Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE8F8496598811F0ACB29BB1DAE4EC9C.roa
File: AE8F8496598811F0ACB29BB1DAE4EC9C.roa (raw, json)
Hash identifier: LWpQcOxfBMItPo4/hJrYSxHC5Y0z1ZQkvBer+DREW1o=
Subject key identifier: 04:C8:8D:A0:A1:16:9D:20:57:C3:FB:DD:7A:F9:2F:AD:4B:EF:C9:53
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016191
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE8F8496598811F0ACB29BB1DAE4EC9C.roa
Signing time: Sat 05 Jul 2025 10:13:23 +0000
ROA not before: Sat 05 Jul 2025 10:13:18 +0000
ROA not after: Sun 10 Aug 2025 10:13:18 +0000
asID: 132566
IP address blocks: 45.198.238.0/23 maxlen: 24
45.198.240.0/22 maxlen: 24
45.198.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90513 (0x16191)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 5 10:13:18 2025 GMT
Not After : Aug 10 10:13:18 2025 GMT
Subject: CN=6868fac3-7377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e9:4d:39:1f:da:8b:f4:72:cb:cd:6f:c9:2c:
f8:c4:d2:26:01:f8:ad:0d:5a:64:08:87:99:68:5a:
02:ab:0a:04:01:86:5d:38:91:30:8f:93:66:0e:e4:
17:b4:9d:d3:f4:5d:ab:e9:b2:3c:43:f0:6a:e4:db:
72:97:8d:39:47:cb:f9:03:2d:79:28:3f:0c:5d:fd:
40:a1:74:58:30:6c:64:a3:e7:b9:b5:5c:41:2b:59:
fd:9d:44:fb:bc:03:31:14:1e:4a:a0:61:ed:c7:4a:
ba:af:39:dd:b8:68:3b:3b:13:06:05:51:ca:f8:2f:
c3:8e:49:e0:a1:e7:29:a1:e8:00:b3:6b:a9:83:e5:
ac:e1:4e:37:69:0c:17:57:62:f1:22:9c:b8:da:5e:
ba:97:13:6a:33:23:fc:d6:f6:3e:7c:13:f7:7c:3e:
6c:e9:f1:f3:92:e8:07:b1:75:9c:db:e7:7a:40:9a:
5c:32:ee:a8:88:92:5a:2b:32:0c:ff:ce:14:cc:79:
c3:95:69:76:8d:5f:b1:51:72:4c:d5:68:ae:e4:22:
70:8f:6f:53:9a:4a:7d:70:fa:dc:3c:e6:8a:57:0a:
1d:b7:c9:86:f4:86:73:ad:b7:0a:7d:dc:51:9a:f6:
fd:ff:13:87:09:a6:fd:a6:15:a8:85:81:58:31:84:
2f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C8:8D:A0:A1:16:9D:20:57:C3:FB:DD:7A:F9:2F:AD:4B:EF:C9:53
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE8F8496598811F0ACB29BB1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.238.0-45.198.245.255
Signature Algorithm: sha256WithRSAEncryption
b1:25:58:84:35:d5:4b:80:4c:1d:71:62:7c:04:43:bf:92:23:
0c:d3:51:1d:a8:8c:b2:ff:0f:40:f9:1d:d5:cb:8a:7a:27:48:
83:37:9b:c4:b7:0e:95:54:8d:ca:61:13:9d:b5:a1:ab:a3:fb:
5d:0e:21:37:dd:35:1d:f1:30:75:25:36:47:d6:ad:55:ad:14:
8b:4b:2f:1e:21:96:1f:6b:cf:36:9b:57:0f:d9:69:07:d8:f6:
97:d1:e5:3a:5d:fa:3f:2f:18:fa:94:bb:a1:f8:2d:42:ec:41:
21:f1:06:15:26:40:34:69:fe:b0:85:c1:87:3f:56:ec:df:11:
cf:61:46:64:6a:13:bb:7e:74:f5:18:48:a7:b0:33:3c:22:e7:
9c:33:73:23:08:c6:2f:01:9c:a3:e9:22:b8:13:cc:e1:14:34:
04:e2:e2:9f:4b:a0:f5:4c:fa:6b:69:49:89:3b:20:58:ac:3f:
e4:e3:24:07:6c:fd:00:ed:3f:8d:b9:7f:97:56:ce:eb:d8:ae:
e7:64:86:bb:e9:62:cd:6f:32:ac:b1:37:18:28:30:8e:4a:2d:
a4:44:e2:be:44:4a:1c:74:d1:f0:59:4a:c0:fa:8e:b8:f4:19:
30:94:17:ca:ad:b9:2d:07:06:53:dc:0c:5b:9e:a6:a3:a3:ed:
f2:f2:ba:37
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWGRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA1MTAxMzE4WhcNMjUwODEwMTAxMzE4WjAYMRYw
FAYDVQQDEw02ODY4ZmFjMy03Mzc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1+lNOR/ai/Ryy81vySz4xNImAfitDVpkCIeZaFoCqwoEAYZdOJEwj5Nm
DuQXtJ3T9F2r6bI8Q/Bq5Ntyl405R8v5Ay15KD8MXf1AoXRYMGxko+e5tVxBK1n9
nUT7vAMxFB5KoGHtx0q6rznduGg7OxMGBVHK+C/DjkngoecpoegAs2upg+Ws4U43
aQwXV2LxIpy42l66lxNqMyP81vY+fBP3fD5s6fHzkugHsXWc2+d6QJpcMu6oiJJa
KzIM/84UzHnDlWl2jV+xUXJM1Wiu5CJwj29Tmkp9cPrcPOaKVwodt8mG9IZzrbcK
fdxRmvb9/xOHCab9phWohYFYMYQvEwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFATI
jaChFp0gV8P73Xr5L61L78lTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRThGODQ5NjU5ODgxMUYwQUNCMjlCQjFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEtxu4DBAEtxvQwDQYJKoZI
hvcNAQELBQADggEBALElWIQ11UuATB1xYnwEQ7+SIwzTUR2ojLL/D0D5HdXLinon
SIM3m8S3DpVUjcphE521oauj+10OITfdNR3xMHUlNkfWrVWtFItLLx4hlh9rzzab
Vw/ZaQfY9pfR5Tpd+j8vGPqUu6H4LULsQSHxBhUmQDRp/rCFwYc/VuzfEc9hRmRq
E7t+dPUYSKewMzwi55wzcyMIxi8BnKPpIrgTzOEUNATi4p9LoPVM+mtpSYk7IFis
P+TjJAds/QDtP425f5dWzuvYrudkhrvpYs1vMqyxNxgoMI5KLaRE4r5EShx00fBZ
SsD6jrj0GTCUF8qtuS0HBlPcDFuepqOj7fLyujc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:33:41 2025 by rpki-client