Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6AC2A4058CA11F0A23D71D8DAE4EC9C.roa
File: F6AC2A4058CA11F0A23D71D8DAE4EC9C.roa (raw, json)
Hash identifier: /AaIus6RoSzR0fddP9nU7zADdqSv5zlPGTgqeL0VYtI=
Subject key identifier: DA:AD:C7:6E:94:A1:2B:AD:24:2B:EE:3F:74:D1:E5:6C:C0:BD:12:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0160F6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6AC2A4058CA11F0A23D71D8DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 11:35:20 +0000
ROA not before: Fri 04 Jul 2025 11:35:15 +0000
ROA not after: Mon 08 Sep 2025 11:35:15 +0000
asID: 215691
IP address blocks: 45.198.54.0/24 maxlen: 24
45.198.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90358 (0x160f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 4 11:35:15 2025 GMT
Not After : Sep 8 11:35:15 2025 GMT
Subject: CN=6867bc78-44a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:de:0e:31:91:07:56:32:e0:bc:b8:b7:ee:a1:
4d:f4:68:aa:44:02:94:10:cd:fc:72:39:60:3f:db:
53:83:7b:31:8f:0c:7e:78:46:50:73:94:dc:0f:94:
13:1f:a7:c5:98:1b:97:a3:13:28:b8:b4:86:e0:ef:
fe:72:92:56:f8:2e:39:8e:ab:e0:62:52:42:9d:0b:
04:bb:5f:df:10:83:02:ac:fb:16:64:81:d3:9f:63:
cb:8d:49:e5:90:e4:74:c2:b2:f6:88:cc:62:b6:c9:
fa:dc:0e:9d:6f:d3:f9:d5:93:f5:fa:79:76:d9:ca:
dd:73:3c:b6:d9:39:51:f1:da:94:b9:eb:dc:85:1e:
39:db:54:70:f4:85:ff:f8:e6:fb:d5:12:63:80:5e:
44:11:d6:66:10:d2:6f:a0:b1:62:f7:70:de:9f:16:
b3:7d:c2:4c:6b:df:59:a0:35:ca:99:1c:79:dd:0f:
5c:eb:b7:37:dd:01:9b:c2:02:a3:4a:2c:29:94:26:
3e:99:ba:41:1b:d5:d2:cf:17:07:88:ed:d7:21:a3:
76:c0:31:94:ba:05:fe:5b:54:41:9a:0e:24:23:35:
58:cf:44:fa:cc:dc:23:4d:15:c8:10:f9:58:29:7d:
10:0f:44:d4:9f:90:bb:5b:85:7b:fd:85:82:88:b7:
a0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AD:C7:6E:94:A1:2B:AD:24:2B:EE:3F:74:D1:E5:6C:C0:BD:12:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6AC2A4058CA11F0A23D71D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.54.0/23
Signature Algorithm: sha256WithRSAEncryption
12:c4:cb:ea:2c:3a:de:ca:86:53:e2:51:93:23:0c:05:f0:67:
be:ac:06:08:f5:3f:2b:28:ee:ce:24:db:0a:25:a1:9c:6f:7f:
88:a4:b9:6e:90:07:c6:b8:95:3a:95:1b:df:85:6c:4e:fe:ca:
82:63:7c:4c:31:02:43:8f:dd:37:7d:2e:08:87:00:a1:d5:0b:
cb:9b:a4:4b:eb:12:e1:59:f2:4e:c9:a4:e3:57:ae:44:73:44:
e4:c8:a6:d8:ac:c0:3e:ae:7b:e4:6c:1e:48:2b:c2:25:ce:a1:
fd:b3:7e:0e:a6:fe:6b:d7:db:9d:fb:f1:d1:44:40:21:9a:e8:
f1:b9:03:3d:32:22:b4:d9:66:09:ef:c0:bb:ff:6b:37:2a:b1:
3c:dd:d2:88:16:69:ee:a1:e7:5f:68:5f:64:2d:71:20:ba:a0:
c6:bc:af:8d:8c:b5:6a:11:ba:8e:12:be:14:6d:56:61:a7:20:
64:05:05:9c:e9:b1:57:1d:af:53:a1:db:3f:a8:30:42:91:80:
e4:c6:86:b7:58:3e:37:f6:53:d4:68:0e:ea:41:e0:0b:22:cb:
5f:ce:15:d5:fa:41:43:c3:86:79:eb:49:4a:b0:40:63:26:c4:
79:38:48:15:3f:12:4d:46:1d:1e:a9:b3:40:c6:d9:2b:f5:ac:
a5:48:33:32
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWD2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA0MTEzNTE1WhcNMjUwOTA4MTEzNTE1WjAYMRYw
FAYDVQQDEw02ODY3YmM3OC00NGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0t4OMZEHVjLgvLi37qFN9GiqRAKUEM38cjlgP9tTg3sxjwx+eEZQc5Tc
D5QTH6fFmBuXoxMouLSG4O/+cpJW+C45jqvgYlJCnQsEu1/fEIMCrPsWZIHTn2PL
jUnlkOR0wrL2iMxitsn63A6db9P51ZP1+nl22crdczy22TlR8dqUuevchR4521Rw
9IX/+Ob71RJjgF5EEdZmENJvoLFi93DenxazfcJMa99ZoDXKmRx53Q9c67c33QGb
wgKjSiwplCY+mbpBG9XSzxcHiO3XIaN2wDGUugX+W1RBmg4kIzVYz0T6zNwjTRXI
EPlYKX0QD0TUn5C7W4V7/YWCiLegXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNqt
x26UoSutJCvuP3TR5WzAvRKtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNkFDMkE0MDU4Q0ExMUYwQTIzRDcxRDhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcY2MA0GCSqGSIb3DQEBCwUA
A4IBAQASxMvqLDreyoZT4lGTIwwF8Ge+rAYI9T8rKO7OJNsKJaGcb3+IpLlukAfG
uJU6lRvfhWxO/sqCY3xMMQJDj903fS4IhwCh1QvLm6RL6xLhWfJOyaTjV65Ec0Tk
yKbYrMA+rnvkbB5IK8IlzqH9s34Opv5r19ud+/HRREAhmujxuQM9MiK02WYJ78C7
/2s3KrE83dKIFmnuoedfaF9kLXEguqDGvK+NjLVqEbqOEr4UbVZhpyBkBQWc6bFX
Ha9Tods/qDBCkYDkxoa3WD439lPUaA7qQeALIstfzhXV+kFDw4Z560lKsEBjJsR5
OEgVPxJNRh0eqbNAxtkr9aylSDMy
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:43:24 2025 by rpki-client