Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A02562887CF11F0BA0AEBC1DAE4EC9C.roa
File: 4A02562887CF11F0BA0AEBC1DAE4EC9C.roa (raw, json)
Hash identifier: +I0XvhSqjHIhZ9qIdp/vz61b97di6HtSiZGsJgC9glg=
Subject key identifier: 32:C3:58:1D:C1:15:1B:62:4B:7B:ED:FF:AF:45:0D:90:99:2F:FC:4D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01761B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A02562887CF11F0BA0AEBC1DAE4EC9C.roa
Signing time: Tue 02 Sep 2025 07:34:42 +0000
ROA not before: Tue 02 Sep 2025 07:34:37 +0000
ROA not after: Wed 10 Sep 2025 07:34:37 +0000
asID: 138910
IP address blocks: 45.195.240.0/24 maxlen: 24
45.195.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95771 (0x1761b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 2 07:34:37 2025 GMT
Not After : Sep 10 07:34:37 2025 GMT
Subject: CN=68b69e12-0a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c4:1f:5e:ca:1f:d8:3d:82:63:df:b4:8e:3d:
9e:ea:6a:e9:55:46:89:5c:98:cf:9d:84:bb:f3:3e:
e7:0c:7d:66:93:cb:a0:8f:35:89:f9:92:81:14:5a:
cf:e8:f8:30:04:18:92:dd:b7:3d:69:a9:0b:0e:03:
de:40:56:f4:1f:54:ed:d4:8b:2c:7a:2a:90:f0:51:
d0:13:b5:12:9f:ba:a3:4f:30:0a:df:e5:d0:ac:8f:
b3:7a:f9:c9:32:ae:30:b6:31:e4:3b:86:06:89:fa:
ba:e8:38:c4:76:b7:1c:3e:9f:ab:e9:76:ee:80:8b:
13:4e:45:a5:d9:99:7d:aa:ac:40:ed:89:7b:38:99:
0c:58:96:3e:f5:d6:b9:30:92:69:07:f6:0b:3c:12:
df:5c:a1:7e:b1:a3:2a:1c:a6:10:01:b0:c1:85:9e:
8f:21:d8:a7:2f:1f:4f:ea:6a:54:be:de:8a:db:a1:
cd:07:10:22:1d:b0:71:b5:37:90:2f:d6:fd:61:b8:
b3:8c:12:73:dd:50:98:8b:9b:90:98:57:39:2e:da:
13:aa:8b:aa:fc:70:12:ac:21:76:2b:65:f7:bc:e9:
9c:71:b3:63:c5:a7:91:5f:5d:d9:14:39:8f:2f:78:
58:35:46:d4:dc:55:2e:0a:51:33:03:10:10:4e:14:
2b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C3:58:1D:C1:15:1B:62:4B:7B:ED:FF:AF:45:0D:90:99:2F:FC:4D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A02562887CF11F0BA0AEBC1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.240.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:e4:9d:d5:a9:7d:1c:a2:a2:8f:03:7f:9f:7f:35:31:3a:c9:
ce:24:5e:bf:c1:c5:83:1c:98:f3:93:07:0d:4e:58:0f:3d:b8:
da:fa:75:90:a1:2e:04:f6:95:7b:8f:dc:44:fa:c9:cb:4e:d6:
8b:63:d4:5a:0c:74:c8:f8:1f:c4:2e:02:03:36:d1:e1:93:d4:
61:4f:df:31:d2:f5:17:20:f5:2a:a1:09:29:46:37:9b:9f:7c:
70:07:33:cf:6c:9e:23:b5:0f:e2:49:96:26:cf:54:ca:9c:a1:
4c:50:99:81:08:a8:0a:4d:c3:b8:8b:a5:37:e6:8a:4b:42:5f:
7c:c9:d8:04:53:24:6e:68:2d:95:2c:9d:ee:37:81:15:35:d0:
a9:39:c2:64:5d:4e:82:8c:cf:78:69:68:77:41:94:e6:d1:ac:
48:39:cb:45:a5:00:b7:50:19:cd:b8:4c:7b:cb:ca:70:30:a3:
61:9a:0b:fe:7e:04:34:2b:80:6d:d3:af:62:38:05:bd:d5:84:
2f:65:b4:e6:d0:57:71:a6:b5:86:17:7a:a6:8e:21:d6:47:11:
b5:a4:8d:de:da:be:22:e6:06:5b:fa:6e:c9:41:f7:7c:d0:30:
51:d2:36:fc:d6:ea:5c:12:62:0b:39:5f:1f:54:d6:fb:e5:c7:
1a:f0:9c:a4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXYbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTAyMDczNDM3WhcNMjUwOTEwMDczNDM3WjAYMRYw
FAYDVQQDEw02OGI2OWUxMi0wYTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu8QfXsof2D2CY9+0jj2e6mrpVUaJXJjPnYS78z7nDH1mk8ugjzWJ+ZKB
FFrP6PgwBBiS3bc9aakLDgPeQFb0H1Tt1IsseiqQ8FHQE7USn7qjTzAK3+XQrI+z
evnJMq4wtjHkO4YGifq66DjEdrccPp+r6XbugIsTTkWl2Zl9qqxA7Yl7OJkMWJY+
9da5MJJpB/YLPBLfXKF+saMqHKYQAbDBhZ6PIdinLx9P6mpUvt6K26HNBxAiHbBx
tTeQL9b9YbizjBJz3VCYi5uQmFc5LtoTqouq/HASrCF2K2X3vOmccbNjxaeRX13Z
FDmPL3hYNUbU3FUuClEzAxAQThQrtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDLD
WB3BFRtiS3vt/69FDZCZL/xNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QTAyNTYyODg3Q0YxMUYwQkEwQUVCQzFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcPwMA0GCSqGSIb3DQEBCwUA
A4IBAQCm5J3VqX0coqKPA3+ffzUxOsnOJF6/wcWDHJjzkwcNTlgPPbja+nWQoS4E
9pV7j9xE+snLTtaLY9RaDHTI+B/ELgIDNtHhk9RhT98x0vUXIPUqoQkpRjebn3xw
BzPPbJ4jtQ/iSZYmz1TKnKFMUJmBCKgKTcO4i6U35opLQl98ydgEUyRuaC2VLJ3u
N4EVNdCpOcJkXU6CjM94aWh3QZTm0axIOctFpQC3UBnNuEx7y8pwMKNhmgv+fgQ0
K4Bt069iOAW91YQvZbTm0FdxprWGF3qmjiHWRxG1pI3e2r4i5gZb+m7JQfd80DBR
0jb81upcEmILOV8fVNb75cca8Jyk
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:22:04 2025 by rpki-client