Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/666291FC5CF011F0889E30D8DAE4EC9C.roa
File: 666291FC5CF011F0889E30D8DAE4EC9C.roa (raw, json)
Hash identifier: aoaJ49AdUSQHRBhfBPU+fTPMgYakr/wjXYMKDXYc7ks=
Subject key identifier: 94:24:21:41:28:03:2D:46:2C:99:A6:54:0A:BA:82:3C:D6:36:6B:9F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016430
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/666291FC5CF011F0889E30D8DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 18:13:23 +0000
ROA not before: Wed 09 Jul 2025 18:13:18 +0000
ROA not after: Sat 16 Aug 2025 18:13:18 +0000
asID: 202736
IP address blocks: 45.192.113.0/24 maxlen: 24
45.192.114.0/24 maxlen: 24
45.192.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91184 (0x16430)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 9 18:13:18 2025 GMT
Not After : Aug 16 18:13:18 2025 GMT
Subject: CN=686eb143-39d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:29:75:59:d4:02:d4:7c:f3:33:45:da:01:6d:
f3:58:28:3b:c7:9b:ac:fb:9f:52:f9:b0:12:71:cf:
9c:36:e7:8e:b6:0d:7d:54:9d:56:9f:a8:51:86:dd:
e1:d0:e8:e1:91:a2:9c:4d:7f:32:3e:97:54:62:d9:
55:17:38:ee:42:f3:55:10:df:8b:e3:3b:37:26:bf:
34:87:36:c5:67:8c:d4:3f:34:5e:44:5f:32:95:70:
0d:4e:04:70:11:8c:49:74:83:b4:f1:a9:dc:dc:90:
a3:d8:9a:42:b1:b8:62:25:ce:db:0a:92:cf:91:c3:
2b:e5:15:1a:b9:a7:c6:97:8a:4d:10:dd:5b:54:a9:
e8:43:7e:eb:54:b2:9a:6f:68:58:2b:67:03:10:4d:
1e:7b:a7:aa:28:ee:cb:2a:88:96:68:58:6b:e4:58:
bb:22:19:14:78:33:ed:52:6f:54:18:f7:bd:2d:eb:
02:f6:9f:c6:38:24:4e:6b:4e:ed:5a:17:a6:ea:f8:
8f:3e:94:57:3c:9c:05:72:b0:7c:3f:79:7e:0a:1d:
56:4b:b5:6c:41:36:01:43:83:ce:70:d5:9a:f2:dc:
41:c8:f4:c4:b2:d6:0a:1a:00:56:d0:42:f3:68:82:
84:3a:b4:dd:26:20:d0:d4:e7:ad:61:bd:f6:3d:58:
ee:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:24:21:41:28:03:2D:46:2C:99:A6:54:0A:BA:82:3C:D6:36:6B:9F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/666291FC5CF011F0889E30D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.113.0-45.192.114.255
45.192.116.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:3b:db:7f:ee:9c:c5:27:4d:10:f1:81:5c:2e:3a:75:26:dd:
e9:be:84:32:07:bc:a6:4e:a2:34:ea:77:6f:7e:75:72:37:c7:
ef:a2:24:7d:65:0e:66:39:ef:c9:1a:74:5e:fb:bd:28:40:d7:
81:48:23:b1:a1:ff:95:e9:cb:f9:2e:08:8f:12:e4:40:d0:94:
7a:c5:33:4c:df:b6:b0:ca:de:9e:69:72:f9:bd:cc:96:26:b8:
b8:3f:17:ad:ee:8c:01:36:f5:1d:d4:6d:a8:5d:5f:ae:a2:76:
fb:d8:17:76:3f:3c:89:4a:fb:1c:7d:6d:1b:72:62:7a:1c:7e:
3a:fa:b4:51:5e:52:84:dc:56:fd:43:b3:e2:c4:23:d1:8e:1a:
86:c9:44:2d:47:fa:b3:7a:a2:49:d6:1f:10:5c:80:a5:13:5c:
a0:2e:f6:35:68:63:04:9b:62:e0:55:3a:9b:a7:40:b9:01:bb:
5f:4e:f4:a1:85:37:c7:4c:8c:ea:4e:60:47:dd:b3:15:70:90:
e8:a4:3a:89:d7:6a:5d:ae:1d:e2:8b:7c:c2:f6:32:bc:24:50:
b9:6d:4f:3f:4a:8f:49:12:5f:28:eb:d6:ce:33:07:46:84:23:
97:d1:81:e2:36:f2:e9:d3:ca:ee:40:b7:17:50:c9:72:88:4e:
98:48:70:36
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAWQwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA5MTgxMzE4WhcNMjUwODE2MTgxMzE4WjAYMRYw
FAYDVQQDEw02ODZlYjE0My0zOWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAryl1WdQC1HzzM0XaAW3zWCg7x5us+59S+bAScc+cNueOtg19VJ1Wn6hR
ht3h0OjhkaKcTX8yPpdUYtlVFzjuQvNVEN+L4zs3Jr80hzbFZ4zUPzReRF8ylXAN
TgRwEYxJdIO08anc3JCj2JpCsbhiJc7bCpLPkcMr5RUauafGl4pNEN1bVKnoQ37r
VLKab2hYK2cDEE0ee6eqKO7LKoiWaFhr5Fi7IhkUeDPtUm9UGPe9LesC9p/GOCRO
a07tWhem6viPPpRXPJwFcrB8P3l+Ch1WS7VsQTYBQ4POcNWa8txByPTEstYKGgBW
0ELzaIKEOrTdJiDQ1OetYb32PVju8wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFJQk
IUEoAy1GLJmmVAq6gjzWNmufMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NjYyOTFGQzVDRjAxMUYwODg5RTMwRDhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtwHEDBAAtwHIDBAItwHQw
DQYJKoZIhvcNAQELBQADggEBAI8723/unMUnTRDxgVwuOnUm3em+hDIHvKZOojTq
d29+dXI3x++iJH1lDmY578kadF77vShA14FII7Gh/5Xpy/kuCI8S5EDQlHrFM0zf
trDK3p5pcvm9zJYmuLg/F63ujAE29R3UbahdX66idvvYF3Y/PIlK+xx9bRtyYnoc
fjr6tFFeUoTcVv1Ds+LEI9GOGobJRC1H+rN6oknWHxBcgKUTXKAu9jVoYwSbYuBV
OpunQLkBu19O9KGFN8dMjOpOYEfdsxVwkOikOonXal2uHeKLfML2MrwkULltTz9K
j0kSXyjr1s4zB0aEI5fRgeI28unTyu5AtxdQyXKITphIcDY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:32:49 2025 by rpki-client