Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C89EC96567411F0BE1C50A2DAE4EC9C.roa
File: 2C89EC96567411F0BE1C50A2DAE4EC9C.roa (raw, json)
Hash identifier: 8ln7blR7Zp2FmW6x+kiKKFtLKiYXYqvVCt5UGW+D6co=
Subject key identifier: 9B:C6:EB:89:E9:A8:D8:76:9D:CD:0E:F8:2C:4B:CA:35:15:07:C5:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015FE6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C89EC96567411F0BE1C50A2DAE4EC9C.roa
Signing time: Tue 01 Jul 2025 12:09:03 +0000
ROA not before: Tue 01 Jul 2025 12:08:55 +0000
ROA not after: Sun 17 Aug 2025 12:08:55 +0000
asID: 36137
IP address blocks: 45.200.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90086 (0x15fe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 1 12:08:55 2025 GMT
Not After : Aug 17 12:08:55 2025 GMT
Subject: CN=6863cfdf-fb71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:26:c7:f3:f5:0f:eb:9f:d2:a9:5c:c9:36:16:
16:94:fe:05:72:56:60:6f:fe:ea:69:51:66:81:25:
bc:f1:0e:8b:38:78:8f:d0:66:8b:1a:6d:c8:6c:32:
8c:87:9a:11:9d:3b:dc:60:77:ed:aa:25:46:be:f3:
b9:1f:db:6e:e5:79:aa:e1:61:3e:0b:41:72:4c:82:
64:50:19:d8:01:c6:01:d8:61:55:fd:39:e8:d0:54:
53:50:a3:42:8d:fd:99:9b:67:9c:aa:b0:d4:ef:a6:
bc:47:81:21:ef:d6:29:6c:f9:95:9b:ff:5c:37:ac:
27:77:38:cc:6b:fa:28:4a:7f:52:36:15:fd:e2:6a:
f9:3c:80:ce:2f:be:f9:01:4d:f9:8d:61:67:3d:fe:
58:de:ed:b6:b5:61:d0:7f:40:b8:41:4c:39:38:e0:
16:37:91:a1:24:84:9c:ce:0c:a4:e4:ae:f5:bc:50:
26:f3:49:25:62:f0:7c:98:08:85:80:8f:f2:94:2e:
d4:c1:d5:64:5f:ab:5a:43:a9:f8:0e:b8:34:98:a6:
28:21:aa:ef:fc:a4:db:93:ef:36:4e:d9:0e:82:b7:
f1:2e:63:f2:4c:62:e6:4f:84:77:4c:cb:6d:dd:8d:
16:3e:95:b0:2c:28:0c:23:55:9c:cb:50:5e:70:2f:
86:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C6:EB:89:E9:A8:D8:76:9D:CD:0E:F8:2C:4B:CA:35:15:07:C5:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C89EC96567411F0BE1C50A2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.192.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:16:9e:f1:07:dd:34:34:96:5f:9a:72:23:ed:36:fb:fa:39:
72:c6:13:32:c8:ce:65:81:0c:38:5b:6d:3d:e1:24:ca:fa:8b:
9c:bb:11:60:4f:e8:65:77:2a:13:50:81:16:57:47:2a:0c:e9:
b3:af:7e:4c:c7:9f:85:92:cd:ee:70:65:86:b3:e1:16:79:e6:
12:34:e0:c3:1f:02:73:52:87:f2:2c:0e:4b:ba:56:7d:49:48:
56:ce:28:6b:e3:e3:27:db:b1:c7:31:f1:ec:9d:b4:6f:c5:d1:
b3:34:c3:09:53:66:f2:41:cf:01:10:9c:00:38:07:73:60:f7:
11:08:f7:b1:39:84:07:ba:44:28:5b:96:c4:04:ef:43:3e:ad:
5d:6f:fa:66:4b:90:d8:2a:c9:98:bf:f1:86:57:57:41:7c:82:
ee:d4:8b:55:9c:74:0d:25:f6:7b:15:c8:a5:cd:17:ba:e0:38:
ce:a6:93:7b:c0:8b:3c:67:94:ba:84:b3:12:f0:b6:9f:80:54:
81:3b:c6:c7:fb:1e:cb:7d:f9:a6:04:f7:4d:60:8a:c1:c3:64:
4f:b8:79:53:48:5e:11:40:c2:ed:41:c8:3b:21:78:38:08:25:
0e:d9:91:9a:2d:21:06:2f:aa:fc:2f:7c:14:da:55:89:e4:28:
da:ee:74:19
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAV/mMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAxMTIwODU1WhcNMjUwODE3MTIwODU1WjAYMRYw
FAYDVQQDEw02ODYzY2ZkZi1mYjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsibH8/UP65/SqVzJNhYWlP4FclZgb/7qaVFmgSW88Q6LOHiP0GaLGm3I
bDKMh5oRnTvcYHftqiVGvvO5H9tu5Xmq4WE+C0FyTIJkUBnYAcYB2GFV/Tno0FRT
UKNCjf2Zm2ecqrDU76a8R4Eh79YpbPmVm/9cN6wndzjMa/ooSn9SNhX94mr5PIDO
L775AU35jWFnPf5Y3u22tWHQf0C4QUw5OOAWN5GhJISczgyk5K71vFAm80klYvB8
mAiFgI/ylC7UwdVkX6taQ6n4Drg0mKYoIarv/KTbk+82TtkOgrfxLmPyTGLmT4R3
TMtt3Y0WPpWwLCgMI1Wcy1BecC+GtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJvG
64npqNh2nc0O+CxLyjUVB8U3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQzg5RUM5NjU2NzQxMUYwQkUxQzUwQTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGLcjAMA0GCSqGSIb3DQEBCwUA
A4IBAQAKFp7xB900NJZfmnIj7Tb7+jlyxhMyyM5lgQw4W2094STK+oucuxFgT+hl
dyoTUIEWV0cqDOmzr35Mx5+Fks3ucGWGs+EWeeYSNODDHwJzUofyLA5LulZ9SUhW
zihr4+Mn27HHMfHsnbRvxdGzNMMJU2byQc8BEJwAOAdzYPcRCPexOYQHukQoW5bE
BO9DPq1db/pmS5DYKsmYv/GGV1dBfILu1ItVnHQNJfZ7FcilzRe64DjOppN7wIs8
Z5S6hLMS8LafgFSBO8bH+x7LffmmBPdNYIrBw2RPuHlTSF4RQMLtQcg7IXg4CCUO
2ZGaLSEGL6r8L3wU2lWJ5Cja7nQZ
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:31:30 2025 by rpki-client