Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/684E76EC8AC811F097624B86DAE4EC9C.roa
File: 684E76EC8AC811F097624B86DAE4EC9C.roa (raw, json)
Hash identifier: oQ1PoJtLVOMj6XQnMT6LWwVNHoRx3jT8ulCE3xQdYWs=
Subject key identifier: A6:F1:DA:7F:0A:76:6C:A3:18:A5:FF:2E:60:AD:CE:CE:58:87:E1:D7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017940
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/684E76EC8AC811F097624B86DAE4EC9C.roa
Signing time: Sat 06 Sep 2025 02:23:00 +0000
ROA not before: Sat 06 Sep 2025 02:22:55 +0000
ROA not after: Wed 06 May 2026 02:22:55 +0000
asID: 395886
IP address blocks: 45.194.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 19 Sep 2025 12:05:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96576 (0x17940)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 6 02:22:55 2025 GMT
Not After : May 6 02:22:55 2026 GMT
Subject: CN=68bb9b04-b12f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f9:75:73:a3:87:02:79:c5:59:06:93:bf:16:
6f:48:7c:8f:9e:3f:c1:9f:37:44:7e:32:01:f7:cd:
c9:0e:40:35:72:60:b1:ad:18:ee:8c:0b:65:25:95:
dd:74:37:84:2e:f6:9b:9d:3e:11:9f:15:24:9f:e6:
f3:cb:83:19:f3:92:2c:92:b5:03:10:22:f5:0e:41:
22:c8:09:7d:fb:f6:8b:52:9b:1b:9e:a5:3d:30:b3:
74:1c:91:f9:fe:f0:eb:03:ca:eb:2f:69:85:5f:bc:
de:f3:aa:92:14:0b:8e:3c:be:dc:8c:05:cf:6a:53:
a5:8b:2d:98:cf:70:b7:f5:85:e8:2e:6a:b6:83:7f:
4b:c2:52:27:5b:fd:f7:fe:43:46:e5:ff:74:d6:83:
ef:c9:bf:dc:02:e2:49:2e:58:60:f7:3a:c9:29:06:
63:cd:f4:f5:f2:97:46:f6:06:62:f8:5c:2a:be:7f:
6a:9d:f1:50:67:45:8d:17:8d:d7:db:c9:13:4d:80:
3e:1a:6f:07:24:20:0e:a4:15:b3:26:2a:c9:ff:4b:
73:57:2f:6b:c7:82:fa:0d:b4:18:fb:15:d4:1c:cd:
77:f1:17:0a:61:5a:af:6d:9d:0e:fd:74:54:61:2d:
c1:ae:de:a5:09:59:9d:6a:c0:6f:8d:5e:9d:f9:5c:
02:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F1:DA:7F:0A:76:6C:A3:18:A5:FF:2E:60:AD:CE:CE:58:87:E1:D7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/684E76EC8AC811F097624B86DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.20.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:55:b3:2e:35:21:90:b0:07:e5:f8:6e:e6:c9:e1:97:56:55:
dd:57:ea:d6:a4:fb:5c:92:d1:4e:df:94:cf:8f:94:a2:fb:6f:
46:ab:58:75:ad:81:79:17:60:b9:0f:15:7a:62:5f:fd:79:ce:
1e:9f:aa:cc:f8:17:13:87:85:1c:5f:ed:e6:d7:98:3e:0a:ff:
75:9b:45:7d:50:53:d2:5c:ec:ce:8a:db:fd:90:e6:0b:45:a2:
43:bf:bf:89:81:6f:df:81:ba:55:59:b3:21:66:c5:df:16:84:
d4:a3:b5:a3:ad:e9:d1:c7:4e:2f:3c:13:ad:4b:f6:65:84:a0:
59:a9:d0:bb:d6:2f:1d:41:19:f2:00:37:ef:64:54:46:61:be:
82:71:ee:43:94:d4:b0:cb:82:b5:0b:e2:26:d2:15:98:5d:c5:
72:60:6c:57:49:01:c8:5d:1f:ff:c2:3f:0f:cc:cc:07:37:33:
16:50:77:2b:18:1a:d0:7f:a8:e5:5e:d9:5f:e1:10:0a:7f:35:
68:c9:69:dc:4d:40:cc:e8:bc:eb:30:34:10:f4:5c:45:34:f5:
29:e7:ae:0c:f2:2c:18:78:b1:9c:06:aa:23:93:99:c9:d2:d9:
68:a0:51:90:57:65:3f:fa:61:98:85:39:71:84:fe:68:1d:4b:
99:71:69:67
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXlAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTA2MDIyMjU1WhcNMjYwNTA2MDIyMjU1WjAYMRYw
FAYDVQQDEw02OGJiOWIwNC1iMTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0vl1c6OHAnnFWQaTvxZvSHyPnj/BnzdEfjIB983JDkA1cmCxrRjujAtl
JZXddDeELvabnT4RnxUkn+bzy4MZ85IskrUDECL1DkEiyAl9+/aLUpsbnqU9MLN0
HJH5/vDrA8rrL2mFX7ze86qSFAuOPL7cjAXPalOliy2Yz3C39YXoLmq2g39LwlIn
W/33/kNG5f901oPvyb/cAuJJLlhg9zrJKQZjzfT18pdG9gZi+Fwqvn9qnfFQZ0WN
F43X28kTTYA+Gm8HJCAOpBWzJirJ/0tzVy9rx4L6DbQY+xXUHM138RcKYVqvbZ0O
/XRUYS3Brt6lCVmdasBvjV6d+VwC+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKbx
2n8KdmyjGKX/LmCtzs5Yh+HXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82ODRFNzZFQzhBQzgxMUYwOTc2MjRCODZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcIUMA0GCSqGSIb3DQEBCwUA
A4IBAQAcVbMuNSGQsAfl+G7myeGXVlXdV+rWpPtcktFO35TPj5Si+29Gq1h1rYF5
F2C5DxV6Yl/9ec4en6rM+BcTh4UcX+3m15g+Cv91m0V9UFPSXOzOitv9kOYLRaJD
v7+JgW/fgbpVWbMhZsXfFoTUo7WjrenRx04vPBOtS/ZlhKBZqdC71i8dQRnyADfv
ZFRGYb6Cce5DlNSwy4K1C+Im0hWYXcVyYGxXSQHIXR//wj8PzMwHNzMWUHcrGBrQ
f6jlXtlf4RAKfzVoyWncTUDM6LzrMDQQ9FxFNPUp564M8iwYeLGcBqojk5nJ0tlo
oFGQV2U/+mGYhTlxhP5oHUuZcWln
-----END CERTIFICATE-----
Generated at Thu Sep 18 02:21:30 2025 by rpki-client