Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39FFCFC85A9B11F08D79F0A2DAE4EC9C.roa
File: 39FFCFC85A9B11F08D79F0A2DAE4EC9C.roa (raw, json)
Hash identifier: YVqXlC8KyWP0OV4XjxWxGzwOxKQ4QuGNga/ibMMvhko=
Subject key identifier: 3D:D8:ED:6D:58:D5:ED:81:A6:D6:4F:01:81:87:D3:0F:77:F9:1B:24
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016279
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39FFCFC85A9B11F08D79F0A2DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 18:58:39 +0000
ROA not before: Sun 06 Jul 2025 18:58:34 +0000
ROA not after: Sun 24 Aug 2025 18:58:34 +0000
asID: 21859
IP address blocks: 45.196.31.0/24 maxlen: 24
45.202.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Jul 2025 23:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90745 (0x16279)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 6 18:58:34 2025 GMT
Not After : Aug 24 18:58:34 2025 GMT
Subject: CN=686ac75f-14fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f0:75:f9:b3:19:59:fe:2d:82:7e:57:a4:ae:
8c:d8:b9:d8:af:f8:da:2e:6f:0e:d4:bf:5f:e7:eb:
3e:b6:0b:9a:9c:09:7b:8c:21:d3:33:64:98:4b:16:
e0:6c:21:39:6c:9a:8c:59:b9:ba:af:31:74:b9:ff:
d1:0e:e0:4a:c9:d8:b9:cb:a9:7e:54:01:a1:ad:77:
50:d8:c2:6e:5d:23:47:df:ec:d6:a1:59:83:d1:1b:
16:d5:b8:f2:a8:80:3c:8a:90:5f:4c:6d:c2:31:b0:
3f:22:2f:80:07:fc:2f:c1:7e:16:66:01:e0:a2:9d:
0e:58:36:fe:3c:07:9a:40:73:e2:3f:bc:00:88:36:
47:d4:14:3d:9c:ed:37:83:a7:6e:57:74:58:54:7d:
75:26:21:12:95:1c:01:3f:4f:d2:c6:fe:b6:e1:69:
93:da:d7:2b:7e:fc:c5:61:ad:db:81:4e:2d:61:c0:
36:c8:de:93:30:af:0f:0c:d2:be:60:9e:64:18:c6:
39:13:79:c3:ec:c8:df:d9:d8:3e:3b:c5:5b:9d:f1:
39:90:8a:8a:5c:90:f1:23:07:04:13:8b:73:5e:5a:
3d:eb:31:2a:d8:18:80:bc:31:0d:cc:5b:7e:fb:3e:
1c:fa:27:8f:36:f7:2d:79:a8:78:68:34:9c:39:ca:
7f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D8:ED:6D:58:D5:ED:81:A6:D6:4F:01:81:87:D3:0F:77:F9:1B:24
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39FFCFC85A9B11F08D79F0A2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.31.0/24
45.202.108.0/24
Signature Algorithm: sha256WithRSAEncryption
63:48:01:52:c6:21:c9:21:e7:4c:c6:80:e7:b5:f7:9b:6d:fd:
9e:58:c7:62:6f:48:02:fc:8d:c8:2c:f3:47:20:98:6b:87:26:
37:0e:72:0b:48:c2:3b:7d:36:04:34:4a:b8:e0:5e:e4:d4:d5:
37:3f:7f:87:bd:f0:90:d3:79:33:93:4c:f9:86:e6:78:af:27:
14:5d:88:3a:08:09:c8:ed:d0:51:10:74:a7:d1:f5:ac:9e:4c:
3a:e9:53:d5:0c:0b:77:93:8d:30:0e:8d:3b:9e:21:e8:0f:51:
41:f7:72:5f:9c:2b:29:6a:60:d2:56:aa:d1:70:e7:d9:bf:64:
00:77:74:4f:b9:99:38:9b:c1:f6:6c:69:18:bc:d9:38:8a:65:
7e:90:da:0c:6a:ff:6f:42:29:9d:63:bc:cb:7a:c0:55:96:d7:
b8:8f:dd:d7:dd:6c:5e:f5:49:d8:69:d0:13:0f:67:6a:c3:e6:
1a:66:bb:90:50:5f:5e:64:12:b4:14:70:fe:6d:92:16:7c:8d:
d6:4f:22:0b:a2:5b:6d:70:27:2c:e9:fb:82:1e:d7:0e:c0:c5:
3b:7b:23:62:9c:24:c9:48:b6:d6:ef:a4:ff:1d:bc:53:39:ca:
43:5e:0c:cc:eb:75:62:6b:1b:38:e9:e0:6b:f1:ee:1b:48:b1:
9e:b4:a6:20
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWJ5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA2MTg1ODM0WhcNMjUwODI0MTg1ODM0WjAYMRYw
FAYDVQQDEw02ODZhYzc1Zi0xNGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6/B1+bMZWf4tgn5XpK6M2LnYr/jaLm8O1L9f5+s+tguanAl7jCHTM2SY
SxbgbCE5bJqMWbm6rzF0uf/RDuBKydi5y6l+VAGhrXdQ2MJuXSNH3+zWoVmD0RsW
1bjyqIA8ipBfTG3CMbA/Ii+AB/wvwX4WZgHgop0OWDb+PAeaQHPiP7wAiDZH1BQ9
nO03g6duV3RYVH11JiESlRwBP0/Sxv624WmT2tcrfvzFYa3bgU4tYcA2yN6TMK8P
DNK+YJ5kGMY5E3nD7Mjf2dg+O8VbnfE5kIqKXJDxIwcEE4tzXlo96zEq2BiAvDEN
zFt++z4c+iePNvcteah4aDScOcp/gQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD3Y
7W1Y1e2BptZPAYGH0w93+RskMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zOUZGQ0ZDODVBOUIxMUYwOEQ3OUYwQTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcQfAwQALcpsMA0GCSqGSIb3
DQEBCwUAA4IBAQBjSAFSxiHJIedMxoDntfebbf2eWMdib0gC/I3ILPNHIJhrhyY3
DnILSMI7fTYENEq44F7k1NU3P3+HvfCQ03kzk0z5huZ4rycUXYg6CAnI7dBREHSn
0fWsnkw66VPVDAt3k40wDo07niHoD1FB93JfnCspamDSVqrRcOfZv2QAd3RPuZk4
m8H2bGkYvNk4imV+kNoMav9vQimdY7zLesBVlte4j93X3Wxe9UnYadATD2dqw+Ya
ZruQUF9eZBK0FHD+bZIWfI3WTyILolttcCcs6fuCHtcOwMU7eyNinCTJSLbW76T/
HbxTOcpDXgzM63Viaxs46eBr8e4bSLGetKYg
-----END CERTIFICATE-----
Generated at Mon Jul 7 02:35:19 2025 by rpki-client