Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91F2F88A5A6511F08DF03BC9DAE4EC9C.roa
File: 91F2F88A5A6511F08DF03BC9DAE4EC9C.roa (raw, json)
Hash identifier: QEyuhZ7MxgorresnSds4zSDf3bnooLT/9Q87sU2+LGU=
Subject key identifier: 0B:30:25:32:86:86:F7:7E:E3:B7:33:EC:EF:A0:18:A0:FC:5B:D6:10
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0161F2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91F2F88A5A6511F08DF03BC9DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 12:34:34 +0000
ROA not before: Sun 06 Jul 2025 12:34:29 +0000
ROA not after: Tue 28 Apr 2026 12:34:29 +0000
asID: 262167
IP address blocks: 45.199.158.0/24 maxlen: 24
45.199.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90610 (0x161f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 6 12:34:29 2025 GMT
Not After : Apr 28 12:34:29 2026 GMT
Subject: CN=686a6d5a-76ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:59:73:5a:72:d0:a6:db:b9:6f:e6:3e:63:c1:
28:eb:8a:f9:9a:b2:fe:e3:04:d0:b6:f3:c6:5b:3a:
fb:a8:95:db:a3:af:f3:e0:fc:d9:51:fa:22:03:e3:
3c:08:d6:84:42:5f:33:83:47:94:ac:1f:da:7b:77:
78:25:57:1c:fa:89:f8:54:fd:1d:33:27:c4:5e:ad:
bb:55:ff:94:b2:9f:97:7c:ac:df:6d:26:26:40:1e:
82:a1:38:58:18:b2:5c:55:3a:96:6c:15:3b:03:99:
45:9d:53:60:db:48:4c:df:2d:88:97:86:87:ab:9a:
09:43:a2:8c:93:8d:b1:c9:ea:f5:57:f7:52:4d:9c:
05:9d:28:dd:9d:e5:55:d9:35:24:19:04:dd:5c:b6:
ff:c4:be:f6:c1:ef:18:78:9f:49:57:5f:71:4a:da:
fe:99:81:80:31:a7:7c:5c:27:48:a9:07:40:b9:a2:
a7:ee:85:85:bf:67:6f:f5:ff:df:1f:75:0e:8e:71:
82:27:f7:f6:3c:a3:d8:2a:02:de:fe:1c:0a:f7:10:
17:aa:7d:97:94:fc:1f:51:62:0e:f2:cc:ee:8c:41:
b4:1f:8d:a2:fa:33:e2:87:86:67:ae:98:5b:c0:92:
10:43:e2:9e:e4:1d:a8:49:6c:66:c1:be:cb:17:2d:
e5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:30:25:32:86:86:F7:7E:E3:B7:33:EC:EF:A0:18:A0:FC:5B:D6:10
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91F2F88A5A6511F08DF03BC9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.158.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:7f:cf:84:bf:2a:c7:67:af:9e:fc:70:61:0c:08:7c:d0:6e:
3f:8a:1c:9a:94:9d:67:84:52:3a:ea:c6:ed:8c:25:f6:3c:9d:
bf:ff:f8:0e:b8:6e:b5:ff:31:d3:e7:b0:4b:62:71:13:fb:a8:
47:a1:69:f0:85:8f:a2:fe:1f:31:12:75:7c:79:d3:ae:f6:38:
72:c0:aa:3e:d5:d2:f7:aa:d6:e0:bc:01:20:67:02:4e:23:97:
b8:c8:58:91:62:36:68:6d:eb:57:d1:2a:6b:bd:b2:e5:9b:94:
df:09:df:33:39:9b:00:b9:97:ca:d6:50:ae:1e:b3:86:9f:19:
f0:b5:39:23:1c:c4:cb:39:92:2c:6f:a2:9c:3c:8b:d2:1d:ed:
8c:fc:8a:33:d7:46:67:0c:9b:5e:3b:98:5d:c9:2c:50:a1:54:
c6:00:95:7c:c2:59:22:53:7c:50:05:95:79:db:e5:3a:da:87:
85:9e:58:5e:d6:7a:41:bd:b3:d8:1e:f6:a6:9e:fd:b8:40:02:
13:5d:a8:c7:f8:fe:24:d2:a0:fa:34:11:a8:8b:38:d2:05:0e:
48:55:82:d4:0c:0a:97:8e:5a:7f:8b:2e:b4:bb:f7:71:7e:77:
18:94:ad:4e:4b:03:b4:d1:15:71:0e:44:4b:52:82:3e:fb:3b:
7a:fb:56:90
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWHyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA2MTIzNDI5WhcNMjYwNDI4MTIzNDI5WjAYMRYw
FAYDVQQDEw02ODZhNmQ1YS03NmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwllzWnLQptu5b+Y+Y8Eo64r5mrL+4wTQtvPGWzr7qJXbo6/z4PzZUfoi
A+M8CNaEQl8zg0eUrB/ae3d4JVcc+on4VP0dMyfEXq27Vf+Usp+XfKzfbSYmQB6C
oThYGLJcVTqWbBU7A5lFnVNg20hM3y2Il4aHq5oJQ6KMk42xyer1V/dSTZwFnSjd
neVV2TUkGQTdXLb/xL72we8YeJ9JV19xStr+mYGAMad8XCdIqQdAuaKn7oWFv2dv
9f/fH3UOjnGCJ/f2PKPYKgLe/hwK9xAXqn2XlPwfUWIO8szujEG0H42i+jPih4Zn
rphbwJIQQ+Ke5B2oSWxmwb7LFy3lHwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAsw
JTKGhvd+47cz7O+gGKD8W9YQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MUYyRjg4QTVBNjUxMUYwOERGMDNCQzlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLceeMA0GCSqGSIb3DQEBCwUA
A4IBAQA9f8+EvyrHZ6+e/HBhDAh80G4/ihyalJ1nhFI66sbtjCX2PJ2///gOuG61
/zHT57BLYnET+6hHoWnwhY+i/h8xEnV8edOu9jhywKo+1dL3qtbgvAEgZwJOI5e4
yFiRYjZobetX0SprvbLlm5TfCd8zOZsAuZfK1lCuHrOGnxnwtTkjHMTLOZIsb6Kc
PIvSHe2M/Ioz10ZnDJteO5hdySxQoVTGAJV8wlkiU3xQBZV52+U62oeFnlhe1npB
vbPYHvamnv24QAITXajH+P4k0qD6NBGoizjSBQ5IVYLUDAqXjlp/iy60u/dxfncY
lK1OSwO00RVxDkRLUoI++zt6+1aQ
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:32:57 2025 by rpki-client