Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D61007565B0F11F086C36CA5DAE4EC9C.roa
File: D61007565B0F11F086C36CA5DAE4EC9C.roa (raw, json)
Hash identifier: v9XmPZByKF38ermNYpAw/q43SrD/mMUE/nzXxiCDqdw=
Subject key identifier: 18:4E:51:6B:AB:B7:45:29:65:08:57:8A:98:66:80:11:C4:5D:1A:70
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0162DC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D61007565B0F11F086C36CA5DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 08:53:23 +0000
ROA not before: Mon 07 Jul 2025 08:53:18 +0000
ROA not after: Mon 11 Aug 2025 08:53:18 +0000
asID: 203020
IP address blocks: 45.196.0.0/21 maxlen: 24
45.196.8.0/22 maxlen: 24
45.196.12.0/23 maxlen: 24
45.202.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90844 (0x162dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 7 08:53:18 2025 GMT
Not After : Aug 11 08:53:18 2025 GMT
Subject: CN=686b8b03-c3c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1f:06:ba:61:ae:50:8b:95:02:63:7a:af:44:
1e:ec:b1:27:03:b5:8a:73:05:8d:7f:af:f0:04:98:
f5:5a:ef:85:5f:76:94:0f:09:92:63:52:fc:fd:89:
65:89:36:40:cc:e7:9e:3d:c5:f7:6c:23:bf:83:43:
87:f0:a6:0e:68:fc:7b:cb:c9:22:5f:90:07:0f:f2:
7e:f1:06:70:15:42:fe:6a:05:0e:78:b9:62:38:53:
ef:ff:69:d7:ee:fa:1c:3f:40:27:64:3f:64:40:70:
a1:3e:47:bb:7f:54:4d:96:57:6c:d6:0f:0f:f4:35:
80:12:30:37:0e:81:e6:12:d7:65:c9:8e:ff:c9:5c:
77:5a:e2:e4:ea:95:8e:9a:72:0d:94:bb:e5:0f:af:
b2:a4:2c:69:92:1c:e9:ef:f3:ff:ad:da:0a:79:32:
e8:70:6f:f6:9e:bc:65:e9:52:13:22:e7:36:11:4a:
b9:fc:65:92:c3:93:99:e0:78:29:ee:75:f4:85:3b:
17:6d:04:fc:5c:8a:1b:24:62:a6:9d:aa:c7:37:c7:
a4:4e:3e:41:f6:20:1a:e2:b5:44:c7:c5:87:6e:e3:
8f:99:02:63:65:39:b7:67:61:38:10:28:96:df:79:
fc:3a:7c:9e:68:cf:15:95:de:eb:3b:c9:f9:d9:a6:
af:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4E:51:6B:AB:B7:45:29:65:08:57:8A:98:66:80:11:C4:5D:1A:70
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D61007565B0F11F086C36CA5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.0.0-45.196.13.255
45.202.46.0/24
Signature Algorithm: sha256WithRSAEncryption
05:d3:0c:04:f8:c3:69:2b:16:4a:33:62:1f:ad:44:3b:aa:c6:
00:8e:5f:b0:16:7b:a4:6a:31:04:4c:02:5c:a5:53:8e:6a:1e:
27:9c:c2:8c:1c:d8:cd:80:d7:cb:be:41:b2:aa:05:b1:dd:75:
51:92:89:b2:2c:56:50:2f:71:67:cd:5c:5b:76:d9:21:cd:8c:
67:9e:56:78:f7:13:77:3e:a4:bf:a3:18:91:1f:69:b8:0a:97:
78:e4:e6:ec:f8:2e:6e:7c:79:57:fa:22:9f:0d:ae:05:9a:d1:
ef:66:4b:87:b5:21:97:69:7c:78:b0:e2:d6:52:d9:47:5b:f7:
2a:05:00:0a:e3:0e:f6:3b:c8:78:7f:3f:43:de:1e:70:f9:71:
d7:13:67:b6:87:d0:c3:ae:81:69:1c:a0:60:c4:ac:6c:0d:e7:
05:ee:0b:1c:ac:ef:83:39:44:90:b2:d5:8a:67:26:9f:6f:2b:
41:a2:e1:4e:ef:52:e8:c4:e6:6c:47:4e:6b:f2:23:40:f9:f2:
72:92:ad:50:27:51:02:48:a6:92:34:63:e0:27:dc:93:d0:cf:
7b:e9:fa:65:06:8f:02:e9:c8:4c:d8:e3:6e:61:9b:95:13:be:
55:47:15:08:f5:b1:37:2c:18:8f:d1:6a:71:79:f2:03:76:ab:
58:4c:29:ea
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIDAWLcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA3MDg1MzE4WhcNMjUwODExMDg1MzE4WjAYMRYw
FAYDVQQDEw02ODZiOGIwMy1jM2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApx8GumGuUIuVAmN6r0Qe7LEnA7WKcwWNf6/wBJj1Wu+FX3aUDwmSY1L8
/YlliTZAzOeePcX3bCO/g0OH8KYOaPx7y8kiX5AHD/J+8QZwFUL+agUOeLliOFPv
/2nX7vocP0AnZD9kQHChPke7f1RNllds1g8P9DWAEjA3DoHmEtdlyY7/yVx3WuLk
6pWOmnINlLvlD6+ypCxpkhzp7/P/rdoKeTLocG/2nrxl6VITIuc2EUq5/GWSw5OZ
4Hgp7nX0hTsXbQT8XIobJGKmnarHN8ekTj5B9iAa4rVEx8WHbuOPmQJjZTm3Z2E4
ECiW33n8OnyeaM8Vld7rO8n52aavzQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFBhO
UWurt0UpZQhXiphmgBHEXRpwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENjEwMDc1NjVCMEYxMUYwODZDMzZDQTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwItxAMEAS3EDAMEAC3KLjAN
BgkqhkiG9w0BAQsFAAOCAQEABdMMBPjDaSsWSjNiH61EO6rGAI5fsBZ7pGoxBEwC
XKVTjmoeJ5zCjBzYzYDXy75BsqoFsd11UZKJsixWUC9xZ81cW3bZIc2MZ55WePcT
dz6kv6MYkR9puAqXeOTm7Pgubnx5V/oinw2uBZrR72ZLh7Uhl2l8eLDi1lLZR1v3
KgUACuMO9jvIeH8/Q94ecPlx1xNntofQw66BaRygYMSsbA3nBe4LHKzvgzlEkLLV
imcmn28rQaLhTu9S6MTmbEdOa/IjQPnycpKtUCdRAkimkjRj4Cfck9DPe+n6ZQaP
AunITNjjbmGblRO+VUcVCPWxNywYj9FqcXnyA3arWEwp6g==
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:37:28 2025 by rpki-client