Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368356F/EC354FA666E411F081B08C92DAE4EC9C/5BCF46A8923911F0BEE309F5DAE4EC9C.roa
File: 5BCF46A8923911F0BEE309F5DAE4EC9C.roa (raw, json)
Hash identifier: ncq+Mwbrx6oQKK1sHldvuf8E9iLus0kj4fB63aqtMb4=
Subject key identifier: 22:75:21:47:E8:A6:59:2C:10:E6:5A:AE:B3:1D:F9:1E:52:88:B7:D9
Certificate issuer: /CN=F368356FAR/serialNumber=E4F7E4A41BA2DFE1A49ADC3634CCF07935E92118
Certificate serial: 3C
Authority key identifier: E4:F7:E4:A4:1B:A2:DF:E1:A4:9A:DC:36:34:CC:F0:79:35:E9:21:18
Authority info access: rsync://rpki.afrinic.net/repository/arin/5PfkpBui3-Gkmtw2NMzweTXpIRg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368356F/EC354FA666E411F081B08C92DAE4EC9C/5BCF46A8923911F0BEE309F5DAE4EC9C.roa
Signing time: Mon 15 Sep 2025 13:39:11 +0000
ROA not before: Mon 15 Sep 2025 13:39:05 +0000
ROA not after: Sat 15 Sep 2035 13:39:05 +0000
asID: 37282
IP address blocks: 45.222.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368356F/EC354FA666E411F081B08C92DAE4EC9C/5PfkpBui3-Gkmtw2NMzweTXpIRg.crl
rsync://rpki.afrinic.net/repository/member_repository/F368356F/EC354FA666E411F081B08C92DAE4EC9C/5PfkpBui3-Gkmtw2NMzweTXpIRg.mft
rsync://rpki.afrinic.net/repository/arin/5PfkpBui3-Gkmtw2NMzweTXpIRg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 18 Sep 2025 00:26:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60 (0x3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368356FAR, serialNumber=E4F7E4A41BA2DFE1A49ADC3634CCF07935E92118
Validity
Not Before: Sep 15 13:39:05 2025 GMT
Not After : Sep 15 13:39:05 2035 GMT
Subject: CN=68c816fe-bbc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:25:82:17:14:ad:97:2d:68:f3:f2:e1:e5:67:
69:fa:6f:43:ce:55:1b:04:34:50:79:84:bf:ef:07:
ff:c5:97:e4:2f:a1:a3:bc:eb:a7:0a:10:14:17:63:
30:6a:14:d0:3d:8c:47:59:d6:3a:e1:ec:1f:60:22:
db:b1:16:9e:36:b9:6c:3c:be:53:ce:c7:e0:59:20:
a6:ab:8b:69:09:93:e3:7e:b1:4e:7a:e9:82:fc:f7:
6d:04:b2:c3:57:a5:11:6c:af:ce:57:0c:64:f3:e0:
e6:0b:e1:1f:65:f6:b0:bb:6a:7d:1d:9d:97:15:89:
7e:48:66:71:aa:98:99:cd:ed:89:ed:3e:43:8e:84:
dd:60:37:75:0e:dd:7c:1a:1f:a6:ba:c6:86:9d:38:
ca:28:93:d1:1f:10:4f:c7:dc:57:5a:31:aa:93:8d:
0a:f4:03:ab:96:0a:60:85:52:25:66:f2:fa:09:d5:
a8:23:bb:06:21:56:df:55:c9:31:43:56:2b:c3:bd:
27:2c:b5:5b:cd:eb:c5:e6:26:0a:35:67:cd:12:77:
c2:b4:88:4c:5c:e2:7f:9c:a3:8e:83:2a:a5:0e:2e:
87:b6:df:2b:fe:22:de:11:d6:3c:1a:c5:c2:5e:26:
ea:cd:a6:45:f4:17:62:58:0a:75:96:ee:18:83:a9:
b1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:75:21:47:E8:A6:59:2C:10:E6:5A:AE:B3:1D:F9:1E:52:88:B7:D9
X509v3 Authority Key Identifier:
