Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA97A2385B3A11F08959B6B7DAE4EC9C.roa
File: BA97A2385B3A11F08959B6B7DAE4EC9C.roa (raw, json)
Hash identifier: voImwZUtqx4FD1d3x9dc4pRov28ATZNbM7Dg8wlABCw=
Subject key identifier: 62:6E:BC:75:13:FD:96:7F:1E:76:33:1D:2F:7B:E4:01:69:F3:6C:76
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016310
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA97A2385B3A11F08959B6B7DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 14:00:25 +0000
ROA not before: Mon 07 Jul 2025 14:00:20 +0000
ROA not after: Sat 16 Aug 2025 14:00:20 +0000
asID: 401696
IP address blocks: 45.192.96.0/20 maxlen: 24
45.207.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90896 (0x16310)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 7 14:00:20 2025 GMT
Not After : Aug 16 14:00:20 2025 GMT
Subject: CN=686bd2f9-d2d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0c:e6:12:9e:e3:cc:d3:4e:60:39:73:55:a0:
22:e2:a8:2d:fd:21:d9:13:59:84:bc:09:eb:f5:6c:
cc:b4:cb:b4:c1:cf:84:41:67:e7:67:23:e0:3e:73:
92:89:7e:5c:34:f7:33:35:05:a8:e1:b8:1d:01:ae:
83:13:c1:aa:11:82:aa:88:52:d2:c9:d1:78:56:17:
16:7e:5c:fa:07:dd:f0:26:d4:bb:a6:e3:91:1d:5c:
cc:a8:b7:4a:3f:12:70:87:9a:d8:c4:8c:31:91:17:
9c:06:6a:5a:45:36:21:d4:6f:2d:bb:42:f4:91:2f:
2a:a6:88:3d:44:bd:18:21:5f:b1:d5:bc:89:55:c2:
c9:58:01:3f:49:54:c5:17:13:32:62:28:db:db:09:
45:3f:f1:b3:91:e5:95:5f:83:54:86:29:67:66:a8:
fb:29:2c:ea:dc:4a:1c:4f:38:f1:2d:24:06:4d:63:
df:67:b2:15:1c:f1:b4:64:a3:60:a1:f9:70:77:82:
f1:b1:44:72:b8:2b:02:4b:f2:0f:43:69:78:ca:70:
16:ab:1a:f6:f3:d6:ca:e5:7a:16:13:07:6b:f9:dd:
28:d7:a9:d9:48:7c:74:83:33:87:c9:04:e3:ab:f7:
bc:a3:71:aa:ac:40:e8:65:90:a4:33:88:63:f0:0e:
50:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6E:BC:75:13:FD:96:7F:1E:76:33:1D:2F:7B:E4:01:69:F3:6C:76
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA97A2385B3A11F08959B6B7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/20
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:7b:45:aa:31:73:cc:c9:ed:15:c0:60:28:d9:62:3e:9c:44:
8d:83:c0:90:75:39:af:00:0c:c9:03:77:18:4f:05:cf:2c:2b:
04:1c:51:35:84:9b:54:1a:f6:ad:17:19:56:c9:e1:e7:02:9b:
9e:4e:54:25:5f:33:2c:22:06:ce:b6:93:60:c8:ca:dd:72:56:
3c:75:0d:39:d9:40:38:f0:57:c2:9b:cd:3f:2c:6d:63:26:cb:
0e:6e:58:be:04:ac:48:ec:0f:33:dd:4a:4c:bc:1b:96:b1:71:
58:e3:1b:c4:92:ac:31:d2:82:b7:19:a0:0c:c6:d0:98:e4:63:
2e:3d:57:02:36:3c:3a:37:a1:69:ea:de:48:4f:4b:b4:15:5b:
2f:c9:e6:c2:26:0f:89:e7:2a:de:6f:36:b6:b7:cd:5d:da:50:
2d:8d:bc:e9:66:6a:54:10:00:64:50:bc:49:b7:6d:42:8c:0f:
54:4e:5e:9a:39:59:c5:34:26:e3:b3:f3:65:a8:1c:d7:21:bd:
08:da:54:cd:e6:a8:10:2e:c3:14:46:32:ef:e4:05:71:50:a0:
88:87:7d:bc:75:91:18:8f:26:1d:87:20:3b:04:b6:25:4b:8b:
e1:9f:32:7c:7d:91:b7:15:48:ea:09:1d:e7:2f:88:fa:fb:78:
82:51:35:1f
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWMQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA3MTQwMDIwWhcNMjUwODE2MTQwMDIwWjAYMRYw
FAYDVQQDEw02ODZiZDJmOS1kMmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvAzmEp7jzNNOYDlzVaAi4qgt/SHZE1mEvAnr9WzMtMu0wc+EQWfnZyPg
PnOSiX5cNPczNQWo4bgdAa6DE8GqEYKqiFLSydF4VhcWflz6B93wJtS7puORHVzM
qLdKPxJwh5rYxIwxkRecBmpaRTYh1G8tu0L0kS8qpog9RL0YIV+x1byJVcLJWAE/
SVTFFxMyYijb2wlFP/GzkeWVX4NUhilnZqj7KSzq3EocTzjxLSQGTWPfZ7IVHPG0
ZKNgoflwd4LxsURyuCsCS/IPQ2l4ynAWqxr289bK5XoWEwdr+d0o16nZSHx0gzOH
yQTjq/e8o3GqrEDoZZCkM4hj8A5QRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGJu
vHUT/ZZ/HnYzHS975AFp82x2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQTk3QTIzODVCM0ExMUYwODk1OUI2QjdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQELcBgAwQFLc/AMA0GCSqGSIb3
DQEBCwUAA4IBAQB7e0WqMXPMye0VwGAo2WI+nESNg8CQdTmvAAzJA3cYTwXPLCsE
HFE1hJtUGvatFxlWyeHnApueTlQlXzMsIgbOtpNgyMrdclY8dQ052UA48FfCm80/
LG1jJssObli+BKxI7A8z3UpMvBuWsXFY4xvEkqwx0oK3GaAMxtCY5GMuPVcCNjw6
N6Fp6t5IT0u0FVsvyebCJg+J5yrebza2t81d2lAtjbzpZmpUEABkULxJt21CjA9U
Tl6aOVnFNCbjs/NlqBzXIb0I2lTN5qgQLsMURjLv5AVxUKCIh328dZEYjyYdhyA7
BLYlS4vhnzJ8fZG3FUjqCR3nL4j6+3iCUTUf
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:32:44 2025 by rpki-client