Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B666EAE65A7411F08B4DEBA8DAE4EC9C.roa
File: B666EAE65A7411F08B4DEBA8DAE4EC9C.roa (raw, json)
Hash identifier: jKkhZc0bRje1/dBNexG+YWq+I2HCjMfrtzvhjaSlN+U=
Subject key identifier: AB:00:58:D4:F5:45:FD:79:D9:46:98:07:F3:CE:69:37:33:54:05:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016225
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B666EAE65A7411F08B4DEBA8DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 14:22:58 +0000
ROA not before: Sun 06 Jul 2025 14:22:53 +0000
ROA not after: Sat 09 Aug 2025 14:22:53 +0000
asID: 14315
IP address blocks: 45.197.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90661 (0x16225)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 6 14:22:53 2025 GMT
Not After : Aug 9 14:22:53 2025 GMT
Subject: CN=686a86c1-66fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ad:48:f4:d7:b5:a3:0b:b7:03:5f:13:d1:43:
1a:4b:63:31:43:86:c7:43:e6:59:8f:45:dc:36:be:
7b:f5:5d:32:c7:ef:2f:27:52:da:85:3a:56:5b:48:
16:4d:e7:23:61:fd:1b:6f:1f:0d:97:9c:6f:97:d9:
73:59:f4:da:07:f6:5e:fd:3e:ec:ef:fc:c7:93:98:
4e:ba:a9:81:ff:1c:31:45:94:db:71:c0:a6:9f:00:
8d:e3:69:8e:bb:bf:0a:07:f1:d3:83:07:e6:08:9c:
1b:0f:d5:4b:3a:de:ca:d1:15:16:e7:f7:81:e8:e4:
33:d6:8b:9a:4b:13:4e:25:b4:78:18:a2:5d:e0:42:
60:b4:de:86:6f:2e:35:9f:52:6a:bd:77:29:82:1b:
e2:6a:87:fd:23:be:04:89:e3:b3:02:76:04:e0:91:
ca:42:03:72:c4:8d:cb:6e:94:3f:ee:69:db:49:66:
d3:85:7f:2a:b0:e5:20:9f:66:af:1c:7d:e4:7a:3f:
74:20:81:8a:05:50:2e:68:4b:cd:16:6d:2c:3e:ba:
de:50:00:f6:c5:86:65:09:bd:03:ed:2b:9e:46:82:
cd:9e:cd:9c:1b:6a:a8:b7:90:69:ce:29:8e:50:55:
86:3c:91:6a:50:7d:68:e9:59:48:3f:5e:15:d8:84:
2b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:00:58:D4:F5:45:FD:79:D9:46:98:07:F3:CE:69:37:33:54:05:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B666EAE65A7411F08B4DEBA8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.137.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:ef:42:13:fd:69:68:04:49:ff:5b:f3:8b:bc:51:4a:b8:63:
a7:6f:51:f3:36:52:11:1a:ec:b7:46:09:2d:ae:60:29:37:b7:
4a:cd:2c:cf:8b:a5:32:3c:a9:97:74:f6:72:82:d7:0f:5e:bc:
1b:33:6d:30:01:b1:1a:fc:e6:5f:ed:8a:f7:6a:12:3a:98:9c:
99:d9:0d:bc:55:8b:75:a2:75:6e:9d:3c:c9:20:88:48:8b:0f:
87:1d:59:cf:da:c5:99:68:27:de:f9:2f:db:ab:ec:b0:1d:19:
db:db:e6:08:6c:62:27:25:0c:11:fa:b7:71:37:3f:47:ad:a1:
cf:f8:58:22:94:bb:1b:2b:90:01:0f:59:da:f7:a9:af:cb:77:
39:05:09:75:ab:34:1e:0b:6b:e6:2b:8d:91:4e:a8:37:a0:5c:
fb:12:f2:f3:3e:32:7f:c0:83:c5:96:7f:df:16:3c:34:97:66:
15:cb:4e:10:37:72:fe:d7:a9:62:23:da:ec:c2:e0:d8:21:db:
e9:02:65:8f:02:6e:5f:78:41:5c:78:22:73:17:59:bc:8f:72:
93:fa:44:2b:fc:cb:da:85:f6:5e:08:02:ed:25:9c:46:cd:98:
91:0a:24:ea:4f:98:30:d1:45:36:a9:56:76:a7:17:3d:a9:d2:
fb:08:c3:14
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWIlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA2MTQyMjUzWhcNMjUwODA5MTQyMjUzWjAYMRYw
FAYDVQQDEw02ODZhODZjMS02NmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA161I9Ne1owu3A18T0UMaS2MxQ4bHQ+ZZj0XcNr579V0yx+8vJ1LahTpW
W0gWTecjYf0bbx8Nl5xvl9lzWfTaB/Ze/T7s7/zHk5hOuqmB/xwxRZTbccCmnwCN
42mOu78KB/HTgwfmCJwbD9VLOt7K0RUW5/eB6OQz1ouaSxNOJbR4GKJd4EJgtN6G
by41n1JqvXcpghviaof9I74EieOzAnYE4JHKQgNyxI3LbpQ/7mnbSWbThX8qsOUg
n2avHH3kej90IIGKBVAuaEvNFm0sPrreUAD2xYZlCb0D7SueRoLNns2cG2qot5Bp
zimOUFWGPJFqUH1o6VlIP14V2IQrNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKsA
WNT1Rf152UaYB/POaTczVAWoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNjY2RUFFNjVBNzQxMUYwOEI0REVCQThEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcWJMA0GCSqGSIb3DQEBCwUA
A4IBAQA870IT/WloBEn/W/OLvFFKuGOnb1HzNlIRGuy3RgktrmApN7dKzSzPi6Uy
PKmXdPZygtcPXrwbM20wAbEa/OZf7Yr3ahI6mJyZ2Q28VYt1onVunTzJIIhIiw+H
HVnP2sWZaCfe+S/bq+ywHRnb2+YIbGInJQwR+rdxNz9HraHP+FgilLsbK5ABD1na
96mvy3c5BQl1qzQeC2vmK42RTqg3oFz7EvLzPjJ/wIPFln/fFjw0l2YVy04QN3L+
16liI9rswuDYIdvpAmWPAm5feEFceCJzF1m8j3KT+kQr/MvahfZeCALtJZxGzZiR
CiTqT5gw0UU2qVZ2pxc9qdL7CMMU
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:35:45 2025 by rpki-client