Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2866D996AB3111F0B87CA481DAE4EC9C.roa
File: 2866D996AB3111F0B87CA481DAE4EC9C.roa (raw, json)
Hash identifier: zRSB4ESs6K/zzbe4GxdjDy2UsgmyT/aLCtV6b92SE1g=
Subject key identifier: 0B:47:BA:DD:DA:5A:A4:89:7B:62:85:2F:AB:65:82:41:B9:F3:2B:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01815D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2866D996AB3111F0B87CA481DAE4EC9C.roa
Signing time: Fri 17 Oct 2025 08:13:27 +0000
ROA not before: Fri 17 Oct 2025 08:13:21 +0000
ROA not after: Fri 24 Oct 2025 08:13:21 +0000
asID: 54801
IP address blocks: 45.194.85.0/24 maxlen: 24
45.195.60.0/24 maxlen: 24
45.195.62.0/24 maxlen: 24
45.195.192.0/24 maxlen: 24
45.195.196.0/24 maxlen: 24
45.195.197.0/24 maxlen: 24
45.195.199.0/24 maxlen: 24
45.197.1.0/24 maxlen: 24
45.197.2.0/24 maxlen: 24
45.197.4.0/24 maxlen: 24
45.197.5.0/24 maxlen: 24
45.197.20.0/24 maxlen: 24
45.199.130.0/24 maxlen: 24
45.199.131.0/24 maxlen: 24
45.199.134.0/24 maxlen: 24
45.199.137.0/24 maxlen: 24
45.199.191.0/24 maxlen: 24
45.202.8.0/24 maxlen: 24
45.202.9.0/24 maxlen: 24
45.202.10.0/24 maxlen: 24
45.202.11.0/24 maxlen: 24
45.202.63.0/24 maxlen: 24
45.204.1.0/24 maxlen: 24
45.204.64.0/24 maxlen: 24
45.204.71.0/24 maxlen: 24
45.207.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98653 (0x1815d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 17 08:13:21 2025 GMT
Not After : Oct 24 08:13:21 2025 GMT
Subject: CN=68f1faa7-8d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:66:4b:c6:47:59:47:8e:bb:2a:11:7f:9c:f3:
04:0f:6e:ee:e4:46:b0:ab:7a:28:aa:0a:ae:e8:43:
62:be:19:e8:f5:6e:6c:86:ed:6a:aa:02:ad:58:78:
75:09:85:a5:51:36:98:63:17:98:1e:82:0d:04:de:
59:ef:25:59:93:9a:f2:ae:f2:a4:ff:73:58:27:92:
1e:d8:f6:f8:dd:b1:16:6e:d8:e5:a9:b0:4b:95:58:
09:40:53:db:99:89:27:be:7e:59:c0:52:76:8b:e5:
30:6e:57:56:5f:41:b4:6c:50:01:8c:03:62:5a:03:
80:39:55:61:33:c8:2c:4d:c3:3e:2e:ab:76:4f:d3:
57:07:8d:57:c4:74:ce:5e:b6:11:ac:ff:7f:07:97:
89:91:72:87:fe:84:33:45:a9:69:47:3d:18:6b:53:
7d:54:5c:fb:05:6b:1b:c9:c7:1a:a2:14:f4:ed:a6:
7d:ae:5a:5e:9a:d0:3f:92:83:81:4f:b0:3a:12:2a:
56:cd:75:c8:12:b7:c8:45:cb:4d:58:b1:af:97:d6:
ab:8a:0d:c0:b3:88:29:c4:e2:73:77:29:b0:92:e1:
d3:36:82:fd:93:1e:72:48:38:31:e6:d9:4c:58:85:
cc:01:38:be:a0:62:d7:3d:68:82:c3:64:0c:fb:c5:
37:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:47:BA:DD:DA:5A:A4:89:7B:62:85:2F:AB:65:82:41:B9:F3:2B:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2866D996AB3111F0B87CA481DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.85.0/24
