Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DC02FF4623F11F0975C22BEDAE4EC9C.roa
File: 2DC02FF4623F11F0975C22BEDAE4EC9C.roa (raw, json)
Hash identifier: seNC8ctW104zIkB8hn8GID8Fn35HCFNPwMG3ejJa73Y=
Subject key identifier: 8F:82:8E:F5:E6:E7:FE:FF:97:A7:13:14:79:B9:A1:26:DB:2C:AB:15
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016583
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DC02FF4623F11F0975C22BEDAE4EC9C.roa
Signing time: Wed 16 Jul 2025 12:19:54 +0000
ROA not before: Wed 16 Jul 2025 12:19:49 +0000
ROA not after: Tue 22 Jul 2025 12:19:49 +0000
asID: 22773
IP address blocks: 45.196.32.0/22 maxlen: 24
45.196.40.0/22 maxlen: 24
45.196.48.0/22 maxlen: 24
45.196.52.0/22 maxlen: 24
45.196.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91523 (0x16583)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 16 12:19:49 2025 GMT
Not After : Jul 22 12:19:49 2025 GMT
Subject: CN=687798ea-2e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:17:40:e0:98:01:92:7c:5d:9b:19:8f:d5:a3:
d2:32:74:2e:2c:04:ed:c2:75:61:65:8f:57:af:b4:
6b:b3:53:5a:8a:05:e7:3d:58:5f:8a:22:79:ab:9c:
ea:54:75:48:44:bb:6d:88:ec:8d:8d:8b:13:e3:f6:
cb:94:df:9b:55:90:24:ed:bd:11:c3:5c:81:97:67:
77:08:d7:1d:97:97:20:2e:f1:55:38:dd:48:a6:91:
8d:99:48:7b:e0:88:44:04:4b:52:e9:d9:8a:89:ac:
17:2b:4e:39:44:b0:c2:67:5d:d8:1f:64:61:14:32:
00:3e:db:f1:99:1d:de:b5:6b:88:01:ff:4a:a2:9b:
c5:d8:e5:2b:0a:06:2d:40:fb:1f:06:b2:75:f7:05:
f9:6f:52:41:bc:8d:0f:c1:f7:7b:d2:27:6b:00:f8:
4c:ab:15:0c:44:f1:2d:2d:4c:9f:2d:c1:9f:b4:d3:
ee:24:12:6c:36:ba:2c:c9:23:35:96:48:cd:e6:50:
89:b8:b2:2e:fd:c0:03:4d:26:66:61:68:43:0e:ef:
6e:e1:ef:9d:c5:33:75:3a:9f:1e:b5:b0:25:c6:f2:
da:b6:a2:f1:21:15:11:97:84:a4:11:f4:fa:36:01:
e2:68:a2:1c:b3:62:d2:7a:9b:7f:2e:ae:c9:4b:0b:
a7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:82:8E:F5:E6:E7:FE:FF:97:A7:13:14:79:B9:A1:26:DB:2C:AB:15
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DC02FF4623F11F0975C22BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.32.0/22
45.196.40.0/22
45.196.48.0/21
45.196.60.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:20:14:d6:1c:3d:28:75:8d:4c:7f:7e:37:18:b4:a8:0d:54:
52:0c:7f:78:b3:bf:8e:09:af:02:32:e7:6d:e6:69:5d:d6:84:
76:44:82:5c:99:6e:7d:bc:bb:21:a1:5b:8b:22:43:7a:e5:89:
43:df:47:20:8b:90:15:29:62:d6:8a:57:3f:6d:3f:a1:f0:6b:
79:37:5b:65:4f:c1:b7:c6:dc:ec:95:9d:41:c0:d0:6d:40:52:
c9:e9:ed:8a:ad:5c:ce:90:6d:8e:ef:cd:9e:b8:90:69:2b:3c:
93:94:ac:06:4a:19:e0:47:af:30:4e:bf:ef:83:3c:f3:41:c9:
3c:a6:d6:d6:0f:81:a2:dc:ff:5f:d5:70:bd:31:21:b2:7c:84:
9f:39:24:cd:63:d7:d5:77:64:13:22:13:50:97:38:d1:b2:1b:
9a:3b:54:08:b4:ce:b6:cd:1c:4b:be:87:06:a0:8a:12:02:54:
5f:3c:ff:b7:da:1c:5e:e8:4f:2d:e6:ba:11:68:9f:ac:28:fa:
f7:2e:df:62:bd:74:7a:0a:a5:6a:b3:e4:f2:c4:75:9a:94:fb:
bc:19:c0:98:02:de:53:b6:d1:23:7f:b9:34:56:81:9a:08:cc:
0f:65:e4:31:33:e5:4e:59:1a:f0:bd:62:86:88:14:d2:f5:1d:
4f:15:03:57
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAWWDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE2MTIxOTQ5WhcNMjUwNzIyMTIxOTQ5WjAYMRYw
FAYDVQQDEw02ODc3OThlYS0yZTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3BdA4JgBknxdmxmP1aPSMnQuLATtwnVhZY9Xr7Rrs1NaigXnPVhfiiJ5
q5zqVHVIRLttiOyNjYsT4/bLlN+bVZAk7b0Rw1yBl2d3CNcdl5cgLvFVON1IppGN
mUh74IhEBEtS6dmKiawXK045RLDCZ13YH2RhFDIAPtvxmR3etWuIAf9KopvF2OUr
CgYtQPsfBrJ19wX5b1JBvI0Pwfd70idrAPhMqxUMRPEtLUyfLcGftNPuJBJsNros
ySM1lkjN5lCJuLIu/cADTSZmYWhDDu9u4e+dxTN1Op8etbAlxvLatqLxIRURl4Sk
EfT6NgHiaKIcs2LSept/Lq7JSwunvwIDAQABo4ICtDCCArAwHQYDVR0OBBYEFI+C
jvXm5/7/l6cTFHm5oSbbLKsVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yREMwMkZGNDYyM0YxMUYwOTc1QzIyQkVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLcQgAwQCLcQoAwQDLcQwAwQC
LcQ8MA0GCSqGSIb3DQEBCwUAA4IBAQA6IBTWHD0odY1Mf343GLSoDVRSDH94s7+O
Ca8CMudt5mld1oR2RIJcmW59vLshoVuLIkN65YlD30cgi5AVKWLWilc/bT+h8Gt5
N1tlT8G3xtzslZ1BwNBtQFLJ6e2KrVzOkG2O782euJBpKzyTlKwGShngR68wTr/v
gzzzQck8ptbWD4Gi3P9f1XC9MSGyfISfOSTNY9fVd2QTIhNQlzjRshuaO1QItM62
zRxLvocGoIoSAlRfPP+32hxe6E8t5roRaJ+sKPr3Lt9ivXR6CqVqs+TyxHWalPu8
GcCYAt5TttEjf7k0VoGaCMwPZeQxM+VOWRrwvWKGiBTS9R1PFQNX
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:29:25 2025 by rpki-client