Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C329B1A5A7B11F0B119BED5DAE4EC9C.roa
File: 8C329B1A5A7B11F0B119BED5DAE4EC9C.roa (raw, json)
Hash identifier: nKtN/qcSy5H19GSd2XKQwRvE8KEOpP2wht916KCEmWs=
Subject key identifier: 4A:4D:EE:4A:8C:2D:95:99:87:D5:E4:75:37:F7:5F:9A:7E:9E:06:25
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01623F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C329B1A5A7B11F0B119BED5DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 15:11:53 +0000
ROA not before: Sun 06 Jul 2025 15:11:48 +0000
ROA not after: Sun 10 Aug 2025 15:11:48 +0000
asID: 32043
IP address blocks: 45.192.120.0/21 maxlen: 24
45.194.114.0/23 maxlen: 24
45.194.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90687 (0x1623f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 6 15:11:48 2025 GMT
Not After : Aug 10 15:11:48 2025 GMT
Subject: CN=686a9239-ef2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:bd:31:6c:c0:bd:72:8b:3e:46:4e:06:7f:d3:
84:9e:cf:79:2c:c1:32:ec:ba:a1:32:b8:8c:c8:a3:
03:39:c6:10:1c:8d:9e:cc:d0:54:ff:12:73:54:5f:
55:c5:f1:a8:b9:73:a7:f2:fb:58:fe:88:72:d4:67:
82:ef:02:5c:dd:84:73:8d:7e:aa:9a:89:51:f8:ad:
64:fa:2d:2a:e2:cc:fb:ea:0b:64:ca:2c:0e:b9:d8:
a7:fa:6e:c1:36:7f:c2:d6:22:4f:89:ee:b9:2b:67:
a2:33:b1:ac:f2:55:f3:80:10:d8:3c:7f:08:6c:8c:
15:06:79:90:4c:52:ce:c9:78:41:dd:98:e5:b5:ca:
4b:88:af:9f:f6:1b:3a:a8:ff:95:b7:5b:b0:d5:50:
c6:36:8b:5c:68:e8:70:79:d3:cb:2e:4c:95:5c:ae:
e1:80:63:ac:b2:ad:94:4d:57:25:80:87:c7:2e:0b:
7d:56:07:cf:34:a9:70:45:fe:ae:0c:dc:39:71:c0:
3c:f3:16:92:af:a8:4a:72:64:fc:0c:0c:f8:73:e4:
c5:90:8f:f3:9f:54:82:90:f3:7a:68:8c:9c:1e:6f:
e2:8c:87:22:dc:98:a9:d4:7b:a0:26:b3:d1:d0:e7:
79:50:52:56:5b:10:04:8e:b8:19:0b:69:c3:bc:79:
d4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4D:EE:4A:8C:2D:95:99:87:D5:E4:75:37:F7:5F:9A:7E:9E:06:25
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C329B1A5A7B11F0B119BED5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.120.0/21
45.194.114.0/23
45.194.118.0/24
Signature Algorithm: sha256WithRSAEncryption
10:a9:d8:61:6a:43:8c:e2:6d:e6:05:da:cd:5c:fa:29:10:60:
3f:24:4b:55:f8:e2:93:a3:a3:af:cc:dd:4a:93:d3:62:59:33:
b6:a3:b5:e2:38:0b:15:fc:07:0a:fd:0f:2e:1e:41:4c:46:86:
e4:72:5c:34:28:23:bc:fd:50:67:b0:e2:2b:ef:25:c6:08:48:
b9:32:ee:f7:fe:f2:79:15:1a:a0:49:8b:8c:14:e4:d5:66:a7:
ba:c2:03:48:6f:80:00:8f:d0:86:d1:b2:6b:b9:cc:30:a3:25:
65:bb:87:84:09:d8:96:9b:09:69:f5:ed:5e:e8:de:69:5f:5d:
e1:b3:fa:25:52:8e:e9:36:2c:3d:77:c0:75:ee:1f:af:09:98:
c5:c8:c4:58:a2:c5:08:38:c0:a4:5e:c0:d8:62:f9:33:15:f0:
60:04:c3:eb:d9:e7:fe:9d:b2:15:82:ae:c6:f1:27:e6:e4:b2:
7e:ff:5b:3c:f7:38:ad:b1:6e:32:38:8c:76:82:50:3e:d4:9d:
37:b3:21:4d:32:cf:3a:ec:72:40:c1:db:91:0b:5f:0b:18:ec:
65:b7:5c:79:f0:3f:73:85:fa:dc:17:ce:e3:0f:3c:2e:21:7a:
7b:98:63:50:cc:ca:6b:e0:0b:fd:36:59:34:b4:3a:d7:e6:cf:
6a:f3:6e:d3
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAWI/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA2MTUxMTQ4WhcNMjUwODEwMTUxMTQ4WjAYMRYw
FAYDVQQDEw02ODZhOTIzOS1lZjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyr0xbMC9cos+Rk4Gf9OEns95LMEy7LqhMriMyKMDOcYQHI2ezNBU/xJz
VF9VxfGouXOn8vtY/ohy1GeC7wJc3YRzjX6qmolR+K1k+i0q4sz76gtkyiwOudin
+m7BNn/C1iJPie65K2eiM7Gs8lXzgBDYPH8IbIwVBnmQTFLOyXhB3ZjltcpLiK+f
9hs6qP+Vt1uw1VDGNotcaOhwedPLLkyVXK7hgGOssq2UTVclgIfHLgt9VgfPNKlw
Rf6uDNw5ccA88xaSr6hKcmT8DAz4c+TFkI/zn1SCkPN6aIycHm/ijIci3Jip1Hug
JrPR0Od5UFJWWxAEjrgZC2nDvHnUQwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFEpN
7kqMLZWZh9XkdTf3X5p+ngYlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QzMyOUIxQTVBN0IxMUYwQjExOUJFRDVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLcB4AwQBLcJyAwQALcJ2MA0G
CSqGSIb3DQEBCwUAA4IBAQAQqdhhakOM4m3mBdrNXPopEGA/JEtV+OKTo6OvzN1K
k9NiWTO2o7XiOAsV/AcK/Q8uHkFMRobkclw0KCO8/VBnsOIr7yXGCEi5Mu73/vJ5
FRqgSYuMFOTVZqe6wgNIb4AAj9CG0bJrucwwoyVlu4eECdiWmwlp9e1e6N5pX13h
s/olUo7pNiw9d8B17h+vCZjFyMRYosUIOMCkXsDYYvkzFfBgBMPr2ef+nbIVgq7G
8Sfm5LJ+/1s89zitsW4yOIx2glA+1J03syFNMs867HJAwduRC18LGOxlt1x58D9z
hfrcF87jDzwuIXp7mGNQzMpr4Av9Nlk0tDrX5s9q827T
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:46:00 2025 by rpki-client