Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D02EBFC28E1C11F08E0BEFDBDAE4EC9C.roa
File: D02EBFC28E1C11F08E0BEFDBDAE4EC9C.roa (raw, json)
Hash identifier: upa9ccCf8Ufeno+hZI8cmxEsMUbh+fCJD05CXvQLRs4=
Subject key identifier: 20:98:9D:38:0A:C1:F3:16:BF:C4:76:96:A1:1B:DD:F0:28:62:8E:50
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017A4B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D02EBFC28E1C11F08E0BEFDBDAE4EC9C.roa
Signing time: Wed 10 Sep 2025 08:04:45 +0000
ROA not before: Wed 10 Sep 2025 08:04:41 +0000
ROA not after: Wed 15 Oct 2025 08:04:41 +0000
asID: 400046
IP address blocks: 45.195.64.0/24 maxlen: 24
45.195.65.0/24 maxlen: 24
45.195.66.0/24 maxlen: 24
45.195.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 13 Oct 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96843 (0x17a4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 10 08:04:41 2025 GMT
Not After : Oct 15 08:04:41 2025 GMT
Subject: CN=68c1311d-fa2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:af:e9:c2:89:96:81:fd:d4:c7:e0:18:b0:d1:
60:69:30:eb:f3:3f:de:67:67:47:36:56:52:79:31:
ec:a1:b5:49:11:f9:96:b0:06:7f:f6:d3:cd:d7:f4:
02:d3:2e:86:32:92:d7:29:4c:20:d0:ee:af:ae:60:
55:16:f2:b6:9b:7f:08:a0:06:f1:ee:20:2c:ee:d1:
6f:b5:3e:85:e8:84:df:78:cf:52:2d:21:f1:65:b8:
15:a2:d5:2a:86:17:d9:5f:2c:d9:b9:ed:4d:67:ad:
3f:68:37:58:28:c5:36:67:f2:82:aa:d6:a6:ab:f6:
6e:c8:05:2c:75:f3:51:51:6a:91:a2:60:d5:9d:aa:
c8:5a:14:7e:f8:af:7c:62:cf:f8:d6:50:d9:a7:90:
8c:90:66:80:43:4e:7d:4f:72:a9:cb:cb:7b:81:dd:
e8:71:01:63:d9:c0:2c:1f:d8:73:dd:cb:19:c7:f8:
20:d1:8a:65:79:5f:d7:f0:98:81:90:a3:7c:b2:8a:
1c:0f:11:06:b7:17:0f:85:34:de:56:80:2b:da:ef:
a1:89:3c:4e:5e:00:0d:f0:3c:20:9d:5d:95:04:85:
e9:6d:ac:3c:77:fb:e0:53:fa:b4:7c:28:32:46:dc:
de:ba:a3:c7:f9:7e:34:1e:33:d2:36:42:c5:e9:af:
4e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:98:9D:38:0A:C1:F3:16:BF:C4:76:96:A1:1B:DD:F0:28:62:8E:50
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D02EBFC28E1C11F08E0BEFDBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.64.0/22
Signature Algorithm: sha256WithRSAEncryption
68:74:e2:34:9c:6d:60:8a:76:2b:0f:e9:78:95:bc:65:a2:64:
d8:09:29:28:95:33:4e:82:b4:bc:ae:45:80:5c:85:27:62:23:
c2:ff:32:7f:25:96:c0:0e:9b:e0:a0:d1:c6:9c:85:52:57:cb:
e1:ed:50:e1:b9:c1:48:a5:71:d8:c3:17:da:ab:52:f0:a3:a9:
cf:df:98:eb:a6:b6:98:c5:79:d3:c0:2b:d0:6f:00:de:aa:78:
9d:e5:d3:26:d8:23:d2:c3:46:82:74:fa:c8:48:b2:69:a5:7b:
f5:dd:c5:eb:71:89:7a:fa:e6:7c:05:36:d7:8c:eb:ab:7f:91:
5c:6a:49:cf:9c:58:c0:b3:b6:1e:a0:a1:bf:af:c5:f5:61:69:
d8:7c:86:a8:6e:0e:db:45:b0:d0:bd:56:7f:91:b6:ef:f6:a9:
09:70:4b:03:4a:f4:fc:b2:fb:ba:ea:e8:be:78:ee:c3:96:4e:
fc:9c:85:6f:ff:09:c9:9e:81:87:ce:ac:95:79:e6:ca:a1:30:
94:a6:68:20:da:f3:f8:a4:88:67:e9:65:ad:a3:12:ee:d8:10:
77:bf:eb:ab:8a:f7:a7:e1:0b:79:b6:fd:b6:70:72:55:6d:0f:
6f:4b:a5:87:cd:4b:7c:3c:01:e2:df:22:2d:db:5f:1b:ee:42:
ef:a1:16:ce
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXpLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTEwMDgwNDQxWhcNMjUxMDE1MDgwNDQxWjAYMRYw
FAYDVQQDEw02OGMxMzExZC1mYTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr6/pwomWgf3Ux+AYsNFgaTDr8z/eZ2dHNlZSeTHsobVJEfmWsAZ/9tPN
1/QC0y6GMpLXKUwg0O6vrmBVFvK2m38IoAbx7iAs7tFvtT6F6ITfeM9SLSHxZbgV
otUqhhfZXyzZue1NZ60/aDdYKMU2Z/KCqtamq/ZuyAUsdfNRUWqRomDVnarIWhR+
+K98Ys/41lDZp5CMkGaAQ059T3Kpy8t7gd3ocQFj2cAsH9hz3csZx/gg0YpleV/X
8JiBkKN8soocDxEGtxcPhTTeVoAr2u+hiTxOXgAN8DwgnV2VBIXpbaw8d/vgU/q0
fCgyRtzeuqPH+X40HjPSNkLF6a9OuQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCCY
nTgKwfMWv8R2lqEb3fAoYo5QMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDJFQkZDMjhFMUMxMUYwOEUwQkVGREJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcNAMA0GCSqGSIb3DQEBCwUA
A4IBAQBodOI0nG1ginYrD+l4lbxlomTYCSkolTNOgrS8rkWAXIUnYiPC/zJ/JZbA
DpvgoNHGnIVSV8vh7VDhucFIpXHYwxfaq1Lwo6nP35jrpraYxXnTwCvQbwDeqnid
5dMm2CPSw0aCdPrISLJppXv13cXrcYl6+uZ8BTbXjOurf5FcaknPnFjAs7YeoKG/
r8X1YWnYfIaobg7bRbDQvVZ/kbbv9qkJcEsDSvT8svu66ui+eO7Dlk78nIVv/wnJ
noGHzqyVeebKoTCUpmgg2vP4pIhn6WWtoxLu2BB3v+uriven4Qt5tv22cHJVbQ9v
S6WHzUt8PAHi3yIt218b7kLvoRbO
-----END CERTIFICATE-----
Generated at Sat Oct 11 13:23:30 2025 by rpki-client