Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F71E9C545A8911F08AAAF4B2DAE4EC9C.roa
File: F71E9C545A8911F08AAAF4B2DAE4EC9C.roa (raw, json)
Hash identifier: Dy7JuOOXteILOMTBNlRoVutmdy2yCGuS2qCjBGx9Sc4=
Subject key identifier: 09:56:95:D4:15:77:EF:BD:EE:E7:C9:C2:9D:B5:DA:4F:5A:F8:7F:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01625D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F71E9C545A8911F08AAAF4B2DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 16:55:05 +0000
ROA not before: Sun 06 Jul 2025 16:55:01 +0000
ROA not after: Tue 12 Aug 2025 16:55:01 +0000
asID: 48266
IP address blocks: 45.207.218.0/23 maxlen: 24
45.207.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90717 (0x1625d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 6 16:55:01 2025 GMT
Not After : Aug 12 16:55:01 2025 GMT
Subject: CN=686aaa69-f485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5f:d3:bd:be:9a:ab:ce:d0:a2:5d:c1:e6:29:
b8:96:b3:3b:a8:9a:f8:b1:a7:ab:ff:7e:9e:76:8e:
c5:df:cc:7a:a8:28:4e:55:c2:89:d5:34:4f:19:c3:
bb:14:ce:4a:f2:02:e1:d4:3a:f1:d1:47:77:32:32:
90:7b:2f:8c:ef:f1:7d:13:6a:8b:63:22:bd:85:d7:
11:25:e4:33:50:72:49:f4:0a:05:a2:64:d8:53:63:
37:e9:09:a0:5e:10:81:9d:9a:3d:d2:c6:25:c5:60:
54:fc:f3:b9:3e:33:1b:6f:f3:b8:50:bd:b1:f2:fd:
71:31:52:55:2d:b9:df:18:12:67:37:d0:cc:d2:00:
fd:61:a0:f9:82:f9:ac:27:e4:4b:e2:db:32:7a:f2:
d5:a3:ca:22:91:0b:8b:db:c7:41:dd:c8:ab:d0:d0:
a9:3a:33:37:5b:00:2d:e1:ad:57:52:41:f1:9f:6b:
9a:88:7f:23:9b:50:47:c3:66:49:e0:22:35:48:d6:
a8:fd:c7:50:8b:79:e8:2a:78:fb:e2:f9:19:57:4a:
82:7a:33:63:3d:f1:9e:ac:60:f5:fd:31:2d:9f:61:
bd:d8:fd:52:04:cf:bd:f5:69:1d:e3:41:cc:a8:1d:
36:65:9a:d8:a2:01:2d:ba:d5:f6:1c:ae:46:e6:5f:
47:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:56:95:D4:15:77:EF:BD:EE:E7:C9:C2:9D:B5:DA:4F:5A:F8:7F:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F71E9C545A8911F08AAAF4B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.218.0-45.207.223.255
Signature Algorithm: sha256WithRSAEncryption
a0:d0:37:da:5d:7d:d5:54:69:2d:1b:6a:72:d5:b7:6b:07:22:
6a:4a:04:5e:fd:01:b7:40:fe:ba:0d:df:dd:dc:c3:3b:cd:59:
ab:c9:56:10:07:9d:1a:9f:b2:25:ef:e3:00:b7:b1:b6:f6:86:
60:e3:9d:7d:62:31:13:d8:bc:1e:9e:0d:a1:f0:b3:38:55:67:
c0:61:5a:0a:1f:2f:c3:be:ba:b2:d5:82:6b:e8:c9:b7:3c:b1:
ed:d5:5a:56:d4:b5:4d:05:c2:21:b9:12:dd:84:5c:93:dd:b8:
e3:13:40:4e:ac:b5:06:af:c2:f9:ce:b5:9b:37:9a:b6:89:a5:
1d:ac:b3:34:64:b8:8a:7d:db:1a:ad:5e:e5:85:94:66:bd:2c:
f5:1f:29:e2:d2:cc:17:51:c1:60:87:ad:f8:24:f6:8f:a4:20:
4c:e6:3c:2a:b0:2d:ad:fb:49:68:7a:9d:dd:be:54:09:08:a0:
7c:d0:db:02:b8:63:bc:8b:51:f2:da:1c:1f:77:28:88:e4:66:
da:8b:43:5e:dc:57:3a:49:c5:ce:55:65:a6:ff:69:21:26:f0:
91:1f:76:ce:18:4f:90:39:f6:4c:01:f5:e9:98:9c:9c:5d:05:
e2:e2:ef:0f:a5:29:cd:f0:c7:0f:2c:ac:1c:12:00:0a:c4:06:
bf:ee:98:ba
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWJdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA2MTY1NTAxWhcNMjUwODEyMTY1NTAxWjAYMRYw
FAYDVQQDEw02ODZhYWE2OS1mNDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1l/Tvb6aq87Qol3B5im4lrM7qJr4saer/36edo7F38x6qChOVcKJ1TRP
GcO7FM5K8gLh1Drx0Ud3MjKQey+M7/F9E2qLYyK9hdcRJeQzUHJJ9AoFomTYU2M3
6QmgXhCBnZo90sYlxWBU/PO5PjMbb/O4UL2x8v1xMVJVLbnfGBJnN9DM0gD9YaD5
gvmsJ+RL4tsyevLVo8oikQuL28dB3cir0NCpOjM3WwAt4a1XUkHxn2uaiH8jm1BH
w2ZJ4CI1SNao/cdQi3noKnj74vkZV0qCejNjPfGerGD1/TEtn2G92P1SBM+99Wkd
40HMqB02ZZrYogEtutX2HK5G5l9HMwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAlW
ldQVd++97ufJwp212k9a+H/eMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNzFFOUM1NDVBODkxMUYwOEFBQUY0QjJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEtz9oDBAUtz8AwDQYJKoZI
hvcNAQELBQADggEBAKDQN9pdfdVUaS0banLVt2sHImpKBF79AbdA/roN393cwzvN
WavJVhAHnRqfsiXv4wC3sbb2hmDjnX1iMRPYvB6eDaHwszhVZ8BhWgofL8O+urLV
gmvoybc8se3VWlbUtU0FwiG5Et2EXJPduOMTQE6stQavwvnOtZs3mraJpR2sszRk
uIp92xqtXuWFlGa9LPUfKeLSzBdRwWCHrfgk9o+kIEzmPCqwLa37SWh6nd2+VAkI
oHzQ2wK4Y7yLUfLaHB93KIjkZtqLQ17cVzpJxc5VZab/aSEm8JEfds4YT5A59kwB
9emYnJxdBeLi7w+lKc3wxw8srBwSAArEBr/umLo=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:09:16 2025 by rpki-client