Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F3CFBAE580B11F08D514378DAE4EC9C.roa
File: 5F3CFBAE580B11F08D514378DAE4EC9C.roa (raw, json)
Hash identifier: Hl27co0EnxfZzSPPxeBvzRnGiMo87TilEo2bE7CWYXY=
Subject key identifier: 35:75:C4:7F:51:CE:9D:F6:C3:6A:B2:91:18:E1:A4:8C:69:1A:96:44
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016080
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F3CFBAE580B11F08D514378DAE4EC9C.roa
Signing time: Thu 03 Jul 2025 12:43:52 +0000
ROA not before: Thu 03 Jul 2025 12:43:47 +0000
ROA not after: Sun 10 Aug 2025 12:43:47 +0000
asID: 20473
IP address blocks: 45.196.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Jul 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90240 (0x16080)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 3 12:43:47 2025 GMT
Not After : Aug 10 12:43:47 2025 GMT
Subject: CN=68667b08-f04b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f3:61:4e:3d:65:42:51:7f:9b:59:a6:5a:f3:
96:84:c7:b3:96:62:67:99:84:d2:54:31:da:db:ec:
ba:f1:af:23:18:4e:c2:5e:ff:60:83:4d:a8:e9:4a:
3c:bd:39:c0:4a:ca:f6:75:68:09:a3:73:38:e1:74:
96:42:33:5a:a7:d6:3f:21:a0:02:a9:65:d6:f5:df:
2f:00:b4:9d:0a:49:57:7b:fc:a4:f5:7a:1c:6d:db:
e0:b2:fb:49:cc:ba:e6:21:19:4e:72:51:4a:12:37:
e0:f9:9c:91:f0:a8:3b:be:07:ea:81:6b:81:67:9a:
68:74:81:ed:5b:13:3b:b3:ef:54:65:1d:ed:fc:37:
33:cd:bc:d3:e7:e5:68:80:88:27:c9:57:e9:ef:ba:
28:d0:5d:09:17:e4:4d:c6:67:e7:4d:63:df:60:d1:
b9:8e:4f:3b:7f:d3:5b:c6:c3:21:99:0b:0f:b5:d2:
a4:7f:6d:80:ad:46:25:d4:1c:fc:c9:b6:57:71:dc:
5b:ba:3a:5a:a9:74:15:7f:a4:21:ef:82:55:0b:35:
94:d8:d7:ae:c2:64:dc:07:b8:41:a7:e7:1b:67:7a:
1e:19:67:a7:b4:2c:2f:24:1c:d8:8b:d3:80:39:63:
87:58:74:9b:78:f3:75:34:0e:ea:2a:15:79:88:28:
00:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:75:C4:7F:51:CE:9D:F6:C3:6A:B2:91:18:E1:A4:8C:69:1A:96:44
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F3CFBAE580B11F08D514378DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.200.0/24
Signature Algorithm: sha256WithRSAEncryption
61:6d:27:7d:1d:5d:bf:e4:ad:f4:42:32:d0:3f:40:67:64:1c:
29:bf:e4:9f:66:3b:8f:44:d6:81:4a:3f:9c:a0:44:42:37:5f:
3c:a2:be:91:eb:6d:52:fd:08:92:a8:b7:4d:e2:90:61:48:a0:
95:3a:ca:71:42:c0:88:e4:4f:02:50:30:b1:bb:e2:b1:8d:08:
f2:fc:40:5b:14:15:83:ee:d2:3c:f0:fb:cd:e9:cb:4b:c3:70:
b7:13:68:d7:91:29:ac:50:50:a6:62:b4:d2:08:cb:ac:1b:c5:
5f:bb:2b:17:44:62:bb:29:03:32:d8:8e:94:e7:6c:12:63:f3:
a9:07:1d:b6:a7:6d:8f:71:cc:78:ae:d2:11:50:12:d5:b4:42:
73:df:ed:ac:51:2a:22:51:ae:67:45:3b:9f:69:39:fe:db:c2:
a5:5f:f1:b5:d9:c5:c3:65:f3:46:aa:e0:8d:6a:5e:7a:d8:c7:
8a:65:af:40:ae:92:a0:ca:82:a9:00:9c:0d:67:56:99:57:6f:
f7:98:c8:68:bb:b7:4f:11:66:8e:3d:07:f2:d8:5d:6e:03:e4:
c9:04:dc:91:38:71:a5:01:6d:c1:83:46:0d:23:d9:83:2c:99:
a7:0d:1f:d6:53:bf:fe:e1:2c:c9:2d:68:d1:01:cd:a1:66:12:
24:85:fc:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWCAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAzMTI0MzQ3WhcNMjUwODEwMTI0MzQ3WjAYMRYw
FAYDVQQDEw02ODY2N2IwOC1mMDRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwfNhTj1lQlF/m1mmWvOWhMezlmJnmYTSVDHa2+y68a8jGE7CXv9gg02o
6Uo8vTnASsr2dWgJo3M44XSWQjNap9Y/IaACqWXW9d8vALSdCklXe/yk9Xocbdvg
svtJzLrmIRlOclFKEjfg+ZyR8Kg7vgfqgWuBZ5podIHtWxM7s+9UZR3t/DczzbzT
5+VogIgnyVfp77oo0F0JF+RNxmfnTWPfYNG5jk87f9NbxsMhmQsPtdKkf22ArUYl
1Bz8ybZXcdxbujpaqXQVf6Qh74JVCzWU2NeuwmTcB7hBp+cbZ3oeGWentCwvJBzY
i9OAOWOHWHSbePN1NA7qKhV5iCgA7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDV1
xH9Rzp32w2qykRjhpIxpGpZEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RjNDRkJBRTU4MEIxMUYwOEQ1MTQzNzhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTIMA0GCSqGSIb3DQEBCwUA
A4IBAQBhbSd9HV2/5K30QjLQP0BnZBwpv+SfZjuPRNaBSj+coERCN188or6R621S
/QiSqLdN4pBhSKCVOspxQsCI5E8CUDCxu+KxjQjy/EBbFBWD7tI88PvN6ctLw3C3
E2jXkSmsUFCmYrTSCMusG8VfuysXRGK7KQMy2I6U52wSY/OpBx22p22Pccx4rtIR
UBLVtEJz3+2sUSoiUa5nRTufaTn+28KlX/G12cXDZfNGquCNal562MeKZa9ArpKg
yoKpAJwNZ1aZV2/3mMhou7dPEWaOPQfy2F1uA+TJBNyROHGlAW3Bg0YNI9mDLJmn
DR/WU7/+4SzJLWjRAc2hZhIkhfxV
-----END CERTIFICATE-----
Generated at Mon Jul 7 04:29:43 2025 by rpki-client