Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BC23ED89F7C11F09E5E91D8DAE4EC9C.roa
File: 3BC23ED89F7C11F09E5E91D8DAE4EC9C.roa (raw, json)
Hash identifier: rH9TGuwvquu6UEYGikCKB0G+PTFGU17OQXociIlaZJo=
Subject key identifier: 91:50:BC:40:DC:9F:8E:6B:82:D2:9A:76:03:50:D6:D1:E2:54:1C:64
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017E7A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BC23ED89F7C11F09E5E91D8DAE4EC9C.roa
Signing time: Thu 02 Oct 2025 10:40:38 +0000
ROA not before: Thu 02 Oct 2025 10:40:33 +0000
ROA not after: Sat 15 Nov 2025 10:40:33 +0000
asID: 152711
IP address blocks: 45.202.64.0/24 maxlen: 24
45.202.65.0/24 maxlen: 24
45.202.66.0/24 maxlen: 24
45.202.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97914 (0x17e7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 2 10:40:33 2025 GMT
Not After : Nov 15 10:40:33 2025 GMT
Subject: CN=68de56a6-a3b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:62:25:1f:a9:d7:23:41:c1:21:92:97:b6:68:
3c:99:47:a9:ad:4e:a5:c2:f8:de:29:a6:a8:c0:50:
fb:d1:e1:f8:b4:2f:5a:7b:79:84:db:ed:bb:23:42:
46:6a:07:83:91:21:c8:de:9b:23:2b:67:a5:c8:3f:
78:9c:d3:94:2a:7c:26:57:da:1f:90:da:de:db:93:
d0:b2:d0:02:65:38:f1:21:c4:39:61:0c:f4:0d:56:
ce:2c:2e:6e:8a:dd:d6:93:29:91:3f:7b:d3:8f:88:
07:cc:b3:ef:77:4e:68:73:a1:0e:fb:3a:ce:c7:31:
db:3f:4f:54:6a:19:ca:32:66:92:51:56:7c:5b:b1:
52:5d:38:f2:5f:4d:13:01:d7:ca:38:66:c0:c9:ff:
64:cf:12:ca:0c:c2:6b:04:7e:8b:55:12:16:ad:33:
49:5a:47:f9:a5:1e:be:8f:21:26:d7:df:8b:fb:36:
3a:20:b4:64:4c:cd:dd:53:20:7e:19:16:b8:cf:64:
ad:18:95:37:b1:9d:3d:3e:21:73:07:b8:bc:eb:f0:
69:29:0c:df:39:25:ab:ae:26:a8:65:5b:d9:32:a3:
fc:f7:40:04:7d:bf:1c:9e:80:06:04:d4:5c:28:7c:
88:e3:6d:17:1b:2f:bf:e0:1d:88:9a:98:2a:9d:2d:
8e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:50:BC:40:DC:9F:8E:6B:82:D2:9A:76:03:50:D6:D1:E2:54:1C:64
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BC23ED89F7C11F09E5E91D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.64.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:5e:0f:d4:40:f0:eb:e2:c9:ef:d8:0e:1e:b8:57:32:3c:b5:
b2:55:e2:d6:41:5c:f3:e4:ff:3b:14:af:ef:cf:51:cb:1f:b4:
c7:82:8f:7d:1a:4f:b0:77:43:ac:9c:16:bc:72:74:7a:8e:4a:
11:40:0a:2d:a8:34:ce:11:a7:6c:e8:95:20:cc:5c:46:14:00:
44:d4:14:d9:a5:28:d6:2b:dd:f6:36:94:99:7d:02:a2:fe:b9:
7e:d7:de:bf:be:ac:7c:cf:fa:ae:4d:39:73:7c:03:f4:5f:da:
8a:07:1c:97:24:b2:7c:f1:b0:ad:5d:7f:b0:99:97:6e:e3:cf:
64:bd:41:95:6b:9a:55:6e:d3:87:72:3d:24:62:34:4b:49:09:
c1:32:75:8e:ff:b8:96:68:6b:59:61:54:7e:ba:08:51:eb:0e:
8a:e5:f4:c6:e7:bc:b8:c6:74:71:5d:69:c8:fa:1b:1a:92:ef:
58:29:ce:29:14:f5:c9:a8:d5:a7:0b:ff:ae:7c:e5:c9:60:16:
4a:1b:0a:17:1a:b3:12:a6:aa:f7:86:70:cf:36:16:ba:59:97:
52:88:8d:98:df:cb:38:dd:d7:39:79:00:23:1a:e2:46:38:d4:
66:6e:4f:06:c5:97:75:bc:ee:98:ba:c4:f6:f4:0e:23:57:2a:
bf:d2:17:d3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX56MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDAyMTA0MDMzWhcNMjUxMTE1MTA0MDMzWjAYMRYw
FAYDVQQDEw02OGRlNTZhNi1hM2I3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvGIlH6nXI0HBIZKXtmg8mUeprU6lwvjeKaaowFD70eH4tC9ae3mE2+27
I0JGageDkSHI3psjK2elyD94nNOUKnwmV9ofkNre25PQstACZTjxIcQ5YQz0DVbO
LC5uit3WkymRP3vTj4gHzLPvd05oc6EO+zrOxzHbP09UahnKMmaSUVZ8W7FSXTjy
X00TAdfKOGbAyf9kzxLKDMJrBH6LVRIWrTNJWkf5pR6+jyEm19+L+zY6ILRkTM3d
UyB+GRa4z2StGJU3sZ09PiFzB7i86/BpKQzfOSWrriaoZVvZMqP890AEfb8cnoAG
BNRcKHyI420XGy+/4B2ImpgqnS2O8QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJFQ
vEDcn45rgtKadgNQ1tHiVBxkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQkMyM0VEODlGN0MxMUYwOUU1RTkxRDhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcpAMA0GCSqGSIb3DQEBCwUA
A4IBAQC4Xg/UQPDr4snv2A4euFcyPLWyVeLWQVzz5P87FK/vz1HLH7THgo99Gk+w
d0OsnBa8cnR6jkoRQAotqDTOEads6JUgzFxGFABE1BTZpSjWK932NpSZfQKi/rl+
196/vqx8z/quTTlzfAP0X9qKBxyXJLJ88bCtXX+wmZdu489kvUGVa5pVbtOHcj0k
YjRLSQnBMnWO/7iWaGtZYVR+ughR6w6K5fTG57y4xnRxXWnI+hsaku9YKc4pFPXJ
qNWnC/+ufOXJYBZKGwoXGrMSpqr3hnDPNha6WZdSiI2Y38s43dc5eQAjGuJGONRm
bk8GxZd1vO6YusT29A4jVyq/0hfT
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:55 2025 by rpki-client