Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/08E7CAC272A511F083A1C19EDAE4EC9C.roa
File: 08E7CAC272A511F083A1C19EDAE4EC9C.roa (raw, json)
Hash identifier: QNtTAObL37mbe6zd+rLw/4Eh08iLc+WnXvqoagpBey0=
Subject key identifier: 58:12:B9:21:B8:47:7E:0B:A6:BA:AA:04:5A:BC:7B:C1:7A:34:18:92
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016944
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/08E7CAC272A511F083A1C19EDAE4EC9C.roa
Signing time: Wed 06 Aug 2025 09:09:20 +0000
ROA not before: Wed 06 Aug 2025 09:09:14 +0000
ROA not after: Sat 13 Sep 2025 09:09:14 +0000
asID: 23470
IP address blocks: 45.199.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Aug 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92484 (0x16944)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 6 09:09:14 2025 GMT
Not After : Sep 13 09:09:14 2025 GMT
Subject: CN=68931bc0-c758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ca:bf:21:2a:64:b5:7c:9e:f1:39:d2:bc:a4:
83:41:04:73:b4:d3:59:2f:d9:c8:2c:37:ca:3c:0c:
d1:51:af:f9:23:a4:db:fa:f3:2e:29:11:64:55:2f:
a6:40:a8:fb:c7:c2:66:d7:8d:cc:f1:3d:94:3d:db:
09:f4:8b:a5:9a:e0:dd:92:20:cb:bd:83:07:c7:1e:
2f:13:15:cd:d7:aa:58:af:16:c7:00:a4:b9:d9:83:
33:ab:ee:2e:b5:63:18:fa:4b:24:b1:2c:04:61:80:
93:17:15:7d:1a:86:29:b3:15:04:ae:bf:94:96:6e:
ee:e7:ed:08:7b:e2:ff:ef:bc:3d:e6:fd:a7:db:3b:
23:55:ce:ef:e8:2c:10:5e:7c:1a:31:a3:c1:ea:3d:
ae:07:22:d2:da:01:09:55:4c:47:0f:4b:36:e5:ae:
d7:74:2a:d4:c1:9a:ad:b1:79:13:47:dd:9b:8e:25:
57:a6:a1:20:f7:c0:16:0b:da:72:b1:39:8e:58:d7:
c5:55:d0:d0:18:e1:77:6e:31:e7:be:90:9b:14:d3:
09:a8:45:fc:e4:e3:2f:09:a2:31:79:35:b0:23:d4:
8e:9b:2a:cb:6e:01:f3:54:d2:ed:7c:70:84:fe:1d:
f3:64:81:8a:be:37:d0:24:45:ba:51:cd:18:a0:67:
dd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:12:B9:21:B8:47:7E:0B:A6:BA:AA:04:5A:BC:7B:C1:7A:34:18:92
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/08E7CAC272A511F083A1C19EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.189.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:96:08:01:cd:73:90:38:62:9d:12:84:23:e6:fc:bd:8e:b6:
ef:d4:54:40:50:fb:6e:f9:05:c3:08:8f:c4:57:49:36:f1:7b:
43:01:8d:cc:55:68:7f:4d:fc:86:1c:f4:ec:91:45:37:3c:a7:
16:4e:86:ca:06:4f:ac:7e:e2:2c:47:77:0e:aa:bf:8b:a2:74:
f5:2d:92:5c:bf:34:c8:cf:0d:44:13:9f:b9:33:65:bd:9b:0e:
59:ad:16:9e:3c:03:3e:26:29:80:30:16:7e:79:3c:37:1c:db:
61:66:1b:09:64:63:85:fd:a6:7a:c1:49:72:fb:ae:0a:b1:77:
33:4a:88:1a:2a:d2:80:b0:82:17:71:c6:6e:92:54:25:dd:36:
4d:02:e1:c6:d1:dd:e9:03:9f:14:b2:12:20:71:9e:93:05:d2:
2a:b6:4f:f6:ee:59:3d:e1:74:5d:25:82:b4:f6:50:a8:52:a3:
c5:93:ed:21:85:3c:8c:bf:2b:1f:3f:b9:b6:1d:0f:41:87:57:
f9:12:fe:99:1c:2a:2f:7d:c3:9d:31:65:8a:34:43:6f:cd:2b:
b2:c7:2c:2e:ee:7b:1d:1f:70:c6:bb:35:52:df:d8:3d:4b:31:
a0:c5:62:d4:96:a3:91:52:1f:4a:37:d6:50:76:0e:de:82:83:
d3:30:6e:64
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWlEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODA2MDkwOTE0WhcNMjUwOTEzMDkwOTE0WjAYMRYw
FAYDVQQDEw02ODkzMWJjMC1jNzU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwcq/ISpktXye8TnSvKSDQQRztNNZL9nILDfKPAzRUa/5I6Tb+vMuKRFk
VS+mQKj7x8Jm143M8T2UPdsJ9IulmuDdkiDLvYMHxx4vExXN16pYrxbHAKS52YMz
q+4utWMY+ksksSwEYYCTFxV9GoYpsxUErr+Ulm7u5+0Ie+L/77w95v2n2zsjVc7v
6CwQXnwaMaPB6j2uByLS2gEJVUxHD0s25a7XdCrUwZqtsXkTR92bjiVXpqEg98AW
C9pysTmOWNfFVdDQGOF3bjHnvpCbFNMJqEX85OMvCaIxeTWwI9SOmyrLbgHzVNLt
fHCE/h3zZIGKvjfQJEW6Uc0YoGfddQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFgS
uSG4R34LprqqBFq8e8F6NBiSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wOEU3Q0FDMjcyQTUxMUYwODNBMUMxOUVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALce9MA0GCSqGSIb3DQEBCwUA
A4IBAQCelggBzXOQOGKdEoQj5vy9jrbv1FRAUPtu+QXDCI/EV0k28XtDAY3MVWh/
TfyGHPTskUU3PKcWTobKBk+sfuIsR3cOqr+LonT1LZJcvzTIzw1EE5+5M2W9mw5Z
rRaePAM+JimAMBZ+eTw3HNthZhsJZGOF/aZ6wUly+64KsXczSogaKtKAsIIXccZu
klQl3TZNAuHG0d3pA58UshIgcZ6TBdIqtk/27lk94XRdJYK09lCoUqPFk+0hhTyM
vysfP7m2HQ9Bh1f5Ev6ZHCovfcOdMWWKNENvzSuyxywu7nsdH3DGuzVS39g9SzGg
xWLUlqORUh9KN9ZQdg7egoPTMG5k
-----END CERTIFICATE-----
Generated at Thu Aug 21 11:09:55 2025 by rpki-client