keyid:E4:F7:E4:A4:1B:A2:DF:E1:A4:9A:DC:36:34:CC:F0:79:35:E9:21:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368356F/EC354FA666E411F081B08C92DAE4EC9C/5PfkpBui3-Gkmtw2NMzweTXpIRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/5PfkpBui3-Gkmtw2NMzweTXpIRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368356F/EC354FA666E411F081B08C92DAE4EC9C/5BCF46A8923911F0BEE309F5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.222.192.0/18
Signature Algorithm: sha256WithRSAEncryption
c7:54:00:b8:6a:13:f1:d1:57:e0:9c:7c:3a:dc:96:f6:56:2c:
64:3c:5d:b7:47:b1:c9:41:c3:6f:6c:fd:86:87:4a:46:ec:fc:
c6:f5:bb:88:ad:44:7f:ca:09:60:62:a6:dd:44:f7:63:5d:99:
13:53:39:a3:45:ab:53:e1:36:f2:c4:d2:ce:3c:cf:6d:6a:84:
b2:4e:9f:90:52:c5:27:5f:bd:96:ff:43:63:f5:7e:6d:ee:25:
4e:e8:11:e0:e6:d4:d6:ac:f5:2b:5b:56:71:ab:76:83:0a:08:
ec:4d:8e:a7:20:fa:2e:0d:cb:83:20:5d:59:b1:ec:2f:d4:c2:
43:7a:82:32:2f:4b:00:e4:a3:aa:4d:98:a9:88:b4:6a:db:86:
a0:a5:3d:4e:39:15:eb:af:04:93:3d:e0:fb:a7:04:13:1c:3d:
82:19:bb:63:f3:b2:58:21:5f:eb:ea:0c:5f:c4:23:c0:ad:dc:
bd:1f:0d:6a:e7:71:eb:23:a6:58:a4:b0:73:82:ad:2c:12:7e:
d7:84:09:e9:46:87:3c:ca:4f:b4:4f:bf:90:1e:35:2d:b7:75:
06:b4:a7:fb:cf:bd:15:a6:44:2b:f6:cb:d4:12:bb:5b:9e:47:
2e:80:28:b1:55:69:6c:ce:07:90:e7:b3:45:6b:44:67:fa:4a:
ed:10:ce:4a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBPDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
MzU2RkFSMTEwLwYDVQQFEyhFNEY3RTRBNDFCQTJERkUxQTQ5QURDMzYzNENDRjA3
OTM1RTkyMTE4MB4XDTI1MDkxNTEzMzkwNVoXDTM1MDkxNTEzMzkwNVowGDEWMBQG
A1UEAxMNNjhjODE2ZmUtYmJjNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0lghcUrZctaPPy4eVnafpvQ85VGwQ0UHmEv+8H/8WX5C+ho7zrpwoQFBdj
MGoU0D2MR1nWOuHsH2Ai27EWnja5bDy+U87H4FkgpquLaQmT436xTnrpgvz3bQSy
w1elEWyvzlcMZPPg5gvhH2X2sLtqfR2dlxWJfkhmcaqYmc3tie0+Q46E3WA3dQ7d
fBofprrGhp04yiiT0R8QT8fcV1oxqpONCvQDq5YKYIVSJWby+gnVqCO7BiFW31XJ
MUNWK8O9Jyy1W83rxeYmCjVnzRJ3wrSITFzif5yjjoMqpQ4uh7bfK/4i3hHWPBrF
wl4m6s2mRfQXYlgKdZbuGIOpsU0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQidSFH
6KZZLBDmWq6zHfkeUoi32TAfBgNVHSMEGDAWgBTk9+SkG6Lf4aSa3DY0zPB5Nekh
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODM1NkYvRUMzNTRGQTY2NkU0MTFGMDgxQjA4QzkyREFFNEVDOUMvNVBma3BC
dWkzLUdrbXR3Mk5NendlVFhwSVJnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
NVBma3BCdWkzLUdrbXR3Mk5NendlVFhwSVJnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODM1NkYvRUMzNTRGQTY2NkU0MTFGMDgxQjA4QzkyREFFNEVD
OUMvNUJDRjQ2QTg5MjM5MTFGMEJFRTMwOUY1REFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi3ewDANBgkqhkiG9w0BAQsFAAOC
AQEAx1QAuGoT8dFX4Jx8OtyW9lYsZDxdt0exyUHDb2z9hodKRuz8xvW7iK1Ef8oJ
YGKm3UT3Y12ZE1M5o0WrU+E28sTSzjzPbWqEsk6fkFLFJ1+9lv9DY/V+be4lTugR
4ObU1qz1K1tWcat2gwoI7E2OpyD6Lg3LgyBdWbHsL9TCQ3qCMi9LAOSjqk2YqYi0
atuGoKU9TjkV668Ekz3g+6cEExw9ghm7Y/OyWCFf6+oMX8QjwK3cvR8Naudx6yOm
WKSwc4KtLBJ+14QJ6UaHPMpPtE+/kB41Lbd1BrSn+8+9FaZEK/bL1BK7W55HLoAo
sVVpbM4HkOezRWtEZ/pK7RDOSg==
-----END CERTIFICATE-----
Generated at Tue Sep 16 19:33:42 2025 by rpki-client