Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB61C9E0624E11F09AC5F4A1DAE4EC9C.roa
File: FB61C9E0624E11F09AC5F4A1DAE4EC9C.roa (raw, json)
Hash identifier: bWWAGqsOl2fVTXGU2SgUZkQAeDH0DTV+uPdPP1A0/pc=
Subject key identifier: C9:F9:1B:4A:47:16:37:5C:2A:F5:16:36:B6:7D:71:FE:A0:1B:50:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01659B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB61C9E0624E11F09AC5F4A1DAE4EC9C.roa
Signing time: Wed 16 Jul 2025 14:13:02 +0000
ROA not before: Wed 16 Jul 2025 14:12:57 +0000
ROA not after: Fri 25 Jul 2025 14:12:57 +0000
asID: 5650
IP address blocks: 45.196.36.0/22 maxlen: 24
45.196.44.0/22 maxlen: 24
45.196.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91547 (0x1659b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 16 14:12:57 2025 GMT
Not After : Jul 25 14:12:57 2025 GMT
Subject: CN=6877b36e-4681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:03:37:4b:a1:f6:1f:35:b0:3f:b8:c4:06:ea:
0f:33:a5:b9:ae:f8:04:48:0e:ad:9e:a0:c1:77:33:
00:51:d1:80:5c:69:8b:05:27:47:5b:1c:ba:b5:07:
69:43:c7:de:3b:29:c2:9d:23:c5:d3:81:db:eb:9e:
9b:e8:53:fc:5f:83:d8:c7:30:7d:ad:45:aa:88:53:
d7:c3:12:6f:d8:62:5c:9f:14:2f:d5:06:05:e5:61:
90:ae:6e:64:14:ed:7c:80:e6:f6:a6:81:ab:2d:86:
fd:b1:db:e3:d8:84:d5:5f:31:bf:88:5e:44:2e:ab:
24:c4:30:4e:1a:35:ec:5e:99:dc:08:b2:99:1e:d2:
f2:b2:76:8e:ac:60:8b:e7:91:95:df:2f:c9:a9:0f:
e8:3d:13:47:47:bb:c1:c3:a7:e8:bb:4a:f0:a0:38:
12:fd:50:c6:c5:e4:9d:87:de:30:4b:63:7b:24:ff:
9c:34:94:89:45:64:8a:1e:16:14:0c:63:1a:6e:9e:
72:ce:0b:00:b7:ee:d9:b6:c1:91:90:3e:cc:e4:8e:
eb:82:7c:35:11:0f:60:89:03:fb:7c:2e:3f:52:a4:
ae:52:e5:f8:4c:9b:76:4c:2b:a8:09:8f:23:cd:a1:
2f:f0:60:95:45:00:a1:46:1c:b3:ae:7d:de:30:75:
f9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F9:1B:4A:47:16:37:5C:2A:F5:16:36:B6:7D:71:FE:A0:1B:50:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB61C9E0624E11F09AC5F4A1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.36.0/22
45.196.44.0/22
45.196.56.0/22
Signature Algorithm: sha256WithRSAEncryption
af:57:77:d3:c5:2e:57:60:03:bd:01:8d:19:4d:30:9d:a9:5c:
83:be:a9:cf:b3:44:54:40:01:3d:3c:63:b2:ab:93:52:84:9b:
45:f2:50:83:f1:2d:9a:b8:9f:e9:e5:db:e7:d9:94:fe:6d:67:
89:fd:59:a5:df:c1:a3:5a:a8:a3:09:19:1f:93:00:19:9d:cf:
c9:39:0c:df:cd:d9:05:a3:31:50:85:03:e8:ee:57:1f:ad:55:
9c:e7:ef:cf:6a:6b:e2:fc:2b:db:f5:8f:fa:22:56:f5:8d:ec:
93:8e:b2:39:d3:a9:01:d2:90:06:fe:ff:5d:c2:67:e2:32:2b:
88:00:e5:d8:76:30:8b:6a:8b:6d:97:c1:18:cd:79:d3:2c:1c:
53:ef:65:bf:6e:0b:9d:68:97:6d:59:dd:74:e5:37:09:66:3a:
ea:e9:dc:f0:b4:16:77:3b:0d:9c:10:6b:b5:b9:1a:5f:78:03:
62:9c:3b:68:df:79:d3:01:62:fc:94:26:53:b1:49:c0:3c:c1:
8f:87:b7:3e:1e:f4:90:f6:9d:dc:71:c9:05:c3:b1:07:a5:de:
84:ef:74:ff:e0:2f:a8:df:51:5e:82:28:84:fe:28:be:fe:7f:
23:b7:e8:f6:18:7e:31:0a:92:fc:d0:13:2a:77:7c:ec:41:e5:
e5:e6:ac:fd
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAWWbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE2MTQxMjU3WhcNMjUwNzI1MTQxMjU3WjAYMRYw
FAYDVQQDEw02ODc3YjM2ZS00NjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzwM3S6H2HzWwP7jEBuoPM6W5rvgESA6tnqDBdzMAUdGAXGmLBSdHWxy6
tQdpQ8feOynCnSPF04Hb656b6FP8X4PYxzB9rUWqiFPXwxJv2GJcnxQv1QYF5WGQ
rm5kFO18gOb2poGrLYb9sdvj2ITVXzG/iF5ELqskxDBOGjXsXpncCLKZHtLysnaO
rGCL55GV3y/JqQ/oPRNHR7vBw6fou0rwoDgS/VDGxeSdh94wS2N7JP+cNJSJRWSK
HhYUDGMabp5yzgsAt+7ZtsGRkD7M5I7rgnw1EQ9giQP7fC4/UqSuUuX4TJt2TCuo
CY8jzaEv8GCVRQChRhyzrn3eMHX5VwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFMn5
G0pHFjdcKvUWNrZ9cf6gG1CLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQjYxQzlFMDYyNEUxMUYwOUFDNUY0QTFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLcQkAwQCLcQsAwQCLcQ4MA0G
CSqGSIb3DQEBCwUAA4IBAQCvV3fTxS5XYAO9AY0ZTTCdqVyDvqnPs0RUQAE9PGOy
q5NShJtF8lCD8S2auJ/p5dvn2ZT+bWeJ/Vml38GjWqijCRkfkwAZnc/JOQzfzdkF
ozFQhQPo7lcfrVWc5+/Pamvi/Cvb9Y/6Ilb1jeyTjrI506kB0pAG/v9dwmfiMiuI
AOXYdjCLaottl8EYzXnTLBxT72W/bgudaJdtWd105TcJZjrq6dzwtBZ3Ow2cEGu1
uRpfeANinDto33nTAWL8lCZTsUnAPMGPh7c+HvSQ9p3ccckFw7EHpd6E73T/4C+o
31FegiiE/ii+/n8jt+j2GH4xCpL80BMqd3zsQeXl5qz9
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:43:15 2025 by rpki-client