Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A885768E5CFB11F09CD6B4A1DAE4EC9C.roa
File: A885768E5CFB11F09CD6B4A1DAE4EC9C.roa (raw, json)
Hash identifier: KGh+UKpw7H7bIYghAm1D9mpNlyU5qXzmnMFi4CubukA=
Subject key identifier: C1:7A:C9:D1:D7:15:6A:EE:D0:1A:01:E4:6A:C3:14:A6:05:2F:1D:83
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01643E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A885768E5CFB11F09CD6B4A1DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 19:33:59 +0000
ROA not before: Wed 09 Jul 2025 19:33:53 +0000
ROA not after: Sun 24 Aug 2025 19:33:53 +0000
asID: 21859
IP address blocks: 45.196.31.0/24 maxlen: 24
45.202.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91198 (0x1643e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 9 19:33:53 2025 GMT
Not After : Aug 24 19:33:53 2025 GMT
Subject: CN=686ec427-73b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ba:f6:1f:ac:c1:a4:fa:9d:40:44:7c:ca:2a:
60:a6:5a:9c:1a:46:aa:91:9f:24:27:70:31:a6:ea:
4f:53:d1:df:b5:9b:6e:ff:a1:5d:cc:b2:aa:83:fb:
d8:07:34:f7:24:d2:fb:9f:5a:17:af:24:79:26:b4:
f7:f2:da:6a:7a:02:8c:82:b9:dc:39:ec:9f:a6:ec:
bc:a5:4c:4d:1b:47:c4:57:0f:df:ac:41:5e:8a:42:
72:e2:cc:52:c7:f4:d0:74:5e:38:d6:3b:f9:84:82:
e9:b1:02:6a:71:55:98:ad:ca:8d:74:66:af:00:4c:
97:40:72:4f:cb:a1:2f:fd:f9:7a:b3:60:0a:bf:36:
c4:38:03:f2:9b:c7:e1:57:38:67:6f:56:34:c2:b2:
36:a0:f7:ac:43:06:ad:83:13:34:1b:05:4d:63:54:
0d:c3:f0:5f:a0:b8:88:74:dc:03:ea:cb:57:b6:00:
98:fc:ad:85:c1:ce:ce:4f:59:53:a9:f2:07:20:46:
50:17:2a:de:be:7a:01:58:20:f7:8d:a0:7f:4e:3c:
2f:7c:1c:9a:64:4d:fa:93:81:d5:f3:36:c2:07:81:
31:eb:f8:5c:43:48:fa:14:a1:9a:45:fb:ba:0d:da:
ae:3c:92:24:06:94:12:75:64:54:20:49:d7:a5:3b:
df:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:7A:C9:D1:D7:15:6A:EE:D0:1A:01:E4:6A:C3:14:A6:05:2F:1D:83
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A885768E5CFB11F09CD6B4A1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.31.0/24
45.202.108.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:47:12:8a:b1:e2:99:f1:d4:75:2d:a3:0f:bf:06:e5:6e:1e:
4b:f3:9b:7c:02:ef:48:89:5a:61:42:5a:c3:4d:13:8f:9b:95:
cc:60:68:d8:e3:9c:f4:c4:09:2b:0c:c2:e2:e0:90:d4:aa:32:
03:08:36:4a:f1:7f:14:ad:d6:00:57:be:c2:21:bf:0f:06:6d:
58:5e:0f:30:40:fd:df:57:33:2f:8f:e0:a5:4e:0f:22:76:f6:
4a:2f:8d:3d:ad:ae:15:7f:22:28:17:1b:55:fd:56:0c:0f:3e:
7b:ab:14:45:de:15:a3:cd:aa:db:b7:f3:b0:77:92:41:e0:03:
f9:57:b4:c9:51:0c:d9:40:ff:ae:05:6f:2b:60:ec:95:16:1f:
19:78:42:7a:1a:68:fd:50:4d:14:5f:2b:a2:14:ef:05:3b:c8:
da:cb:e3:ac:9b:11:00:9c:8d:bd:29:fd:5e:5d:d0:8d:32:1d:
ba:68:58:7e:5f:fa:fd:a8:2c:37:88:02:50:14:a7:e1:fd:a4:
b6:e2:51:39:aa:7a:82:09:3c:02:00:63:6f:fa:24:b6:bd:e7:
b6:35:27:78:72:12:1a:c9:ca:b5:08:0e:6e:3e:a8:8e:4b:da:
92:59:9a:b5:8c:b3:76:2b:b6:a5:0c:8a:38:e4:86:3f:8c:d2:
9b:c2:d6:47
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWQ+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA5MTkzMzUzWhcNMjUwODI0MTkzMzUzWjAYMRYw
FAYDVQQDEw02ODZlYzQyNy03M2I1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwrr2H6zBpPqdQER8yipgplqcGkaqkZ8kJ3AxpupPU9HftZtu/6FdzLKq
g/vYBzT3JNL7n1oXryR5JrT38tpqegKMgrncOeyfpuy8pUxNG0fEVw/frEFeikJy
4sxSx/TQdF441jv5hILpsQJqcVWYrcqNdGavAEyXQHJPy6Ev/fl6s2AKvzbEOAPy
m8fhVzhnb1Y0wrI2oPesQwatgxM0GwVNY1QNw/BfoLiIdNwD6stXtgCY/K2Fwc7O
T1lTqfIHIEZQFyrevnoBWCD3jaB/TjwvfByaZE36k4HV8zbCB4Ex6/hcQ0j6FKGa
Rfu6DdquPJIkBpQSdWRUIEnXpTvfPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMF6
ydHXFWru0BoB5GrDFKYFLx2DMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BODg1NzY4RTVDRkIxMUYwOUNENkI0QTFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcQfAwQALcpsMA0GCSqGSIb3
DQEBCwUAA4IBAQAbRxKKseKZ8dR1LaMPvwblbh5L85t8Au9IiVphQlrDTROPm5XM
YGjY45z0xAkrDMLi4JDUqjIDCDZK8X8UrdYAV77CIb8PBm1YXg8wQP3fVzMvj+Cl
Tg8idvZKL409ra4VfyIoFxtV/VYMDz57qxRF3hWjzarbt/Owd5JB4AP5V7TJUQzZ
QP+uBW8rYOyVFh8ZeEJ6Gmj9UE0UXyuiFO8FO8jay+OsmxEAnI29Kf1eXdCNMh26
aFh+X/r9qCw3iAJQFKfh/aS24lE5qnqCCTwCAGNv+iS2vee2NSd4chIaycq1CA5u
PqiOS9qSWZq1jLN2K7alDIo45IY/jNKbwtZH
-----END CERTIFICATE-----
Generated at Sun Jul 20 21:45:05 2025 by rpki-client