Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/796344985B8A11F0BE344EB5DAE4EC9C.roa
File: 796344985B8A11F0BE344EB5DAE4EC9C.roa (raw, json)
Hash identifier: 1FXmo3VH6JxZUbTP0iv/5hCXzkVhKeEecmyo3bC5F5Y=
Subject key identifier: 1F:60:C0:51:BF:CC:F3:1F:AF:06:4D:C3:00:88:BC:6F:A3:E9:0F:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01635C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/796344985B8A11F0BE344EB5DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 23:31:15 +0000
ROA not before: Mon 07 Jul 2025 23:31:10 +0000
ROA not after: Fri 17 Jul 2026 23:31:10 +0000
asID: 400619
IP address blocks: 45.204.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90972 (0x1635c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 7 23:31:10 2025 GMT
Not After : Jul 17 23:31:10 2026 GMT
Subject: CN=686c58c3-fd42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4b:fc:40:11:bf:93:c5:ad:d7:af:21:35:4b:
22:9f:1b:17:b1:23:85:fa:f4:80:28:fa:a2:cf:c6:
c7:ba:12:72:02:cc:0b:ba:c7:98:9e:b5:63:81:02:
dc:da:ef:23:ee:2c:eb:de:00:0c:e9:62:3e:69:53:
12:7a:39:f8:2f:c6:b2:f2:e5:5c:f6:97:6d:33:02:
c4:59:8e:dd:ed:58:b3:c4:be:e8:58:99:18:9e:8f:
5e:ce:28:74:99:fc:3a:d5:a4:0c:fd:d0:47:cb:4b:
fb:60:13:5c:c8:9a:d7:08:69:2d:00:89:9d:36:c9:
15:f2:65:76:05:a7:32:3e:3f:6c:88:29:ab:14:fd:
32:50:cc:5d:5d:d5:c7:2a:5b:67:11:e5:b8:b6:22:
6a:7d:65:ae:a3:38:b6:df:9c:bc:0e:2f:fd:3e:c8:
cc:c2:29:35:63:2a:27:c4:58:7f:58:f6:75:e5:d7:
b6:be:44:e1:78:04:c1:ff:4c:42:c6:d3:ca:67:f6:
bf:cd:2a:58:1b:a5:31:57:29:b6:3e:62:10:50:c4:
ed:f1:b9:05:7a:a5:a2:0b:41:05:a7:10:81:2e:d2:
79:15:28:55:b6:29:02:10:7a:65:64:61:c4:23:61:
66:8c:3b:d6:d0:04:1f:1d:06:90:f1:59:43:38:b4:
01:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:60:C0:51:BF:CC:F3:1F:AF:06:4D:C3:00:88:BC:6F:A3:E9:0F:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/796344985B8A11F0BE344EB5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.4.0/22
Signature Algorithm: sha256WithRSAEncryption
66:ea:09:81:ed:c2:b7:ce:91:5c:e2:4b:df:3d:52:70:b8:81:
25:e9:a6:ba:cb:c7:ae:1b:b3:34:9f:58:ab:3f:e6:26:41:f9:
d1:6c:98:06:59:24:dd:d4:07:14:ee:40:5d:c6:9b:05:f7:91:
19:96:24:34:e3:79:63:6e:22:10:4a:4d:62:f8:86:aa:16:e7:
e9:b8:34:43:2d:f0:0a:40:0a:7c:bc:97:13:cc:d2:33:4d:49:
96:27:3e:0f:87:99:d6:86:80:9a:ab:b5:bb:66:4c:c9:47:f0:
79:94:0b:1a:79:48:70:5b:05:c1:f6:79:2c:88:c4:03:b3:26:
73:8f:bb:d8:0e:d0:ab:08:94:16:c2:21:5e:f5:dd:b0:dc:59:
20:cc:7b:14:33:5a:d6:aa:8f:cb:3b:23:14:e3:34:84:8a:84:
1e:d9:76:be:30:c1:e0:64:98:d2:53:e5:01:34:79:71:6c:06:
d8:b2:f9:95:12:54:b9:d4:de:f4:49:74:65:a2:a7:b8:d0:05:
71:1a:c9:81:88:a9:53:f4:5d:a7:d3:1a:16:ba:9c:4a:de:9a:
90:ec:5e:2d:4d:56:ba:fb:5a:92:4b:04:9b:79:f3:1d:02:e9:
40:41:9f:f0:55:51:07:ec:b9:c4:03:e4:c9:fc:28:9c:19:a1:
39:7f:44:b3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWNcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA3MjMzMTEwWhcNMjYwNzE3MjMzMTEwWjAYMRYw
FAYDVQQDEw02ODZjNThjMy1mZDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo0v8QBG/k8Wt168hNUsinxsXsSOF+vSAKPqiz8bHuhJyAswLuseYnrVj
gQLc2u8j7izr3gAM6WI+aVMSejn4L8ay8uVc9pdtMwLEWY7d7VizxL7oWJkYno9e
zih0mfw61aQM/dBHy0v7YBNcyJrXCGktAImdNskV8mV2BacyPj9siCmrFP0yUMxd
XdXHKltnEeW4tiJqfWWuozi235y8Di/9PsjMwik1YyonxFh/WPZ15de2vkTheATB
/0xCxtPKZ/a/zSpYG6UxVym2PmIQUMTt8bkFeqWiC0EFpxCBLtJ5FShVtikCEHpl
ZGHEI2FmjDvW0AQfHQaQ8VlDOLQBEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB9g
wFG/zPMfrwZNwwCIvG+j6Q9yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OTYzNDQ5ODVCOEExMUYwQkUzNDRFQjVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcwEMA0GCSqGSIb3DQEBCwUA
A4IBAQBm6gmB7cK3zpFc4kvfPVJwuIEl6aa6y8euG7M0n1irP+YmQfnRbJgGWSTd
1AcU7kBdxpsF95EZliQ043ljbiIQSk1i+IaqFufpuDRDLfAKQAp8vJcTzNIzTUmW
Jz4Ph5nWhoCaq7W7ZkzJR/B5lAsaeUhwWwXB9nksiMQDsyZzj7vYDtCrCJQWwiFe
9d2w3FkgzHsUM1rWqo/LOyMU4zSEioQe2Xa+MMHgZJjSU+UBNHlxbAbYsvmVElS5
1N70SXRloqe40AVxGsmBiKlT9F2n0xoWupxK3pqQ7F4tTVa6+1qSSwSbefMdAulA
QZ/wVVEH7LnEA+TJ/CicGaE5f0Sz
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:32:02 2025 by rpki-client