Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F9E8510624011F0BA5C1CC5DAE4EC9C.roa
File: 5F9E8510624011F0BA5C1CC5DAE4EC9C.roa (raw, json)
Hash identifier: Q0u+pTlNkmMDlj039nbYyTNmPLe2zwXSD3wOUpXgQ3g=
Subject key identifier: 43:B5:4F:C8:1D:CE:FC:1A:C8:12:0E:21:A3:11:B4:43:61:8A:DD:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016587
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F9E8510624011F0BA5C1CC5DAE4EC9C.roa
Signing time: Wed 16 Jul 2025 12:28:27 +0000
ROA not before: Wed 16 Jul 2025 12:28:23 +0000
ROA not after: Tue 22 Jul 2025 12:28:23 +0000
asID: 5650
IP address blocks: 45.196.36.0/22 maxlen: 24
45.196.44.0/22 maxlen: 24
45.196.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91527 (0x16587)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 16 12:28:23 2025 GMT
Not After : Jul 22 12:28:23 2025 GMT
Subject: CN=68779aeb-03e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5a:ca:d7:8c:90:c7:a8:f1:29:89:6f:22:20:
af:3d:0f:d2:94:f8:88:0c:29:65:70:65:10:fd:68:
4f:7a:75:c0:c4:55:b9:6a:4b:23:4c:8b:03:70:05:
03:b1:92:c5:a9:c5:01:ff:5e:1a:40:2e:8d:2f:01:
0f:52:ae:2b:35:e3:95:b8:a5:58:6c:1f:6b:53:e8:
8c:b5:a9:f0:96:47:3c:0b:52:6c:96:0f:dd:05:95:
46:70:30:15:fe:3a:37:f5:e3:4b:68:61:24:f3:d8:
94:d3:4b:49:1d:06:21:fd:8a:ac:53:f3:dd:1d:d5:
ae:f3:99:0d:09:bd:69:e4:b3:d2:05:0b:d6:bc:5e:
86:e5:6b:42:e2:f8:50:11:d8:0a:96:dd:4c:0c:25:
1e:f2:f5:14:c1:93:4f:f9:c0:d2:f9:2a:be:81:80:
4c:4e:01:72:d8:a7:d9:b7:a9:25:ed:ae:88:4c:03:
73:87:6d:99:4c:24:1a:29:fe:26:5f:1c:06:24:08:
8c:37:10:f3:dc:08:00:60:4b:16:08:75:7e:a8:59:
a5:a3:4e:fc:6b:f3:f8:66:20:15:b4:46:2a:5e:fe:
f2:b6:47:be:6b:19:6c:06:32:d3:9b:94:3b:64:13:
18:e5:e2:bf:1a:fa:02:6c:c7:28:98:88:06:5e:76:
be:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B5:4F:C8:1D:CE:FC:1A:C8:12:0E:21:A3:11:B4:43:61:8A:DD:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F9E8510624011F0BA5C1CC5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.36.0/22
45.196.44.0/22
45.196.56.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:16:10:29:b7:5d:ed:c8:fa:66:95:f4:10:94:ec:db:43:82:
89:14:f4:09:8b:4e:b1:57:f8:7b:cd:fe:00:4f:45:55:33:cf:
1b:23:eb:ea:4f:82:17:01:51:d5:04:69:7b:1e:ca:c8:7a:40:
28:32:3f:c9:07:48:df:f5:4e:2e:5c:d3:fa:82:9e:3f:a1:79:
75:c5:b7:20:be:e3:34:55:2e:ed:06:bc:9b:5b:99:e9:f9:bf:
04:3d:84:4c:49:a9:c2:c5:ce:fe:72:ca:06:fe:a9:9c:9b:58:
94:ea:f8:23:1e:60:8c:b7:43:e7:1b:a8:37:e6:4f:df:8f:f5:
76:4e:b5:e3:7e:0b:a4:14:8a:e4:e9:32:8b:95:1e:d5:d3:59:
f1:90:c0:a2:5e:3c:36:69:0d:e3:d5:8a:5a:0f:32:72:9b:61:
c6:bc:4d:eb:0a:89:59:90:95:5a:7a:bb:2e:e9:6a:2f:dc:0c:
c0:07:0e:09:bd:bc:79:de:65:ce:ca:fa:12:e2:f3:76:cc:c7:
d2:88:42:7c:bd:c4:5d:a4:0b:bb:24:e9:f9:ac:1d:5e:51:84:
16:a4:63:6b:27:a3:2b:a6:ab:cf:6e:78:bb:a1:a4:9b:73:67:
9e:22:97:67:31:94:0b:dd:11:20:ab:a4:d2:02:d3:0b:5d:10:
df:31:c2:dd
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAWWHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE2MTIyODIzWhcNMjUwNzIyMTIyODIzWjAYMRYw
FAYDVQQDEw02ODc3OWFlYi0wM2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6FrK14yQx6jxKYlvIiCvPQ/SlPiIDCllcGUQ/WhPenXAxFW5aksjTIsD
cAUDsZLFqcUB/14aQC6NLwEPUq4rNeOVuKVYbB9rU+iMtanwlkc8C1Jslg/dBZVG
cDAV/jo39eNLaGEk89iU00tJHQYh/YqsU/PdHdWu85kNCb1p5LPSBQvWvF6G5WtC
4vhQEdgKlt1MDCUe8vUUwZNP+cDS+Sq+gYBMTgFy2KfZt6kl7a6ITANzh22ZTCQa
Kf4mXxwGJAiMNxDz3AgAYEsWCHV+qFmlo078a/P4ZiAVtEYqXv7ytke+axlsBjLT
m5Q7ZBMY5eK/GvoCbMcomIgGXna+8wIDAQABo4ICrjCCAqowHQYDVR0OBBYEFEO1
T8gdzvwayBIOIaMRtENhit2yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RjlFODUxMDYyNDAxMUYwQkE1QzFDQzVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLcQkAwQCLcQsAwQCLcQ4MA0G
CSqGSIb3DQEBCwUAA4IBAQC6FhApt13tyPpmlfQQlOzbQ4KJFPQJi06xV/h7zf4A
T0VVM88bI+vqT4IXAVHVBGl7HsrIekAoMj/JB0jf9U4uXNP6gp4/oXl1xbcgvuM0
VS7tBrybW5np+b8EPYRMSanCxc7+csoG/qmcm1iU6vgjHmCMt0PnG6g35k/fj/V2
TrXjfgukFIrk6TKLlR7V01nxkMCiXjw2aQ3j1YpaDzJym2HGvE3rColZkJVaersu
6Wov3AzABw4Jvbx53mXOyvoS4vN2zMfSiEJ8vcRdpAu7JOn5rB1eUYQWpGNrJ6Mr
pqvPbni7oaSbc2eeIpdnMZQL3REgq6TSAtMLXRDfMcLd
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:48:20 2025 by rpki-client