Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE98468614A11F0AB998C8BDAE4EC9C.roa
File: 8BE98468614A11F0AB998C8BDAE4EC9C.roa (raw, json)
Hash identifier: QFnLBl3uMNzG5M0SMrs4G6kz+DEAcZ2K1bt4O2vIfD0=
Subject key identifier: 80:3A:1C:65:45:2B:A2:5F:20:54:4B:3F:A9:AA:14:A9:B0:F4:AD:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016535
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE98468614A11F0AB998C8BDAE4EC9C.roa
Signing time: Tue 15 Jul 2025 07:08:45 +0000
ROA not before: Tue 15 Jul 2025 07:08:40 +0000
ROA not after: Wed 27 May 2026 07:08:40 +0000
asID: 214143
IP address blocks: 45.203.60.0/24 maxlen: 24
45.203.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91445 (0x16535)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 15 07:08:40 2025 GMT
Not After : May 27 07:08:40 2026 GMT
Subject: CN=6875fe7d-d57f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9a:33:97:e8:44:14:bc:d7:a9:17:5e:32:03:
5a:d1:5d:a4:9b:5b:0e:4a:c1:02:79:7a:25:c3:f7:
5d:cc:56:29:b9:e5:58:59:e7:dc:f2:2f:e0:a0:cd:
9d:59:6e:ad:2a:aa:fa:55:61:18:c8:a2:2b:06:f7:
dc:bd:4d:43:21:30:d1:c8:db:48:47:27:df:7e:94:
1f:4d:2f:da:0a:e3:00:e7:7c:b9:78:ea:ca:68:75:
49:73:ec:93:c7:58:66:ba:a5:ee:7d:f0:3e:b7:94:
59:6d:bf:41:fa:e5:b9:59:e2:58:2a:c2:d4:1f:fb:
3d:e0:a6:6b:ac:9a:e0:d4:37:42:59:71:da:a0:b7:
6d:d8:ee:d5:5d:18:a0:16:d1:f4:ab:b2:fb:8a:bc:
c7:2a:69:ae:3c:e2:5f:72:a5:55:39:9d:63:b9:47:
d7:d4:27:40:da:e2:06:73:58:0a:b0:6e:4f:f9:9e:
c9:7a:a5:de:31:06:ec:f3:d9:04:05:40:59:24:c0:
66:47:ea:5f:7a:bb:94:a5:de:03:4e:24:fd:50:4c:
18:0a:b6:dd:41:dc:bd:57:5e:bd:eb:47:5e:0b:62:
36:40:a2:eb:0e:b1:fa:1a:8c:49:bc:6d:e8:e8:f5:
be:d9:ba:35:09:34:ea:78:1d:6e:9b:b5:8b:52:d7:
1f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3A:1C:65:45:2B:A2:5F:20:54:4B:3F:A9:AA:14:A9:B0:F4:AD:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE98468614A11F0AB998C8BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.60.0/23
Signature Algorithm: sha256WithRSAEncryption
27:2d:e9:d8:98:78:38:66:62:8c:5c:39:5d:ba:ce:29:4a:32:
cd:90:83:93:ee:d8:35:6a:c1:4f:0e:99:53:0d:f1:61:bc:94:
6e:72:d9:80:98:7d:af:4d:14:59:f0:ee:9a:a3:f9:44:f3:20:
fe:97:6f:d8:87:dc:86:8f:46:fa:f6:80:54:96:10:46:2b:32:
03:78:47:d0:1c:c8:a2:4e:56:44:43:88:7e:f8:f5:e7:79:e0:
23:93:78:09:98:78:38:aa:fa:69:9a:32:b3:4f:5c:5d:5f:7d:
2c:e6:fd:40:1c:54:c4:64:a5:1e:30:a8:01:52:1f:c4:00:76:
bf:2e:bf:60:e8:5e:c0:92:a6:bd:7b:6c:55:c8:5d:fc:d6:9c:
92:68:34:04:29:d9:a2:a9:52:fc:30:69:fc:e8:50:23:c0:49:
98:a5:a9:d2:73:99:f3:34:71:de:5f:fe:98:77:3f:89:fb:54:
68:f0:f9:ee:bc:8c:78:7a:ea:47:90:26:0c:ec:bc:6a:3e:be:
74:46:3c:05:01:ea:24:b2:1e:de:35:2b:15:d7:49:c9:cd:a8:
01:ad:ec:9d:e1:1a:32:c5:c8:71:6b:db:a7:e8:45:92:c4:da:
08:a0:44:ae:43:fb:73:0e:45:63:5e:5e:92:e5:e1:af:7e:e6:
2a:92:51:ef
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWU1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE1MDcwODQwWhcNMjYwNTI3MDcwODQwWjAYMRYw
FAYDVQQDEw02ODc1ZmU3ZC1kNTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvZozl+hEFLzXqRdeMgNa0V2km1sOSsECeXolw/ddzFYpueVYWefc8i/g
oM2dWW6tKqr6VWEYyKIrBvfcvU1DITDRyNtIRyfffpQfTS/aCuMA53y5eOrKaHVJ
c+yTx1hmuqXuffA+t5RZbb9B+uW5WeJYKsLUH/s94KZrrJrg1DdCWXHaoLdt2O7V
XRigFtH0q7L7irzHKmmuPOJfcqVVOZ1juUfX1CdA2uIGc1gKsG5P+Z7JeqXeMQbs
89kEBUBZJMBmR+pferuUpd4DTiT9UEwYCrbdQdy9V16960deC2I2QKLrDrH6GoxJ
vG3o6PW+2bo1CTTqeB1um7WLUtcfbwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIA6
HGVFK6JfIFRLP6mqFKmw9K3eMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QkU5ODQ2ODYxNEExMUYwQUI5OThDOEJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcs8MA0GCSqGSIb3DQEBCwUA
A4IBAQAnLenYmHg4ZmKMXDldus4pSjLNkIOT7tg1asFPDplTDfFhvJRuctmAmH2v
TRRZ8O6ao/lE8yD+l2/Yh9yGj0b69oBUlhBGKzIDeEfQHMiiTlZEQ4h++PXneeAj
k3gJmHg4qvppmjKzT1xdX30s5v1AHFTEZKUeMKgBUh/EAHa/Lr9g6F7Akqa9e2xV
yF381pySaDQEKdmiqVL8MGn86FAjwEmYpanSc5nzNHHeX/6Ydz+J+1Ro8PnuvIx4
eupHkCYM7LxqPr50RjwFAeoksh7eNSsV10nJzagBreyd4Royxchxa9un6EWSxNoI
oESuQ/tzDkVjXl6S5eGvfuYqklHv
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:37:31 2025 by rpki-client