Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66C2AEE09D0D11F08FC0FB98DAE4EC9C.roa
File: 66C2AEE09D0D11F08FC0FB98DAE4EC9C.roa (raw, json)
Hash identifier: FEry6PJoiZANV0Yeea1vJtEFp41aD3MtNQGyut4ZzNU=
Subject key identifier: 00:7D:A4:35:08:9D:41:FE:0F:12:F6:79:4B:89:7A:97:D6:29:F4:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017DA7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66C2AEE09D0D11F08FC0FB98DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 08:22:14 +0000
ROA not before: Mon 29 Sep 2025 08:22:08 +0000
ROA not after: Mon 27 Oct 2025 08:22:08 +0000
asID: 138456
IP address blocks: 45.202.194.0/23 maxlen: 24
45.202.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 16 Oct 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97703 (0x17da7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 08:22:08 2025 GMT
Not After : Oct 27 08:22:08 2025 GMT
Subject: CN=68da41b5-04de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b5:02:6f:fc:9b:41:d1:31:84:b0:f0:99:f5:
20:05:4d:d2:5d:55:ec:4a:66:f6:05:90:45:74:cc:
2e:70:42:4c:1a:04:cd:2f:45:a2:be:49:b2:e9:e8:
d9:cf:92:50:7f:44:79:dc:3d:92:34:0a:1c:14:bc:
1e:93:3a:7a:9b:8f:36:d8:64:7b:c1:b0:f6:49:37:
54:0b:6e:4b:b9:fc:ac:a8:a5:89:c4:62:d8:6b:a5:
ea:e4:61:3c:24:20:c5:b2:38:b9:5b:c9:de:05:7c:
54:3a:73:da:86:f5:89:49:58:78:b5:71:1c:1e:1d:
0b:21:61:dd:f1:b5:ea:65:51:16:37:8e:6a:a2:d7:
cb:28:1b:b7:91:1e:40:74:05:0d:8e:78:87:14:79:
4a:aa:51:2f:8e:c0:7a:1b:76:1c:e1:54:87:a5:a5:
80:89:95:6d:2c:4f:66:2d:45:8d:56:a2:f7:5e:26:
75:ef:8e:6c:61:12:47:03:8b:79:cf:01:6d:f5:ce:
79:8a:e5:0e:09:de:f8:a9:55:ea:2b:0f:fa:e1:fb:
c4:22:d0:d0:78:6d:84:96:86:70:fc:f7:37:e7:3b:
b1:79:09:0c:2d:4b:58:af:21:1c:58:6d:1b:96:02:
11:7b:ad:dd:25:5d:3d:ee:53:b0:0a:3a:1f:bf:62:
6b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7D:A4:35:08:9D:41:FE:0F:12:F6:79:4B:89:7A:97:D6:29:F4:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66C2AEE09D0D11F08FC0FB98DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.194.0-45.202.196.255
Signature Algorithm: sha256WithRSAEncryption
7a:21:05:9d:72:03:a4:75:a7:b6:56:26:60:d9:a8:3c:15:be:
8e:3a:4d:92:1a:26:2b:32:bf:86:d9:c0:9b:3b:0c:66:54:29:
a0:63:7f:c3:6c:3c:d6:f8:0e:d7:5c:23:4a:ff:d7:96:74:2e:
0b:34:e4:88:b8:22:37:90:fa:98:0e:c7:ec:1b:1b:6b:cd:d1:
36:ac:bb:ee:65:95:42:9a:72:e2:c4:86:b5:b9:6f:60:24:7f:
ff:44:b5:41:3e:6b:f6:9a:f7:1f:40:79:c1:c8:78:48:15:21:
d6:5e:8b:dc:e9:6b:a7:3d:97:c9:6d:8c:69:cd:fc:fd:a6:f3:
83:5d:48:03:fd:bc:5f:8c:c6:2d:86:e5:51:90:00:da:be:ac:
70:e4:5e:8f:53:62:d9:7d:6d:2c:e6:f1:07:48:1c:ae:5a:43:
78:df:fd:6f:85:99:46:da:de:27:bf:1b:d6:d5:4a:26:a1:0d:
34:44:41:84:7c:69:81:95:85:bd:01:dc:22:f8:12:81:47:cb:
27:42:70:f1:04:2b:c4:43:04:99:5e:4e:b2:a7:cd:e4:7b:1b:
d9:e0:37:bb:5a:88:91:09:78:b1:ea:b2:8f:52:b8:43:fe:e0:
ac:31:d2:5b:32:49:f7:80:06:8f:9e:97:f3:d3:b6:34:96:13:
d3:c5:5b:c8
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAX2nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI5MDgyMjA4WhcNMjUxMDI3MDgyMjA4WjAYMRYw
FAYDVQQDEw02OGRhNDFiNS0wNGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnLUCb/ybQdExhLDwmfUgBU3SXVXsSmb2BZBFdMwucEJMGgTNL0Wivkmy
6ejZz5JQf0R53D2SNAocFLwekzp6m4822GR7wbD2STdUC25LufysqKWJxGLYa6Xq
5GE8JCDFsji5W8neBXxUOnPahvWJSVh4tXEcHh0LIWHd8bXqZVEWN45qotfLKBu3
kR5AdAUNjniHFHlKqlEvjsB6G3Yc4VSHpaWAiZVtLE9mLUWNVqL3XiZ1745sYRJH
A4t5zwFt9c55iuUOCd74qVXqKw/64fvEItDQeG2EloZw/Pc35zuxeQkMLUtYryEc
WG0blgIRe63dJV097lOwCjofv2JrzwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAB9
pDUInUH+DxL2eUuJepfWKfQ0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NkMyQUVFMDlEMEQxMUYwOEZDMEZCOThEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEtysIDBAAtysQwDQYJKoZI
hvcNAQELBQADggEBAHohBZ1yA6R1p7ZWJmDZqDwVvo46TZIaJisyv4bZwJs7DGZU
KaBjf8NsPNb4DtdcI0r/15Z0Lgs05Ii4IjeQ+pgOx+wbG2vN0Tasu+5llUKacuLE
hrW5b2Akf/9EtUE+a/aa9x9AecHIeEgVIdZei9zpa6c9l8ltjGnN/P2m84NdSAP9
vF+Mxi2G5VGQANq+rHDkXo9TYtl9bSzm8QdIHK5aQ3jf/W+FmUba3ie/G9bVSiah
DTREQYR8aYGVhb0B3CL4EoFHyydCcPEEK8RDBJleTrKnzeR7G9ngN7taiJEJeLHq
so9SuEP+4Kwx0lsySfeABo+el/PTtjSWE9PFW8g=
-----END CERTIFICATE-----
Generated at Tue Oct 14 11:44:46 2025 by rpki-client