Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F9D92485CD711F0863940B5DAE4EC9C.roa
File: 2F9D92485CD711F0863940B5DAE4EC9C.roa (raw, json)
Hash identifier: xRr+AGhKPfbAdmZBx9qBGIz9phPrEWgYPk5+AwDPQHQ=
Subject key identifier: FD:58:60:40:93:E5:A8:96:16:67:59:15:11:D7:73:45:FE:9D:01:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016408
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F9D92485CD711F0863940B5DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 15:12:54 +0000
ROA not before: Wed 09 Jul 2025 15:12:49 +0000
ROA not after: Tue 12 Aug 2025 15:12:49 +0000
asID: 27951
IP address blocks: 45.195.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91144 (0x16408)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 9 15:12:49 2025 GMT
Not After : Aug 12 15:12:49 2025 GMT
Subject: CN=686e86f6-6d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5e:03:41:e9:5b:cf:41:91:15:f2:bd:51:dd:
75:b7:c1:b7:c0:27:01:cd:bb:87:5d:75:6c:b9:98:
69:71:9c:6d:9e:90:dc:0b:a6:6e:d2:63:4c:70:ef:
3a:21:d5:60:d9:ec:17:6f:29:ca:93:a7:05:ef:15:
18:0f:dd:43:90:98:75:88:93:e9:8f:93:1b:01:74:
03:9d:0f:68:ae:ef:5e:e7:d9:4b:51:90:08:66:b6:
5b:3a:ef:b7:05:23:3a:14:72:f8:05:10:18:36:2f:
a4:ca:e8:33:67:b9:74:9a:1d:54:16:ca:cc:15:38:
c2:80:ae:98:74:38:42:b9:22:98:f0:84:e5:4d:4f:
e6:7d:e3:2d:74:d9:7d:84:76:99:1d:32:65:30:7b:
5b:d3:20:69:ba:7c:7f:95:8c:13:92:aa:b7:42:15:
d3:6d:78:4b:5b:f1:8a:fb:2b:1c:d3:9f:ad:ef:db:
e8:c0:01:85:09:0d:3b:55:5e:03:e7:8c:7f:3d:66:
16:35:e5:25:27:83:32:98:f1:7c:9e:f3:57:81:1a:
80:3f:f2:86:78:d9:89:47:0a:60:bb:2c:70:d0:65:
cf:df:96:29:02:ad:1a:c3:e3:4a:f8:6d:e1:92:a8:
51:d4:3f:f7:66:a1:c3:af:e8:a7:df:8e:34:e0:ce:
85:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:58:60:40:93:E5:A8:96:16:67:59:15:11:D7:73:45:FE:9D:01:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F9D92485CD711F0863940B5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.68.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:d9:fc:71:86:08:6e:4e:f7:bd:ae:cd:57:a6:f7:d4:9c:49:
05:cf:17:b8:6b:3d:57:72:72:da:51:77:c7:7d:6f:d0:eb:8b:
bf:ca:d2:8a:f1:34:2b:70:cd:c9:5b:24:d2:91:53:98:c1:e8:
94:b8:42:c3:35:d8:9c:14:79:75:87:60:46:f5:3c:50:52:4b:
49:23:98:9e:1a:e9:6c:96:c7:b9:b0:c0:24:43:e3:53:28:49:
ad:29:77:05:b5:0d:d1:cf:95:7c:bf:a8:d9:a9:6d:09:f5:61:
01:02:83:01:68:29:62:42:2c:cb:83:b7:b2:d6:48:eb:4f:41:
a1:c1:3b:d8:e0:99:ac:47:46:29:4d:88:6b:eb:aa:38:10:7f:
a6:ad:e7:e5:ff:13:14:47:6f:18:fd:c4:95:24:30:33:05:5e:
d1:ac:f7:6b:c6:0e:62:62:d0:7c:a8:ea:3f:02:be:42:1c:3c:
c9:a8:a4:d6:43:11:82:9d:6b:33:5c:12:87:d4:b4:d0:69:13:
08:08:40:43:45:75:17:31:17:6b:9c:9c:94:08:c7:84:1f:48:
19:f1:3c:87:f0:54:6a:b0:da:9a:58:42:91:00:27:4f:bb:79:
75:2c:49:17:03:76:9e:7e:49:83:0d:98:b3:ec:f9:a1:04:27:
c6:d4:8d:cf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWQIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA5MTUxMjQ5WhcNMjUwODEyMTUxMjQ5WjAYMRYw
FAYDVQQDEw02ODZlODZmNi02ZDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq14DQelbz0GRFfK9Ud11t8G3wCcBzbuHXXVsuZhpcZxtnpDcC6Zu0mNM
cO86IdVg2ewXbynKk6cF7xUYD91DkJh1iJPpj5MbAXQDnQ9oru9e59lLUZAIZrZb
Ou+3BSM6FHL4BRAYNi+kyugzZ7l0mh1UFsrMFTjCgK6YdDhCuSKY8ITlTU/mfeMt
dNl9hHaZHTJlMHtb0yBpunx/lYwTkqq3QhXTbXhLW/GK+ysc05+t79vowAGFCQ07
VV4D54x/PWYWNeUlJ4MymPF8nvNXgRqAP/KGeNmJRwpguyxw0GXP35YpAq0aw+NK
+G3hkqhR1D/3ZqHDr+in34404M6FuQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP1Y
YECT5aiWFmdZFRHXc0X+nQE4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRjlEOTI0ODVDRDcxMUYwODYzOTQwQjVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcNEMA0GCSqGSIb3DQEBCwUA
A4IBAQAe2fxxhghuTve9rs1XpvfUnEkFzxe4az1XcnLaUXfHfW/Q64u/ytKK8TQr
cM3JWyTSkVOYweiUuELDNdicFHl1h2BG9TxQUktJI5ieGulslse5sMAkQ+NTKEmt
KXcFtQ3Rz5V8v6jZqW0J9WEBAoMBaCliQizLg7ey1kjrT0GhwTvY4JmsR0YpTYhr
66o4EH+mrefl/xMUR28Y/cSVJDAzBV7RrPdrxg5iYtB8qOo/Ar5CHDzJqKTWQxGC
nWszXBKH1LTQaRMICEBDRXUXMRdrnJyUCMeEH0gZ8TyH8FRqsNqaWEKRACdPu3l1
LEkXA3aefkmDDZiz7PmhBCfG1I3P
-----END CERTIFICATE-----
Generated at Sun Jul 20 17:26:34 2025 by rpki-client