Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21EE1356873011F089B52CAFDAE4EC9C.roa
File: 21EE1356873011F089B52CAFDAE4EC9C.roa (raw, json)
Hash identifier: F8bvG/mJK9wxbEXRR+OSQIKfh7bxiMywA19WQEStMRc=
Subject key identifier: 31:B8:37:CC:3B:53:49:C3:CC:E2:56:7F:03:77:F5:E4:0B:1E:A7:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01756F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21EE1356873011F089B52CAFDAE4EC9C.roa
Signing time: Mon 01 Sep 2025 12:35:25 +0000
ROA not before: Mon 01 Sep 2025 12:35:17 +0000
ROA not after: Wed 08 Oct 2025 12:35:17 +0000
asID: 211188
IP address blocks: 45.198.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95599 (0x1756f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 1 12:35:17 2025 GMT
Not After : Oct 8 12:35:17 2025 GMT
Subject: CN=68b5930d-ab93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:de:9e:4b:55:98:53:1f:e3:c4:4c:9c:45:9e:
55:38:01:db:5c:8c:dc:8e:f0:b8:bd:50:73:1d:c5:
75:01:a1:55:99:a1:c7:71:ff:32:86:80:0e:5a:2c:
46:ae:8c:1d:08:67:b1:4c:b0:1d:97:7c:c8:1a:d0:
27:83:31:23:a7:1c:26:7b:11:d6:46:83:68:41:96:
82:07:eb:89:3b:f2:c3:fd:4c:eb:dc:05:9a:a6:9a:
b7:b6:9b:42:c8:ee:c9:20:0b:03:7d:6a:5c:d6:82:
59:cb:b4:7a:f6:dd:a2:fb:4e:35:3e:35:31:61:ab:
07:fc:f4:36:7d:4b:9a:d3:79:ea:6d:77:16:d6:37:
df:66:5d:b2:45:83:94:43:cb:4c:cc:f8:18:35:1c:
9b:03:6b:57:21:a2:29:0b:9f:0b:46:c6:5d:48:07:
c4:c5:56:3b:50:f9:82:27:31:3a:7b:10:2a:db:2b:
37:77:49:d6:3d:0b:71:14:37:69:b9:4d:2a:b3:78:
9d:9a:44:c4:d2:e4:f4:41:11:5c:55:85:6c:30:e6:
05:e5:0b:66:fe:5c:9a:28:53:ae:66:d9:37:88:36:
ca:27:52:c8:13:86:0a:3d:41:5d:79:fa:0e:0b:80:
de:c2:cf:53:a6:40:45:2e:21:8c:0f:30:f0:bc:f0:
99:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B8:37:CC:3B:53:49:C3:CC:E2:56:7F:03:77:F5:E4:0B:1E:A7:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21EE1356873011F089B52CAFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.251.0/24
Signature Algorithm: sha256WithRSAEncryption
68:38:36:b0:86:d7:fa:31:0e:73:8a:25:9c:2f:57:33:26:73:
11:cc:9a:8f:92:2e:65:9e:4c:46:4c:c6:d3:e7:4a:02:0e:91:
70:30:e7:52:40:53:17:5c:0f:07:a8:1b:78:a6:62:0b:0c:e0:
a7:c9:98:2c:d2:64:49:3a:5c:4f:f8:b8:52:bb:93:92:2f:a1:
07:d2:8e:89:9e:77:6d:d4:e3:3b:41:d4:14:f7:b5:a3:66:33:
5b:e3:3c:d1:0b:7a:8c:52:bb:64:51:1f:7e:c7:0a:68:0b:cc:
67:41:01:12:b7:c4:e8:bc:8d:7f:6c:c2:bf:59:e6:03:15:a4:
cd:54:86:15:a4:ac:63:13:9e:e4:ee:4f:ed:32:2f:a9:68:e2:
d5:90:0e:75:20:b2:f8:b8:4f:89:ae:a0:fd:4e:41:82:e8:3d:
78:23:be:96:99:7a:08:a2:83:65:30:54:71:f0:eb:75:69:96:
e2:92:18:6d:47:4a:29:b5:a9:32:0b:00:f0:50:02:c8:cd:99:
cd:5e:4e:37:b8:fb:0b:03:70:27:66:dd:b9:53:47:9f:99:bc:
23:2c:35:67:fe:75:c1:7b:49:92:21:68:bb:87:ac:25:d3:9c:
00:66:1a:0d:09:bc:fd:cc:ba:9c:d1:47:b9:df:78:1d:15:c6:
e4:60:c5:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXVvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTAxMTIzNTE3WhcNMjUxMDA4MTIzNTE3WjAYMRYw
FAYDVQQDEw02OGI1OTMwZC1hYjkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5N6eS1WYUx/jxEycRZ5VOAHbXIzcjvC4vVBzHcV1AaFVmaHHcf8yhoAO
WixGrowdCGexTLAdl3zIGtAngzEjpxwmexHWRoNoQZaCB+uJO/LD/Uzr3AWappq3
tptCyO7JIAsDfWpc1oJZy7R69t2i+041PjUxYasH/PQ2fUua03nqbXcW1jffZl2y
RYOUQ8tMzPgYNRybA2tXIaIpC58LRsZdSAfExVY7UPmCJzE6exAq2ys3d0nWPQtx
FDdpuU0qs3idmkTE0uT0QRFcVYVsMOYF5Qtm/lyaKFOuZtk3iDbKJ1LIE4YKPUFd
efoOC4Dews9TpkBFLiGMDzDwvPCZqQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDG4
N8w7U0nDzOJWfwN39eQLHqdUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMUVFMTM1Njg3MzAxMUYwODlCNTJDQUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcb7MA0GCSqGSIb3DQEBCwUA
A4IBAQBoODawhtf6MQ5ziiWcL1czJnMRzJqPki5lnkxGTMbT50oCDpFwMOdSQFMX
XA8HqBt4pmILDOCnyZgs0mRJOlxP+LhSu5OSL6EH0o6Jnndt1OM7QdQU97WjZjNb
4zzRC3qMUrtkUR9+xwpoC8xnQQESt8TovI1/bMK/WeYDFaTNVIYVpKxjE57k7k/t
Mi+paOLVkA51ILL4uE+JrqD9TkGC6D14I76WmXoIooNlMFRx8Ot1aZbikhhtR0op
takyCwDwUALIzZnNXk43uPsLA3AnZt25U0efmbwjLDVn/nXBe0mSIWi7h6wl05wA
ZhoNCbz9zLqc0Ue533gdFcbkYMVj
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:19:35 2025 by rpki-client