Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E6E3F8C59E011F0B06CA7DFDAE4EC9C.roa
File: 4E6E3F8C59E011F0B06CA7DFDAE4EC9C.roa (raw, json)
Hash identifier: GzRpUaIirL5UDPrLoYIhwORJhpbNmJJK8SsDf8G4fNY=
Subject key identifier: 30:F7:C5:92:50:53:77:00:33:9F:40:BE:0C:11:64:92:14:4A:AD:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0161E3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E6E3F8C59E011F0B06CA7DFDAE4EC9C.roa
Signing time: Sat 05 Jul 2025 20:40:37 +0000
ROA not before: Sat 05 Jul 2025 20:40:32 +0000
ROA not after: Fri 17 Jul 2026 20:40:32 +0000
asID: 18013
IP address blocks: 45.204.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90595 (0x161e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 5 20:40:32 2025 GMT
Not After : Jul 17 20:40:32 2026 GMT
Subject: CN=68698dc5-3974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a8:31:db:52:d9:4c:6c:3c:15:16:e3:24:cb:
eb:79:3d:e7:31:f1:31:90:68:b6:26:d7:ae:9b:7a:
d8:83:9b:a7:2c:c6:20:62:6f:5c:13:ce:b7:a6:57:
7a:a7:ad:ea:1f:f7:4e:6c:f7:c5:cd:77:44:e8:a3:
28:b0:24:d7:8d:21:77:0a:41:26:18:11:8a:9d:5f:
db:31:08:2d:f9:d0:58:69:09:91:4e:cc:a4:e8:b0:
db:3e:59:31:a1:a6:67:51:03:bf:d6:0b:f6:d8:8d:
8b:75:64:63:32:b1:f8:29:f3:25:7e:90:11:1c:8d:
de:b5:3c:a2:62:ee:e0:2f:a7:f7:3d:50:b9:f8:c7:
e6:cc:3f:c0:42:c2:71:71:df:4e:b8:42:09:52:99:
52:9b:2a:ce:25:65:6c:68:c1:b4:40:46:6d:c8:27:
25:1a:5d:33:ee:62:7e:d8:b2:ae:a1:85:5f:8b:86:
a7:d5:e4:c4:c7:af:d1:4e:f2:4a:74:48:60:2f:b8:
ce:a9:03:04:e1:2f:54:11:a7:5f:24:50:87:70:67:
27:eb:9e:bd:c8:0f:ff:8c:e1:b4:62:92:7a:be:a1:
32:b2:c8:83:74:f2:bc:cf:d4:71:1a:03:6b:d0:a6:
73:6e:d4:21:6b:b9:fa:09:04:a8:f2:f2:26:6b:3d:
9f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F7:C5:92:50:53:77:00:33:9F:40:BE:0C:11:64:92:14:4A:AD:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E6E3F8C59E011F0B06CA7DFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.4.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:cd:5c:db:17:2f:cb:2f:38:f1:a6:6c:53:39:7d:a4:0a:04:
fb:53:b4:6a:75:f1:e3:19:9a:3c:d5:8f:53:0a:61:6c:93:d0:
01:bd:f9:ab:90:5b:52:29:5f:7d:1f:56:a8:9d:02:48:d6:b1:
cf:16:b1:9b:54:0f:a9:fc:82:67:02:cf:2a:a4:ce:74:bf:d2:
3f:d8:42:51:eb:3a:84:22:5b:47:24:ad:84:ee:cc:24:a7:33:
7d:09:23:f7:27:70:ea:4e:da:cf:18:5b:e5:e8:cd:11:ba:ed:
26:0e:ff:41:0b:f9:8b:39:2b:e4:6e:c9:28:d6:35:e6:5d:6d:
a2:28:de:06:3f:52:b8:24:b0:43:e7:7f:87:fe:37:58:67:e1:
80:5e:0c:12:5b:40:ce:04:f1:dd:e0:64:0b:60:48:40:07:00:
dc:e6:21:f4:0e:e2:9b:e3:3c:90:44:d1:12:97:8c:33:20:d6:
b9:b9:1c:6b:d8:f6:96:97:b8:2f:b1:a7:c7:98:5f:59:59:33:
a2:31:88:98:75:36:83:a0:a4:d3:82:40:a6:44:12:54:39:46:
6a:9e:fd:21:e3:28:10:53:8f:b8:10:3b:91:8a:0f:cf:38:7c:
3e:3c:95:ca:63:05:7d:b9:20:85:9e:bb:37:d4:d2:55:71:39:
9d:bd:01:88
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWHjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA1MjA0MDMyWhcNMjYwNzE3MjA0MDMyWjAYMRYw
FAYDVQQDEw02ODY5OGRjNS0zOTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA36gx21LZTGw8FRbjJMvreT3nMfExkGi2Jteum3rYg5unLMYgYm9cE863
pld6p63qH/dObPfFzXdE6KMosCTXjSF3CkEmGBGKnV/bMQgt+dBYaQmRTsyk6LDb
PlkxoaZnUQO/1gv22I2LdWRjMrH4KfMlfpARHI3etTyiYu7gL6f3PVC5+MfmzD/A
QsJxcd9OuEIJUplSmyrOJWVsaMG0QEZtyCclGl0z7mJ+2LKuoYVfi4an1eTEx6/R
TvJKdEhgL7jOqQME4S9UEadfJFCHcGcn6569yA//jOG0YpJ6vqEyssiDdPK8z9Rx
GgNr0KZzbtQha7n6CQSo8vImaz2fxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDD3
xZJQU3cAM59AvgwRZJIUSq1yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RTZFM0Y4QzU5RTAxMUYwQjA2Q0E3REZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcwEMA0GCSqGSIb3DQEBCwUA
A4IBAQCPzVzbFy/LLzjxpmxTOX2kCgT7U7RqdfHjGZo81Y9TCmFsk9ABvfmrkFtS
KV99H1aonQJI1rHPFrGbVA+p/IJnAs8qpM50v9I/2EJR6zqEIltHJK2E7swkpzN9
CSP3J3DqTtrPGFvl6M0Ruu0mDv9BC/mLOSvkbsko1jXmXW2iKN4GP1K4JLBD53+H
/jdYZ+GAXgwSW0DOBPHd4GQLYEhABwDc5iH0DuKb4zyQRNESl4wzINa5uRxr2PaW
l7gvsafHmF9ZWTOiMYiYdTaDoKTTgkCmRBJUOUZqnv0h4ygQU4+4EDuRig/POHw+
PJXKYwV9uSCFnrs31NJVcTmdvQGI
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:31:02 2025 by rpki-client