Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD5D7B72597711F08BF76FC5DAE4EC9C.roa
File: DD5D7B72597711F08BF76FC5DAE4EC9C.roa (raw, json)
Hash identifier: N9ZZ3uRVuntriN8+kF7sdBiUC6OFgAeQorHNhVDNzmA=
Subject key identifier: 9C:E5:7C:26:61:F2:85:3C:3D:AB:96:60:F8:3F:E6:E8:8A:B6:8F:C1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016163
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD5D7B72597711F08BF76FC5DAE4EC9C.roa
Signing time: Sat 05 Jul 2025 08:13:00 +0000
ROA not before: Sat 05 Jul 2025 08:12:56 +0000
ROA not after: Mon 04 Aug 2025 08:12:56 +0000
asID: 204741
IP address blocks: 45.194.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90467 (0x16163)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 5 08:12:56 2025 GMT
Not After : Aug 4 08:12:56 2025 GMT
Subject: CN=6868de8c-0f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:33:d5:9a:52:12:57:b1:93:23:7c:e4:a6:83:
77:cb:46:f4:13:c5:d1:ba:e1:17:73:22:5d:3e:5b:
b2:e9:08:c3:0b:f7:98:11:72:db:d2:03:71:f4:30:
3b:f1:3a:c3:c1:b4:4a:52:0b:e9:78:77:ba:de:fe:
c5:03:de:e3:b5:2d:d7:9f:9f:73:28:4a:4e:8e:a9:
56:18:9d:76:04:0f:7e:68:5e:dd:e2:33:d6:1d:66:
35:1b:59:c8:bf:31:a1:64:56:de:4d:58:41:03:9f:
b0:5d:be:fa:c1:2f:11:bb:0c:e8:ea:63:19:e7:cb:
57:9e:02:db:0b:7e:96:1b:5e:53:d4:46:99:97:aa:
1c:c9:4d:c0:4c:c2:f7:19:09:99:35:47:39:cd:9a:
2c:8c:54:e2:e1:e1:79:fc:d2:44:32:be:c7:c5:84:
88:ff:a1:d3:92:6c:e6:91:4e:cf:16:4f:f7:07:d6:
a3:2f:69:84:16:27:19:6b:67:49:71:36:c7:c6:5c:
e9:16:93:ce:7f:df:d4:ec:00:c5:81:41:36:49:87:
24:b7:db:82:7b:6c:28:d4:3f:76:5d:29:22:46:8e:
fb:d6:aa:89:67:07:b6:7c:44:6d:a4:2b:07:7b:e6:
b0:6b:97:68:21:c3:0a:e6:8a:5b:21:14:8d:da:61:
5e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E5:7C:26:61:F2:85:3C:3D:AB:96:60:F8:3F:E6:E8:8A:B6:8F:C1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD5D7B72597711F08BF76FC5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.65.0/24
Signature Algorithm: sha256WithRSAEncryption
01:f2:d9:84:0f:e9:bc:ac:3e:62:b1:74:7d:11:ec:58:50:39:
fb:ca:a3:79:08:93:1c:de:09:bf:96:41:d3:0e:1f:ff:d8:95:
cb:7b:29:4e:fc:0c:2b:c8:de:e7:53:df:bb:f8:70:e8:5b:b5:
c1:8e:7f:24:d5:96:0b:f6:4e:e6:d0:59:58:a0:d6:18:37:21:
2f:82:ac:0b:63:d6:12:68:20:bf:d1:2c:7f:d2:ec:da:21:b8:
89:67:75:3a:87:d6:b2:ab:19:eb:08:93:6b:dc:8d:c0:80:43:
ed:54:e0:38:d4:97:13:12:8b:a7:97:d0:70:7b:64:b7:02:75:
f7:02:43:7f:df:92:1b:36:2a:1e:b4:36:1b:23:58:43:a5:3c:
8a:e2:ca:a4:dd:bd:55:49:b9:e8:bd:69:b7:f1:69:9f:b7:f0:
21:cc:13:df:b1:fd:26:28:f2:a2:f6:ae:36:52:df:d0:35:4c:
c6:2f:7c:53:56:05:9f:24:a3:6b:83:45:b0:5f:1f:e5:72:96:
70:c8:40:7e:57:5f:0d:48:e4:6d:65:49:f9:c3:65:0d:93:62:
68:6f:ca:ef:b8:d6:dd:59:e9:85:01:14:6d:66:82:c7:13:09:
52:15:58:2b:b9:c9:57:07:47:3a:84:a7:37:ad:fc:aa:da:a5:
62:c2:4b:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWFjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA1MDgxMjU2WhcNMjUwODA0MDgxMjU2WjAYMRYw
FAYDVQQDEw02ODY4ZGU4Yy0wZjFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAujPVmlISV7GTI3zkpoN3y0b0E8XRuuEXcyJdPluy6QjDC/eYEXLb0gNx
9DA78TrDwbRKUgvpeHe63v7FA97jtS3Xn59zKEpOjqlWGJ12BA9+aF7d4jPWHWY1
G1nIvzGhZFbeTVhBA5+wXb76wS8Ruwzo6mMZ58tXngLbC36WG15T1EaZl6ocyU3A
TML3GQmZNUc5zZosjFTi4eF5/NJEMr7HxYSI/6HTkmzmkU7PFk/3B9ajL2mEFicZ
a2dJcTbHxlzpFpPOf9/U7ADFgUE2SYckt9uCe2wo1D92XSkiRo771qqJZwe2fERt
pCsHe+awa5doIcMK5opbIRSN2mFewQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJzl
fCZh8oU8PauWYPg/5uiKto/BMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERDVEN0I3MjU5NzcxMUYwOEJGNzZGQzVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcJBMA0GCSqGSIb3DQEBCwUA
A4IBAQAB8tmED+m8rD5isXR9EexYUDn7yqN5CJMc3gm/lkHTDh//2JXLeylO/Awr
yN7nU9+7+HDoW7XBjn8k1ZYL9k7m0FlYoNYYNyEvgqwLY9YSaCC/0Sx/0uzaIbiJ
Z3U6h9ayqxnrCJNr3I3AgEPtVOA41JcTEounl9Bwe2S3AnX3AkN/35IbNioetDYb
I1hDpTyK4sqk3b1VSbnovWm38Wmft/AhzBPfsf0mKPKi9q42Ut/QNUzGL3xTVgWf
JKNrg0WwXx/lcpZwyEB+V18NSORtZUn5w2UNk2Job8rvuNbdWemFARRtZoLHEwlS
FVgruclXB0c6hKc3rfyq2qViwks0
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:29:31 2025 by rpki-client