Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F691A01A5B5111F0854926CBDAE4EC9C.roa
File: F691A01A5B5111F0854926CBDAE4EC9C.roa (raw, json)
Hash identifier: O49mljip3YmN0Cj7zp08F9BJ6tRgIdJvWQdqod6HeMk=
Subject key identifier: 79:88:28:94:1C:F0:05:6D:43:09:35:75:59:F7:AE:61:51:53:B8:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016330
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F691A01A5B5111F0854926CBDAE4EC9C.roa
Signing time: Mon 07 Jul 2025 16:46:44 +0000
ROA not before: Mon 07 Jul 2025 16:46:39 +0000
ROA not after: Sun 24 Aug 2025 16:46:39 +0000
asID: 21859
IP address blocks: 45.196.31.0/24 maxlen: 24
45.202.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90928 (0x16330)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 7 16:46:39 2025 GMT
Not After : Aug 24 16:46:39 2025 GMT
Subject: CN=686bf9f4-f207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9f:99:2b:5a:f1:48:cb:f1:6d:b4:06:0a:59:
16:c0:e2:45:fe:0b:4f:a2:17:9d:67:2d:8c:8e:eb:
0d:eb:2f:87:55:92:19:00:b0:7c:61:14:e5:18:df:
b3:17:9d:49:43:08:89:3c:2a:ec:d9:48:4b:b5:ae:
cb:80:2f:aa:77:df:8a:1c:0d:b3:f2:05:e3:6e:b5:
00:67:9c:c4:24:2b:fe:09:0e:d6:39:c1:09:8f:20:
45:5b:41:8c:6a:61:a0:99:2a:c7:1e:f5:ae:55:72:
b8:e7:b1:04:18:6a:9c:07:3b:7b:c5:c6:c2:5a:22:
19:92:17:fa:c9:b4:3a:a8:34:80:e6:30:ee:13:7d:
f7:67:9e:85:91:8b:5c:60:21:d3:24:aa:5a:fe:37:
7d:d1:ac:dd:a0:b1:47:ce:84:67:d7:3f:a2:3c:68:
93:1b:c8:1e:4c:35:4f:a6:56:a6:93:50:de:44:3a:
7b:45:1f:01:54:6c:e3:65:4a:e7:4d:eb:22:0e:51:
52:3f:ac:f1:fb:43:77:9a:59:35:f1:bb:56:35:15:
7c:3e:f9:a1:9b:5f:0c:da:41:fe:49:a8:cd:87:3e:
91:ed:0a:38:e7:06:04:7d:20:1a:63:56:d0:fb:e2:
e0:a0:65:e0:b4:bf:bc:b1:47:3f:5d:57:ec:c5:f7:
50:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:88:28:94:1C:F0:05:6D:43:09:35:75:59:F7:AE:61:51:53:B8:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F691A01A5B5111F0854926CBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.31.0/24
45.202.108.0/24
Signature Algorithm: sha256WithRSAEncryption
01:17:df:f5:4b:df:66:c7:ef:63:98:1a:5e:76:6b:f4:b7:da:
99:19:e6:4d:5b:1f:1c:af:67:9c:bd:4e:d3:69:f7:90:82:58:
bc:f7:1d:c1:cc:ae:a0:c5:79:77:4b:c4:40:d6:b3:5c:3c:2d:
5e:ed:13:0b:67:0d:65:27:17:c1:e6:3f:5d:7a:7b:99:c7:05:
de:46:87:f5:71:e5:3d:39:2e:d9:32:38:a4:70:91:f7:0f:38:
23:1a:35:95:7a:63:bf:40:6a:31:dc:c1:b6:22:af:c5:8f:6b:
51:36:7c:7f:12:7e:56:eb:f9:94:76:82:c7:7d:b3:c5:c4:28:
59:d5:61:72:54:96:e4:a6:f8:ff:db:b3:61:8c:94:a3:04:1f:
ad:72:03:b9:41:29:a9:84:d7:e0:be:1a:da:44:38:01:8f:17:
d1:ab:5c:07:2c:68:27:af:2b:21:c1:0b:c3:31:21:02:0b:74:
00:76:75:3b:c7:86:25:e2:5b:c4:55:2d:56:98:99:e5:da:28:
3c:5c:c0:1a:56:0d:32:ee:e6:66:ec:f8:eb:b5:0b:46:13:03:
f8:7d:b9:a9:21:f3:6f:e3:1b:ee:97:2b:57:fc:07:80:0c:ce:
72:ba:9e:67:61:07:e8:b1:6e:48:8f:a9:1e:b6:1c:48:fc:e6:
39:c0:0b:34
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWMwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA3MTY0NjM5WhcNMjUwODI0MTY0NjM5WjAYMRYw
FAYDVQQDEw02ODZiZjlmNC1mMjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAm5+ZK1rxSMvxbbQGClkWwOJF/gtPohedZy2MjusN6y+HVZIZALB8YRTl
GN+zF51JQwiJPCrs2UhLta7LgC+qd9+KHA2z8gXjbrUAZ5zEJCv+CQ7WOcEJjyBF
W0GMamGgmSrHHvWuVXK457EEGGqcBzt7xcbCWiIZkhf6ybQ6qDSA5jDuE333Z56F
kYtcYCHTJKpa/jd90azdoLFHzoRn1z+iPGiTG8geTDVPplamk1DeRDp7RR8BVGzj
ZUrnTesiDlFSP6zx+0N3mlk18btWNRV8Pvmhm18M2kH+SajNhz6R7Qo45wYEfSAa
Y1bQ++LgoGXgtL+8sUc/XVfsxfdQ+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHmI
KJQc8AVtQwk1dVn3rmFRU7hOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNjkxQTAxQTVCNTExMUYwODU0OTI2Q0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcQfAwQALcpsMA0GCSqGSIb3
DQEBCwUAA4IBAQABF9/1S99mx+9jmBpedmv0t9qZGeZNWx8cr2ecvU7TafeQgli8
9x3BzK6gxXl3S8RA1rNcPC1e7RMLZw1lJxfB5j9denuZxwXeRof1ceU9OS7ZMjik
cJH3DzgjGjWVemO/QGox3MG2Iq/Fj2tRNnx/En5W6/mUdoLHfbPFxChZ1WFyVJbk
pvj/27NhjJSjBB+tcgO5QSmphNfgvhraRDgBjxfRq1wHLGgnryshwQvDMSECC3QA
dnU7x4Yl4lvEVS1WmJnl2ig8XMAaVg0y7uZm7PjrtQtGEwP4fbmpIfNv4xvulytX
/AeADM5yup5nYQfosW5Ij6kethxI/OY5wAs0
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:35:33 2025 by rpki-client