Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69EBD3225CBB11F09A22AC86DAE4EC9C.roa
File: 69EBD3225CBB11F09A22AC86DAE4EC9C.roa (raw, json)
Hash identifier: soQs12RlAmFoBJLHqLPkdDiIV1GWHcEGsmpKwpHgCFM=
Subject key identifier: B3:BB:AA:F8:42:17:8A:F6:D0:F8:95:00:B9:E1:1E:5D:07:96:D9:97
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0163C2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69EBD3225CBB11F09A22AC86DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 11:54:06 +0000
ROA not before: Wed 09 Jul 2025 11:54:01 +0000
ROA not after: Thu 14 Aug 2025 11:54:01 +0000
asID: 271916
IP address blocks: 45.194.48.0/22 maxlen: 24
45.207.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91074 (0x163c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 9 11:54:01 2025 GMT
Not After : Aug 14 11:54:01 2025 GMT
Subject: CN=686e585e-ae10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:42:63:16:8e:7f:38:49:a8:1b:7a:7d:7b:ee:
88:dc:df:34:fd:fd:59:65:e4:62:fe:63:e4:5a:72:
dd:fb:e9:51:da:3b:9a:bb:cc:40:10:bf:8a:06:32:
75:ab:16:4b:00:3e:17:83:d8:6a:36:5d:8b:74:6c:
0a:b4:e1:55:fb:a8:c8:1a:7f:f7:ca:fa:1c:d7:ce:
0c:be:3a:3d:b5:21:e5:e3:2f:66:c4:56:97:e1:a5:
41:1b:02:14:73:5b:31:eb:2b:87:1e:c9:24:b3:bd:
77:c4:df:d2:ec:b7:a0:38:6b:d7:8b:d9:d2:89:2b:
64:87:37:69:bd:7c:85:ef:f0:2f:a8:c9:15:4e:f1:
10:e1:19:cc:17:ad:cb:eb:95:c5:a2:27:28:99:e0:
bf:d5:03:48:fc:96:f1:28:3a:66:c5:b0:a2:5a:b5:
01:47:e4:67:94:dc:f8:d6:5f:d8:76:17:ca:ac:09:
14:09:31:30:e5:e6:77:7a:44:14:74:a8:d1:1c:e2:
61:cc:91:90:d4:e4:e3:1c:62:91:2a:3e:c3:05:02:
53:4a:b2:3b:b7:52:90:22:63:6c:3a:7c:36:82:d5:
10:d3:c5:ec:61:c8:bd:24:75:91:4c:00:79:18:9d:
17:16:50:43:41:d6:3a:cd:33:e1:62:fb:fd:fe:80:
73:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BB:AA:F8:42:17:8A:F6:D0:F8:95:00:B9:E1:1E:5D:07:96:D9:97
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69EBD3225CBB11F09A22AC86DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.48.0/22
45.207.16.0/22
Signature Algorithm: sha256WithRSAEncryption
59:d5:63:74:94:9f:75:32:a2:7e:35:d9:86:44:56:10:46:0c:
bb:20:7e:de:b9:9a:dc:e0:c6:31:57:b8:f6:3f:d0:68:c3:ce:
1b:ed:47:cb:eb:5f:cf:f6:3d:6d:ee:a0:06:56:7a:00:e7:ec:
37:86:7f:7a:19:95:c0:af:f7:9f:29:94:5f:a6:26:0f:8f:c4:
47:b5:cb:e0:c8:1e:6d:c0:51:9b:01:87:87:49:77:e0:1f:72:
02:60:5c:27:21:71:f7:5b:ce:14:39:fb:93:0a:93:74:d0:9d:
30:48:15:dd:32:ef:ba:eb:4a:fc:ee:bd:3b:1e:70:99:ec:89:
c5:bd:94:fd:12:6b:72:fb:65:44:c2:1d:10:ea:d8:92:15:d0:
4c:a3:d8:f6:15:f1:88:41:7b:84:69:37:bd:16:bd:a2:69:34:
31:13:d8:d0:a1:b7:ae:12:aa:36:9e:b8:21:ea:dd:5e:4a:72:
e1:24:3e:34:82:24:7c:36:d1:88:90:d5:af:cc:19:1e:fa:8b:
b1:c3:84:c5:be:a6:2a:c8:0d:82:97:ea:86:d6:17:d2:24:7b:
8b:30:b6:9e:19:d5:44:30:5a:d7:bc:e6:f2:5d:25:a8:0d:c3:
a9:48:1e:e0:7e:a4:dc:0e:f6:c1:de:c8:d5:e0:be:37:50:b5:
f4:78:60:1f
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWPCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA5MTE1NDAxWhcNMjUwODE0MTE1NDAxWjAYMRYw
FAYDVQQDEw02ODZlNTg1ZS1hZTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtUJjFo5/OEmoG3p9e+6I3N80/f1ZZeRi/mPkWnLd++lR2juau8xAEL+K
BjJ1qxZLAD4Xg9hqNl2LdGwKtOFV+6jIGn/3yvoc184Mvjo9tSHl4y9mxFaX4aVB
GwIUc1sx6yuHHskks713xN/S7LegOGvXi9nSiStkhzdpvXyF7/AvqMkVTvEQ4RnM
F63L65XFoicomeC/1QNI/JbxKDpmxbCiWrUBR+RnlNz41l/YdhfKrAkUCTEw5eZ3
ekQUdKjRHOJhzJGQ1OTjHGKRKj7DBQJTSrI7t1KQImNsOnw2gtUQ08XsYci9JHWR
TAB5GJ0XFlBDQdY6zTPhYvv9/oBziwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLO7
qvhCF4r20PiVALnhHl0HltmXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OUVCRDMyMjVDQkIxMUYwOUEyMkFDODZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLcIwAwQCLc8QMA0GCSqGSIb3
DQEBCwUAA4IBAQBZ1WN0lJ91MqJ+NdmGRFYQRgy7IH7euZrc4MYxV7j2P9Bow84b
7UfL61/P9j1t7qAGVnoA5+w3hn96GZXAr/efKZRfpiYPj8RHtcvgyB5twFGbAYeH
SXfgH3ICYFwnIXH3W84UOfuTCpN00J0wSBXdMu+660r87r07HnCZ7InFvZT9Emty
+2VEwh0Q6tiSFdBMo9j2FfGIQXuEaTe9Fr2iaTQxE9jQobeuEqo2nrgh6t1eSnLh
JD40giR8NtGIkNWvzBke+ouxw4TFvqYqyA2Cl+qG1hfSJHuLMLaeGdVEMFrXvOby
XSWoDcOpSB7gfqTcDvbB3sjV4L43ULX0eGAf
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:33:02 2025 by rpki-client