Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/074B8B66833C11F0A07367DBDAE4EC9C.roa
File: 074B8B66833C11F0A07367DBDAE4EC9C.roa (raw, json)
Hash identifier: fvJvfSDJSrb29QH1L2Tka9ha8c5qn+iMyQj6E5jyZAk=
Subject key identifier: 0E:64:D7:B5:17:25:73:5B:5D:63:AC:F6:20:62:63:2B:36:58:B5:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0171AF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/074B8B66833C11F0A07367DBDAE4EC9C.roa
Signing time: Wed 27 Aug 2025 11:50:30 +0000
ROA not before: Wed 27 Aug 2025 11:50:25 +0000
ROA not after: Sun 30 Aug 2026 11:50:25 +0000
asID: 138995
IP address blocks: 45.192.168.0/24 maxlen: 24
45.192.170.0/24 maxlen: 24
45.192.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94639 (0x171af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 27 11:50:25 2025 GMT
Not After : Aug 30 11:50:25 2026 GMT
Subject: CN=68aef105-b4ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:82:90:8c:f7:fb:a4:4d:25:ea:22:19:9e:fd:
79:83:f0:56:8c:9b:fb:9f:2c:e2:a2:1c:44:f6:7a:
52:9e:4c:b1:ab:fa:ef:b8:7d:c6:67:65:10:2b:28:
4f:61:7b:37:63:1d:fe:6e:0c:63:95:55:36:35:b0:
a4:8c:77:7f:a4:fd:00:11:f2:16:45:44:68:f4:53:
21:25:ed:aa:a1:3f:56:a7:ba:ec:16:05:0a:a7:3a:
32:ca:84:b3:4f:6d:b4:3b:6c:09:0e:e0:55:6d:92:
7e:89:8f:b6:ec:e0:75:19:fd:8d:bf:05:96:0b:d1:
2e:ff:c1:b3:00:de:a4:69:51:7a:7e:23:7f:69:64:
d2:05:41:9b:84:cd:f0:c0:81:5d:59:b8:fc:07:c4:
74:0b:7f:93:71:34:55:1c:8e:c0:3b:b6:48:59:90:
b7:06:2c:e3:01:f3:18:02:4d:b3:3e:cd:19:de:5b:
b1:b1:d9:70:de:d3:9a:b6:fe:29:ca:63:8e:8c:cc:
16:a9:88:db:e0:7e:85:2a:54:8f:69:79:55:6b:7f:
05:4d:8b:12:12:43:58:cd:bd:bb:5a:a9:96:f7:4a:
5a:bd:a9:c5:10:80:27:59:db:49:9a:6a:b4:bf:32:
a4:d7:f7:89:57:b2:d8:e6:a6:ae:cd:bb:70:33:f0:
e1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:64:D7:B5:17:25:73:5B:5D:63:AC:F6:20:62:63:2B:36:58:B5:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/074B8B66833C11F0A07367DBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.168.0/24
45.192.170.0/23
Signature Algorithm: sha256WithRSAEncryption
62:af:88:0d:36:3a:73:cd:7d:2c:4e:85:2c:7f:7f:c6:8d:f5:
26:cc:4b:31:56:af:75:c2:38:1c:69:6a:ff:2f:2a:ca:ab:9a:
9e:b2:ed:83:1d:74:63:78:99:a1:dc:b9:6c:f2:6c:0c:1a:62:
d9:87:64:77:52:7f:07:5e:f2:ee:8b:16:6c:5d:f9:24:37:83:
86:d7:ae:30:44:a3:79:1e:d0:a4:f7:93:91:40:84:95:45:5c:
87:42:3a:ca:cf:aa:80:57:2b:a9:63:ea:6a:86:ab:60:f3:a1:
3c:72:d5:f9:27:3b:4c:47:1b:f9:6b:9b:14:f6:fa:41:b9:9b:
b2:8a:18:57:02:2d:f3:90:e8:68:d2:c2:56:b2:c4:b7:c0:80:
ec:36:b2:e6:13:af:3b:f2:2c:48:ae:15:50:a4:71:8b:f1:b4:
d6:ef:ca:e4:5d:29:33:75:fa:ca:5e:fc:f3:40:11:0e:d3:06:
e4:91:26:05:fd:a8:5e:8f:bf:7d:89:91:d5:be:77:d0:1e:87:
6d:b6:f4:30:ae:c9:d3:be:ce:d6:7e:0e:03:f8:ba:b6:7d:f2:
48:4a:61:84:8d:b7:4f:ba:2a:cd:7a:b8:99:9f:df:01:3d:30:
5a:01:6c:6e:f2:56:19:55:f4:89:64:2a:f5:cf:4a:06:0e:76:
c4:7f:d6:dd
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXGvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODI3MTE1MDI1WhcNMjYwODMwMTE1MDI1WjAYMRYw
FAYDVQQDEw02OGFlZjEwNS1iNGFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzYKQjPf7pE0l6iIZnv15g/BWjJv7nyziohxE9npSnkyxq/rvuH3GZ2UQ
KyhPYXs3Yx3+bgxjlVU2NbCkjHd/pP0AEfIWRURo9FMhJe2qoT9Wp7rsFgUKpzoy
yoSzT220O2wJDuBVbZJ+iY+27OB1Gf2NvwWWC9Eu/8GzAN6kaVF6fiN/aWTSBUGb
hM3wwIFdWbj8B8R0C3+TcTRVHI7AO7ZIWZC3BizjAfMYAk2zPs0Z3luxsdlw3tOa
tv4pymOOjMwWqYjb4H6FKlSPaXlVa38FTYsSEkNYzb27WqmW90pavanFEIAnWdtJ
mmq0vzKk1/eJV7LY5qauzbtwM/DhLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA5k
17UXJXNbXWOs9iBiYys2WLX7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNzRCOEI2NjgzM0MxMUYwQTA3MzY3REJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcCoAwQBLcCqMA0GCSqGSIb3
DQEBCwUAA4IBAQBir4gNNjpzzX0sToUsf3/GjfUmzEsxVq91wjgcaWr/LyrKq5qe
su2DHXRjeJmh3Lls8mwMGmLZh2R3Un8HXvLuixZsXfkkN4OG164wRKN5HtCk95OR
QISVRVyHQjrKz6qAVyupY+pqhqtg86E8ctX5JztMRxv5a5sU9vpBuZuyihhXAi3z
kOho0sJWssS3wIDsNrLmE6878ixIrhVQpHGL8bTW78rkXSkzdfrKXvzzQBEO0wbk
kSYF/ahej799iZHVvnfQHodttvQwrsnTvs7Wfg4D+Lq2ffJISmGEjbdPuirNeriZ
n98BPTBaAWxu8lYZVfSJZCr1z0oGDnbEf9bd
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:18:46 2025 by rpki-client