e6:6c:
82:64:48:2d:4d:71:58:21:b8:75:5b:70:78:03:45:
af:81:a0:b8:ac:a1:a3:32:90:ff:86:76:16:f3:92:
cb:88:93:5a:c0:54:f9:0a:d3:64:90:c4:b7:27:a4:
23:af:83:24:1b:24:43:f5:25:46:7c:4a:67:ba:8f:
8f:02:07:de:58:06:c7:c9:17:b7:5e:a3:21:6f:94:
d8:f6:a5:75:ea:ec:bc:83:17:78:54:b2:d7:52:75:
71:3e:cb:f8:49:a8:b3:69:2b:28:3b:a4:02:16:c8:
ea:46:2d:77:bd:64:14:03:24:36:51:51:14:bd:a8:
f0:6e:f6:79:07:0a:b7:d9:b5:6b:d9:fd:dd:c4:a2:
d3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:72:82:1C:7C:6F:38:A8:AF:0F:3B:18:51:2D:8E:99:46:A7:FB:AB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C0259565D7811F09CC393D6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.234.0/23
45.196.238.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:49:9d:79:06:7c:aa:14:fe:02:7b:41:df:72:7b:84:57:72:
db:1b:a0:68:ba:ea:2e:c9:1c:37:1a:b0:59:09:f0:4e:d9:77:
27:08:70:6b:e7:82:43:36:dd:d2:9c:55:d4:39:e0:77:17:07:
2b:2b:a9:1a:89:f5:b9:dd:61:5e:8b:1a:22:2d:a7:1f:f2:92:
9f:f8:ca:3e:de:47:b8:0e:a4:f2:e8:df:a4:67:8e:5f:3b:67:
47:fe:cb:f6:4d:1e:91:2e:b8:65:75:11:01:59:64:0d:27:f0:
a4:fd:13:3d:c3:77:47:d5:6a:62:e9:6e:da:56:a2:5c:75:1d:
b5:3e:05:1e:48:23:2f:c9:fa:1b:75:09:9a:de:f3:5c:cc:aa:
26:75:c0:ec:41:be:ee:57:d7:0b:c5:0b:c1:f9:27:58:b4:2a:
7b:9a:9e:0c:77:1d:6b:9e:87:f4:7f:f4:80:0a:95:eb:e5:0d:
2e:8a:a2:05:58:46:2f:b5:8b:0c:7b:f9:f9:63:86:81:0e:2b:
65:8c:7c:33:5f:77:48:c4:3d:aa:35:f8:1a:5a:3c:d5:37:1a:
e0:26:33:d8:25:ac:4c:b7:76:85:99:c4:fb:f1:d7:52:87:0d:
2b:29:8a:0d:a1:39:f9:b1:7d:b3:f1:7b:29:33:78:b5:60:8a:
ab:62:84:c6
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWR4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzEwMTAyNTEyWhcNMjUwODIwMTAyNTEyWjAYMRYw
FAYDVQQDEw02ODZmOTUwZC1hNzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1QodVC9sfg07EJ/ngTrfoyWvHKVU+Ivv0msXRpDdtZzX2Pl1f2JN+vVh
DB34avHaMmyQCqzIfCYDSLBiloJwGGQ1KJb1kayobXQM3t0WJVS3oZeY5yLqekE4
TEKVcyLtSAdWNQTVrlwQSwg6f7M45e9/ons85myCZEgtTXFYIbh1W3B4A0WvgaC4
rKGjMpD/hnYW85LLiJNawFT5CtNkkMS3J6Qjr4MkGyRD9SVGfEpnuo+PAgfeWAbH
yRe3XqMhb5TY9qV16uy8gxd4VLLXUnVxPsv4SaizaSsoO6QCFsjqRi13vWQUAyQ2
UVEUvajwbvZ5Bwq32bVr2f3dxKLTgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPBy
ghx8bziorw87GFEtjplGp/urMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQzAyNTk1NjVENzgxMUYwOUNDMzkzRDZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLcTqAwQBLcTuMA0GCSqGSIb3
DQEBCwUAA4IBAQCuSZ15BnyqFP4Ce0HfcnuEV3LbG6BouuouyRw3GrBZCfBO2Xcn
CHBr54JDNt3SnFXUOeB3FwcrK6kaifW53WFeixoiLacf8pKf+Mo+3ke4DqTy6N+k
Z45fO2dH/sv2TR6RLrhldREBWWQNJ/Ck/RM9w3dH1Wpi6W7aVqJcdR21PgUeSCMv
yfobdQma3vNczKomdcDsQb7uV9cLxQvB+SdYtCp7mp4Mdx1rnof0f/SACpXr5Q0u
iqIFWEYvtYsMe/n5Y4aBDitljHwzX3dIxD2qNfgaWjzVNxrgJjPYJaxMt3aFmcT7
8ddShw0rKYoNoTn5sX2z8XspM3i1YIqrYoTG
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:38:36 2025 by rpki-client