Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/989B7F5E5E5C11F08BF446ECDAE4EC9C.roa
File: 989B7F5E5E5C11F08BF446ECDAE4EC9C.roa (raw, json)
Hash identifier: VQqD4GCMe5mftclwWAMxOJB+IBAhOa9n8SS3A3rMKoo=
Subject key identifier: 1A:1C:48:19:11:3A:E7:97:1C:39:75:FA:70:17:C1:54:DB:6E:46:9C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0164B3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/989B7F5E5E5C11F08BF446ECDAE4EC9C.roa
Signing time: Fri 11 Jul 2025 13:40:24 +0000
ROA not before: Fri 11 Jul 2025 13:40:19 +0000
ROA not after: Mon 04 May 2026 13:40:19 +0000
asID: 23764
IP address blocks: 45.195.4.0/24 maxlen: 24
45.195.5.0/24 maxlen: 24
45.195.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91315 (0x164b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 11 13:40:19 2025 GMT
Not After : May 4 13:40:19 2026 GMT
Subject: CN=68711448-975f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:02:49:9e:1c:40:05:09:ae:57:11:e5:ab:6a:
bd:45:0e:8e:ed:8c:d9:4e:ce:5d:9b:49:d6:9a:82:
26:4c:06:d5:d0:20:9f:60:dc:83:c4:a7:a6:28:2a:
05:5e:88:be:28:d9:4a:b9:ba:27:ef:8f:98:26:ff:
5d:78:5d:56:80:fe:1f:82:47:96:1c:11:c6:c6:fc:
c6:d0:02:89:f7:61:1b:cc:68:6d:97:28:1c:f3:f2:
e2:d4:0b:09:49:e7:da:23:93:20:0f:4f:5e:bb:7e:
02:d4:22:2e:de:e5:ef:6d:b9:23:e2:8d:f9:3a:7d:
26:6d:6c:77:68:07:49:54:58:9f:40:6e:f8:e6:95:
50:c4:c6:d4:51:c4:a8:8e:c5:9e:47:67:80:aa:08:
02:92:60:61:37:4a:36:1d:71:94:19:9e:33:4f:9f:
05:d5:4e:39:db:b2:b0:05:36:4c:44:54:50:a4:d4:
07:38:aa:68:ce:f3:d6:3c:60:82:9b:02:91:8d:72:
27:28:54:31:64:18:d9:69:25:d7:3e:5f:1b:b3:9f:
0b:cf:ee:4b:d9:56:89:0d:b6:0d:99:b8:c5:17:c5:
8c:52:99:ea:6e:32:07:fc:f0:31:13:62:cc:62:76:
38:8d:03:86:7f:68:99:89:22:cd:d2:79:e9:2c:8b:
70:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1C:48:19:11:3A:E7:97:1C:39:75:FA:70:17:C1:54:DB:6E:46:9C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/989B7F5E5E5C11F08BF446ECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.4.0/23
45.195.7.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:44:b2:7b:0b:1a:c9:78:40:0f:e8:81:57:15:0f:ce:bd:93:
5b:66:9b:21:dd:09:79:ee:e1:08:1d:f6:27:f1:c0:a3:ad:f7:
5d:c8:fe:ea:56:47:40:be:ca:26:87:80:cc:8d:d5:22:12:53:
34:fc:89:97:fe:78:0e:5f:50:e6:54:7f:88:d6:24:4b:28:91:
9b:aa:40:d2:e5:43:ed:18:d7:e4:f2:b0:d1:aa:b9:ea:dd:16:
46:5e:2e:85:67:8c:d3:4e:75:27:7e:5a:78:6d:4f:12:9e:af:
1b:82:cc:f9:90:c6:3a:32:4f:cb:7c:3a:96:f4:16:3f:e6:82:
e7:19:d3:b4:99:78:cd:b3:38:8e:62:da:d0:ec:c0:26:b6:ae:
4b:3c:d1:ab:91:61:ea:a9:05:6f:0f:89:1b:08:d2:8c:71:28:
d7:9c:ed:15:22:12:16:75:5c:31:84:3b:76:60:f0:75:4b:32:
cd:e9:e4:d0:86:80:99:49:4e:fb:30:37:37:ae:39:e6:05:e0:
1e:e2:03:00:7e:91:77:e4:e6:00:b7:db:61:5d:e9:f0:dd:64:
22:59:48:e7:ca:6e:1e:07:f0:c4:9b:31:6c:1f:d2:40:c7:3f:
83:fd:82:85:d7:b9:19:cf:0d:e7:69:af:1c:62:73:7c:ce:7b:
12:a0:7d:2b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWSzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzExMTM0MDE5WhcNMjYwNTA0MTM0MDE5WjAYMRYw
FAYDVQQDEw02ODcxMTQ0OC05NzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzAJJnhxABQmuVxHlq2q9RQ6O7YzZTs5dm0nWmoImTAbV0CCfYNyDxKem
KCoFXoi+KNlKubon74+YJv9deF1WgP4fgkeWHBHGxvzG0AKJ92EbzGhtlygc8/Li
1AsJSefaI5MgD09eu34C1CIu3uXvbbkj4o35On0mbWx3aAdJVFifQG745pVQxMbU
UcSojsWeR2eAqggCkmBhN0o2HXGUGZ4zT58F1U4527KwBTZMRFRQpNQHOKpozvPW
PGCCmwKRjXInKFQxZBjZaSXXPl8bs58Lz+5L2VaJDbYNmbjFF8WMUpnqbjIH/PAx
E2LMYnY4jQOGf2iZiSLN0nnpLItwSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBoc
SBkROueXHDl1+nAXwVTbbkacMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85ODlCN0Y1RTVFNUMxMUYwOEJGNDQ2RUNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLcMEAwQALcMHMA0GCSqGSIb3
DQEBCwUAA4IBAQCLRLJ7CxrJeEAP6IFXFQ/OvZNbZpsh3Ql57uEIHfYn8cCjrfdd
yP7qVkdAvsomh4DMjdUiElM0/ImX/ngOX1DmVH+I1iRLKJGbqkDS5UPtGNfk8rDR
qrnq3RZGXi6FZ4zTTnUnflp4bU8Snq8bgsz5kMY6Mk/LfDqW9BY/5oLnGdO0mXjN
sziOYtrQ7MAmtq5LPNGrkWHqqQVvD4kbCNKMcSjXnO0VIhIWdVwxhDt2YPB1SzLN
6eTQhoCZSU77MDc3rjnmBeAe4gMAfpF35OYAt9thXenw3WQiWUjnym4eB/DEmzFs
H9JAxz+D/YKF17kZzw3naa8cYnN8znsSoH0r
-----END CERTIFICATE-----
Generated at Sun Jul 20 17:26:50 2025 by rpki-client