Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7C4DA70A580811F082C993E5DAE4EC9C.roa
File: 7C4DA70A580811F082C993E5DAE4EC9C.roa (raw, json)
Hash identifier: wmOzIotiKy5PxNGt+EuvFcWZNmGEYZlieFkTGw3T9bY=
Subject key identifier: FC:16:02:20:BB:4C:54:C4:17:34:7E:D3:CC:E4:E4:B7:BE:43:1D:5F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016075
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7C4DA70A580811F082C993E5DAE4EC9C.roa
Signing time: Thu 03 Jul 2025 12:23:12 +0000
ROA not before: Thu 03 Jul 2025 12:23:05 +0000
ROA not after: Fri 08 Aug 2025 12:23:05 +0000
asID: 20326
IP address blocks: 45.207.0.0/23 maxlen: 24
45.207.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90229 (0x16075)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 3 12:23:05 2025 GMT
Not After : Aug 8 12:23:05 2025 GMT
Subject: CN=68667630-e0f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0d:4b:e7:75:82:30:c7:b4:ad:dc:2c:10:89:
ef:32:2c:ef:14:ed:f1:fd:2e:6e:aa:9f:85:21:9d:
a6:cd:ac:0b:45:f6:7f:c0:92:9d:a9:46:5a:59:a7:
fc:87:de:b2:dd:79:01:a7:ca:9c:64:8d:98:6b:fa:
88:c4:58:20:57:c8:24:17:f6:e8:27:a7:94:3c:6f:
4a:94:ee:94:2a:de:5b:ba:d9:15:32:de:5c:9a:b4:
0e:d3:b1:f7:a1:17:97:27:bd:fd:4d:7d:2b:b1:6a:
90:64:95:8e:94:04:79:ff:85:60:60:13:26:41:fc:
9e:07:3c:5f:61:ca:e3:a2:f5:94:e6:d7:e3:f1:31:
db:d5:ef:1e:05:3a:11:41:e6:bd:87:b9:57:ff:98:
16:47:4d:0d:ff:50:cb:04:60:d2:d6:8f:f7:4c:58:
4f:35:02:45:21:bf:81:25:07:ea:ff:38:68:ef:ad:
5c:27:6d:47:15:b5:2d:f5:f0:24:98:4f:ca:33:1d:
ce:7d:58:0e:30:d7:a6:41:04:39:14:7d:b4:d9:43:
f3:cd:7f:98:86:e0:7e:db:ab:0d:40:e2:47:8e:c7:
2c:48:89:e6:58:88:96:ea:87:87:93:6b:4f:a8:03:
2d:e4:fd:fa:33:79:c6:6d:a6:36:fb:8e:9a:c6:26:
7c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:16:02:20:BB:4C:54:C4:17:34:7E:D3:CC:E4:E4:B7:BE:43:1D:5F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7C4DA70A580811F082C993E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.0.0/23
45.207.24.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:d6:2e:2f:6b:33:bc:28:7b:67:25:ed:38:67:62:ff:cf:db:
15:19:05:9b:92:9d:4d:f7:26:c0:b8:b3:2e:12:c4:5c:b0:e8:
35:0a:06:09:a7:15:9e:bd:f9:43:f7:85:49:cb:af:2f:e6:8b:
2e:2d:2b:bb:9b:f2:bd:29:04:18:4a:b6:92:a2:cf:f0:b2:e3:
59:b6:3c:61:ad:c1:f3:77:33:a4:dc:a7:84:33:4b:92:a4:d7:
7e:13:ff:73:17:68:93:70:2e:6a:d9:d5:d0:86:55:04:d7:b3:
3a:95:35:1e:9f:5e:1e:6c:be:91:fc:b1:06:7f:57:62:1e:3d:
74:ac:72:1e:0a:0e:d9:4b:3e:9d:d9:8e:1f:6f:62:66:84:ab:
aa:44:27:3b:56:d7:ef:f0:0f:17:26:79:65:d3:0b:37:50:ac:
5d:29:4b:78:12:7d:a5:dc:02:f4:87:db:2b:c8:b9:5b:a5:9b:
20:85:da:7f:51:84:39:36:0c:6f:12:58:c6:6a:cc:48:ae:46:
68:65:be:d2:a0:ac:a4:ef:2f:ab:f9:2e:cb:2d:c8:c8:1d:b6:
c4:06:0c:3a:f4:10:90:ca:40:5a:e1:4e:22:dd:a5:e7:a6:b7:
fe:9b:c6:55:bf:c0:b5:52:2e:1d:b3:5b:27:f2:29:8d:2f:cf:
6b:ec:87:7f
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWB1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAzMTIyMzA1WhcNMjUwODA4MTIyMzA1WjAYMRYw
FAYDVQQDEw02ODY2NzYzMC1lMGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5g1L53WCMMe0rdwsEInvMizvFO3x/S5uqp+FIZ2mzawLRfZ/wJKdqUZa
Waf8h96y3XkBp8qcZI2Ya/qIxFggV8gkF/boJ6eUPG9KlO6UKt5butkVMt5cmrQO
07H3oReXJ739TX0rsWqQZJWOlAR5/4VgYBMmQfyeBzxfYcrjovWU5tfj8THb1e8e
BToRQea9h7lX/5gWR00N/1DLBGDS1o/3TFhPNQJFIb+BJQfq/zho761cJ21HFbUt
9fAkmE/KMx3OfVgOMNemQQQ5FH202UPzzX+YhuB+26sNQOJHjscsSInmWIiW6oeH
k2tPqAMt5P36M3nGbaY2+46axiZ8HwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPwW
AiC7TFTEFzR+08zk5Le+Qx1fMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QzREQTcwQTU4MDgxMUYwODJDOTkzRTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLc8AAwQALc8YMA0GCSqGSIb3
DQEBCwUAA4IBAQCO1i4vazO8KHtnJe04Z2L/z9sVGQWbkp1N9ybAuLMuEsRcsOg1
CgYJpxWevflD94VJy68v5osuLSu7m/K9KQQYSraSos/wsuNZtjxhrcHzdzOk3KeE
M0uSpNd+E/9zF2iTcC5q2dXQhlUE17M6lTUen14ebL6R/LEGf1diHj10rHIeCg7Z
Sz6d2Y4fb2JmhKuqRCc7Vtfv8A8XJnll0ws3UKxdKUt4En2l3AL0h9sryLlbpZsg
hdp/UYQ5NgxvEljGasxIrkZoZb7SoKyk7y+r+S7LLcjIHbbEBgw69BCQykBa4U4i
3aXnprf+m8ZVv8C1Ui4ds1sn8imNL89r7Id/
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:55:03 2025 by rpki-client