Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/350E90E2A83111F0B5CF6FCCDAE4EC9C.roa
File: 350E90E2A83111F0B5CF6FCCDAE4EC9C.roa (raw, json)
Hash identifier: W5FmdtsaDLGxL7+KvqNRmJNVQePNCGb0cVnU2fMtHgI=
Subject key identifier: 68:4B:4C:1E:D9:B3:0B:8D:C3:17:8D:4E:50:EC:D8:36:6E:11:17:11
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01806C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/350E90E2A83111F0B5CF6FCCDAE4EC9C.roa
Signing time: Mon 13 Oct 2025 12:36:15 +0000
ROA not before: Mon 13 Oct 2025 12:36:08 +0000
ROA not after: Thu 20 Nov 2025 12:36:08 +0000
asID: 25198
IP address blocks: 45.195.159.0/24 maxlen: 24
45.197.0.0/24 maxlen: 24
45.201.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98412 (0x1806c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 13 12:36:08 2025 GMT
Not After : Nov 20 12:36:08 2025 GMT
Subject: CN=68ecf23f-7aae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:65:4e:91:fd:cf:82:2a:26:3c:71:ad:a1:d0:
0e:7e:55:da:66:ce:6f:ca:4e:87:27:fe:aa:41:e7:
14:8c:25:5e:7e:d8:c9:74:27:4e:9a:7f:93:1a:f3:
bb:fd:67:1b:fa:ad:ca:2d:e2:fc:0c:55:ba:95:05:
56:d0:28:c9:3c:9f:ea:7f:6e:b4:6d:67:64:58:8c:
44:9b:de:81:ad:ee:52:8f:3b:87:81:e6:c6:74:69:
ee:0a:e1:c7:87:18:c1:a7:b1:73:90:1f:38:66:67:
ea:57:a5:cf:ab:98:e7:43:2f:02:a4:2c:f0:33:ed:
e7:6b:3a:03:dd:13:57:1e:99:02:56:21:ec:c4:50:
44:b5:6d:5e:78:85:de:96:38:67:e0:d8:66:48:af:
68:95:59:dd:69:8e:c7:0f:af:a8:06:53:1d:e6:9f:
04:00:53:2e:fa:2a:99:df:64:de:8c:a6:93:a3:e2:
6f:62:32:77:23:93:82:cd:a6:8f:c1:ff:6d:38:e2:
1a:2d:4b:a8:50:ba:30:a2:2f:e5:12:9f:38:7f:0c:
19:e7:ea:21:45:e1:ab:05:d8:c3:26:5e:3a:8f:76:
b4:42:20:b8:96:5c:e1:bb:ee:b9:dc:cb:f8:98:0a:
c6:85:55:c4:57:f2:aa:29:15:7c:1f:dc:fb:a7:8b:
f3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:4B:4C:1E:D9:B3:0B:8D:C3:17:8D:4E:50:EC:D8:36:6E:11:17:11
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/350E90E2A83111F0B5CF6FCCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.159.0/24
45.197.0.0/24
45.201.8.0/24
Signature Algorithm: sha256WithRSAEncryption
64:54:aa:2d:ef:75:72:37:37:a4:6a:74:ce:55:a8:d1:de:e7:
00:b6:55:88:60:1a:77:36:60:0c:51:9f:05:b7:63:4c:93:63:
a5:42:5f:07:23:73:d4:0d:90:01:bc:6b:74:15:ec:66:54:6d:
f3:e0:da:f2:15:7e:82:1b:6e:6e:26:45:58:78:6f:f7:19:58:
0e:11:2c:ce:61:e2:bd:26:41:b5:f8:96:78:9e:10:a9:bf:25:
ba:13:77:7c:df:04:86:09:f8:b4:ea:2a:2c:8c:96:0f:d4:05:
01:e2:21:48:ec:98:0b:00:6c:86:05:b5:69:3c:2b:89:d2:b3:
da:68:b7:00:bb:78:51:88:33:ed:01:07:61:d8:97:1a:b8:c3:
0b:d3:8e:56:97:f0:d8:e6:a3:1f:55:26:e9:b5:7e:9f:ce:6b:
83:7e:98:fe:31:ba:5b:c9:bd:c5:93:81:e5:46:25:6b:e4:13:
85:30:6d:f4:af:bf:99:6b:ea:4d:32:1f:30:95:8f:1f:13:11:
04:f2:59:33:0d:30:33:4c:f0:94:ba:af:43:c4:51:db:cf:04:
a7:24:72:bc:42:96:45:a5:25:ef:99:f7:8d:a1:88:33:3e:c3:
4b:60:37:cc:e8:bd:91:1f:36:ca:7f:7d:97:7c:f6:74:e7:fb:
de:9c:32:e6
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAYBsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDEzMTIzNjA4WhcNMjUxMTIwMTIzNjA4WjAYMRYw
FAYDVQQDEw02OGVjZjIzZi03YWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA12VOkf3PgiomPHGtodAOflXaZs5vyk6HJ/6qQecUjCVeftjJdCdOmn+T
GvO7/Wcb+q3KLeL8DFW6lQVW0CjJPJ/qf260bWdkWIxEm96Bre5SjzuHgebGdGnu
CuHHhxjBp7FzkB84ZmfqV6XPq5jnQy8CpCzwM+3nazoD3RNXHpkCViHsxFBEtW1e
eIXeljhn4NhmSK9olVndaY7HD6+oBlMd5p8EAFMu+iqZ32TejKaTo+JvYjJ3I5OC
zaaPwf9tOOIaLUuoULowoi/lEp84fwwZ5+ohReGrBdjDJl46j3a0QiC4llzhu+65
3Mv4mArGhVXEV/KqKRV8H9z7p4vzGQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFGhL
TB7ZswuNwxeNTlDs2DZuERcRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNTBFOTBFMkE4MzExMUYwQjVDRjZGQ0NEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALcOfAwQALcUAAwQALckIMA0G
CSqGSIb3DQEBCwUAA4IBAQBkVKot73VyNzekanTOVajR3ucAtlWIYBp3NmAMUZ8F
t2NMk2OlQl8HI3PUDZABvGt0FexmVG3z4NryFX6CG25uJkVYeG/3GVgOESzOYeK9
JkG1+JZ4nhCpvyW6E3d83wSGCfi06iosjJYP1AUB4iFI7JgLAGyGBbVpPCuJ0rPa
aLcAu3hRiDPtAQdh2JcauMML045Wl/DY5qMfVSbptX6fzmuDfpj+Mbpbyb3Fk4Hl
RiVr5BOFMG30r7+Za+pNMh8wlY8fExEE8lkzDTAzTPCUuq9DxFHbzwSnJHK8QpZF
pSXvmfeNoYgzPsNLYDfM6L2RHzbKf32XfPZ05/venDLm
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:16 2025 by rpki-client