45.195.60.0/24
45.195.62.0/24
45.195.192.0/24
45.195.196.0/23
45.195.199.0/24
45.197.1.0-45.197.2.255
45.197.4.0/23
45.197.20.0/24
45.199.130.0/23
45.199.134.0/24
45.199.137.0/24
45.199.191.0/24
45.202.8.0/22
45.202.63.0/24
45.204.1.0/24
45.204.64.0/24
45.204.71.0/24
45.207.163.0/24
Signature Algorithm: sha256WithRSAEncryption
40:f9:23:60:11:3d:db:75:90:c5:da:49:e6:c0:1c:47:47:95:
dc:c5:58:df:51:fb:8a:a5:5f:e0:f2:85:2a:99:18:61:4e:64:
62:e5:40:77:70:29:5d:51:14:0f:b4:03:16:ab:45:cb:05:69:
24:00:77:cf:6a:3b:6f:60:83:3d:ce:4e:52:b9:83:e6:51:90:
60:a9:04:0b:01:9b:01:54:bb:b3:3e:31:e8:d8:96:86:14:18:
8d:d4:6b:e5:40:f6:d8:ef:83:a3:41:e5:33:ee:3e:4a:9f:76:
82:e0:cf:be:80:68:36:7e:f4:d7:e2:12:f8:38:c5:c0:ce:da:
8e:c5:f6:62:22:9c:57:16:b3:46:97:88:55:5a:6c:52:ca:3b:
e0:c4:4f:ee:65:aa:c6:c7:69:22:1f:43:51:de:4f:e4:44:fd:
50:66:d3:38:1f:d2:46:28:d3:37:84:88:d5:02:fb:fa:7f:71:
2f:6b:01:52:18:fc:36:e5:6c:63:54:dd:01:1f:fe:62:b9:c4:
1e:b5:1f:e8:ca:e4:3f:82:57:cc:3f:0e:4b:aa:22:c9:e4:86:
d7:1a:59:31:9b:58:10:38:47:82:fc:de:9e:da:2d:4c:39:08:
4d:f4:28:77:4f:3d:98:01:2e:62:aa:d2:24:e8:30:67:6e:5c:
df:38:bd:ed
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIDAYFdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDE3MDgxMzIxWhcNMjUxMDI0MDgxMzIxWjAYMRYw
FAYDVQQDEw02OGYxZmFhNy04ZDBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsmZLxkdZR467KhF/nPMED27u5Eawq3ooqgqu6ENivhno9W5shu1qqgKt
WHh1CYWlUTaYYxeYHoINBN5Z7yVZk5ryrvKk/3NYJ5Ie2Pb43bEWbtjlqbBLlVgJ
QFPbmYknvn5ZwFJ2i+UwbldWX0G0bFABjANiWgOAOVVhM8gsTcM+Lqt2T9NXB41X
xHTOXrYRrP9/B5eJkXKH/oQzRalpRz0Ya1N9VFz7BWsbyccaohT07aZ9rlpemtA/
koOBT7A6EipWzXXIErfIRctNWLGvl9arig3As4gpxOJzdymwkuHTNoL9kx5ySDgx
5tlMWIXMATi+oGLXPWiCw2QM+8U3BwIDAQABo4IDGjCCAxYwHQYDVR0OBBYEFAtH
ut3aWqSJe2KFL6tlgkG58yu+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yODY2RDk5NkFCMzExMUYwQjg3Q0E0ODFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAC3CVQMEAC3DPAMEAC3D
PgMEAC3DwAMEAS3DxAMEAC3DxzAMAwQALcUBAwQALcUCAwQBLcUEAwQALcUUAwQB
LceCAwQALceGAwQALceJAwQALce/AwQCLcoIAwQALco/AwQALcwBAwQALcxAAwQA
LcxHAwQALc+jMA0GCSqGSIb3DQEBCwUAA4IBAQBA+SNgET3bdZDF2knmwBxHR5Xc
xVjfUfuKpV/g8oUqmRhhTmRi5UB3cCldURQPtAMWq0XLBWkkAHfPajtvYIM9zk5S
uYPmUZBgqQQLAZsBVLuzPjHo2JaGFBiN1GvlQPbY74OjQeUz7j5Kn3aC4M++gGg2
fvTX4hL4OMXAztqOxfZiIpxXFrNGl4hVWmxSyjvgxE/uZarGx2kiH0NR3k/kRP1Q
ZtM4H9JGKNM3hIjVAvv6f3EvawFSGPw25WxjVN0BH/5iucQetR/oyuQ/glfMPw5L
qiLJ5IbXGlkxm1gQOEeC/N6e2i1MOQhN9Ch3Tz2YAS5iqtIk6DBnblzfOL3t
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:05 2025 by rpki-client