Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A6E0AE68ACE11F0898211B0DAE4EC9C.roa
File: 5A6E0AE68ACE11F0898211B0DAE4EC9C.roa (raw, json)
Hash identifier: KOGjGEnJlKCFQBqCIPO2OkP/NtwAYrijxZQQHa1NLdI=
Subject key identifier: BC:45:D2:4A:21:F6:B4:37:90:4C:D0:2D:9F:D0:E4:08:55:BA:D8:3B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017942
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A6E0AE68ACE11F0898211B0DAE4EC9C.roa
Signing time: Sat 06 Sep 2025 03:05:34 +0000
ROA not before: Sat 06 Sep 2025 03:05:28 +0000
ROA not after: Wed 06 May 2026 03:05:28 +0000
asID: 8796
IP address blocks: 45.194.21.0/24 maxlen: 24
45.194.22.0/24 maxlen: 24
45.194.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96578 (0x17942)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 6 03:05:28 2025 GMT
Not After : May 6 03:05:28 2026 GMT
Subject: CN=68bba4fe-80c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e8:c8:f0:a1:90:61:df:2c:7d:4b:24:b0:ce:
71:2f:25:21:7d:1a:61:83:12:e7:b4:ae:fd:fd:d6:
0d:bc:93:51:63:cc:aa:fe:68:32:76:f9:62:51:c7:
37:23:36:1f:1b:a2:5a:3c:bf:e5:19:bf:d9:23:51:
40:54:42:f5:b8:22:f3:a1:48:d8:91:7e:1e:fe:7e:
15:98:fb:7e:a3:13:24:e5:46:dd:04:71:25:11:01:
29:a6:f4:1e:b9:3e:49:25:4d:35:66:58:52:46:18:
ae:c4:56:94:cb:d0:5f:f7:c2:4b:0c:70:4b:79:74:
5c:75:2b:42:cc:78:d4:c0:89:9d:7e:35:66:1d:18:
1e:62:0e:89:d9:fb:4c:9b:99:5d:a1:17:bd:e9:45:
76:12:f4:a2:11:8d:02:67:a1:51:0d:c6:53:a7:70:
0f:d8:08:a4:8e:e0:b2:45:4b:50:4a:d5:34:df:5a:
87:98:5e:c4:e1:93:ae:f6:c5:9c:1a:a3:e7:52:25:
c1:08:99:5f:1c:1b:3d:7e:4d:93:96:a6:37:fb:e3:
bc:58:c3:1b:e1:dc:b4:e9:11:66:2e:3d:c2:93:95:
d1:05:2e:e9:c8:f0:4e:89:b3:7d:7d:e8:4a:42:93:
e7:24:c2:a0:c6:fb:4a:6e:6c:4f:d2:96:13:96:dd:
8d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:45:D2:4A:21:F6:B4:37:90:4C:D0:2D:9F:D0:E4:08:55:BA:D8:3B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A6E0AE68ACE11F0898211B0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.21.0-45.194.23.255
Signature Algorithm: sha256WithRSAEncryption
01:d3:e3:09:39:ba:eb:70:9a:88:15:80:f4:ab:75:fb:cb:d8:
10:e9:55:3d:1b:b2:da:a9:74:28:d9:80:f8:f4:a2:3e:7e:10:
b0:f8:b7:41:a7:54:3b:af:f6:8b:ba:ca:2d:e4:c1:62:bc:d6:
e4:95:00:48:77:e4:5f:4d:3c:fa:e7:ca:45:4e:15:77:58:1a:
43:5e:39:59:4e:ec:46:92:db:d6:2b:2a:bc:6f:13:7c:7e:b7:
7d:81:f5:ef:73:08:24:6d:9b:8f:93:e5:98:5d:2c:7e:2e:23:
3d:1f:83:8c:f7:43:c0:eb:44:aa:fd:e5:99:80:09:73:b0:48:
ce:aa:01:50:88:83:be:0c:21:19:c4:f1:27:b9:70:bb:3b:ae:
84:31:0a:48:cf:48:fe:2e:09:28:f0:dc:e6:71:0d:e4:37:a8:
1c:5e:73:68:ac:4f:cc:38:06:ec:5b:b9:36:eb:15:6f:8a:86:
c8:c8:3c:4e:c5:e7:3c:94:19:50:7d:4b:64:6a:47:b8:fb:65:
eb:15:ce:b6:95:bc:8a:b0:a0:af:a0:d1:03:0c:25:db:eb:c2:
b3:7e:91:94:01:ca:50:95:d8:e9:39:a6:09:64:60:b1:95:58:
8c:0b:b6:1d:fd:48:2f:d9:f4:9c:9d:28:53:c6:f2:10:e8:3c:
55:3a:70:8f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAXlCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTA2MDMwNTI4WhcNMjYwNTA2MDMwNTI4WjAYMRYw
FAYDVQQDEw02OGJiYTRmZS04MGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxejI8KGQYd8sfUsksM5xLyUhfRphgxLntK79/dYNvJNRY8yq/mgydvli
Ucc3IzYfG6JaPL/lGb/ZI1FAVEL1uCLzoUjYkX4e/n4VmPt+oxMk5UbdBHElEQEp
pvQeuT5JJU01ZlhSRhiuxFaUy9Bf98JLDHBLeXRcdStCzHjUwImdfjVmHRgeYg6J
2ftMm5ldoRe96UV2EvSiEY0CZ6FRDcZTp3AP2AikjuCyRUtQStU031qHmF7E4ZOu
9sWcGqPnUiXBCJlfHBs9fk2TlqY3++O8WMMb4dy06RFmLj3Ck5XRBS7pyPBOibN9
fehKQpPnJMKgxvtKbmxP0pYTlt2NMQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLxF
0koh9rQ3kEzQLZ/Q5AhVutg7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QTZFMEFFNjhBQ0UxMUYwODk4MjExQjBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtwhUDBAMtwhAwDQYJKoZI
hvcNAQELBQADggEBAAHT4wk5uutwmogVgPSrdfvL2BDpVT0bstqpdCjZgPj0oj5+
ELD4t0GnVDuv9ou6yi3kwWK81uSVAEh35F9NPPrnykVOFXdYGkNeOVlO7EaS29Yr
KrxvE3x+t32B9e9zCCRtm4+T5ZhdLH4uIz0fg4z3Q8DrRKr95ZmACXOwSM6qAVCI
g74MIRnE8Se5cLs7roQxCkjPSP4uCSjw3OZxDeQ3qBxec2isT8w4BuxbuTbrFW+K
hsjIPE7F5zyUGVB9S2RqR7j7ZesVzraVvIqwoK+g0QMMJdvrwrN+kZQBylCV2Ok5
pglkYLGVWIwLth39SC/Z9JydKFPG8hDoPFU6cI8=
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:06 2025 by rpki-client