Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6ECD75628C9011F0B5F19A9DDAE4EC9C.roa
File: 6ECD75628C9011F0B5F19A9DDAE4EC9C.roa (raw, json)
Hash identifier: mfwD0R8ZbtJURET1+5SCVFUMh6Fhv/No3mtDonehNA0=
Subject key identifier: D4:A1:4D:9C:A3:DF:F1:74:14:D5:D0:A1:4C:08:84:F0:F3:09:6B:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017994
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6ECD75628C9011F0B5F19A9DDAE4EC9C.roa
Signing time: Mon 08 Sep 2025 08:47:22 +0000
ROA not before: Mon 08 Sep 2025 08:47:17 +0000
ROA not after: Wed 22 Oct 2025 08:47:17 +0000
asID: 395886
IP address blocks: 45.205.16.0/20 maxlen: 24
45.207.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Sep 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96660 (0x17994)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 8 08:47:17 2025 GMT
Not After : Oct 22 08:47:17 2025 GMT
Subject: CN=68be9819-7d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:84:b1:4b:52:87:ff:ef:a5:e9:31:63:33:98:
32:00:cb:c9:2b:84:8f:60:8b:0b:ca:48:dc:1c:c9:
f9:c3:c0:46:a4:9e:6e:20:bd:31:64:58:11:b0:19:
62:42:f3:6b:f4:7b:53:8e:7f:81:c3:5b:ce:e1:eb:
4e:ea:fa:ef:0d:df:73:c0:10:db:0e:74:93:6e:22:
86:c7:c6:28:87:33:b1:d5:df:bd:4c:25:d9:20:f2:
a2:ee:7c:1b:2e:de:cc:a1:75:d1:79:fa:f8:0d:f3:
3f:3a:6b:a9:d0:dc:6d:cc:0a:dd:9c:50:ca:b4:28:
b2:05:87:4b:4a:43:cc:4f:08:32:a3:c1:39:f1:39:
de:04:02:f2:44:f2:f7:c6:7a:5d:c7:36:47:67:f3:
68:9c:ba:aa:cd:a8:06:13:b1:3f:ea:fc:99:fb:5b:
19:cf:f9:93:85:f0:f6:42:84:fb:70:17:51:3e:8d:
b8:97:cc:17:cd:b6:fe:b9:1b:54:8c:ce:f0:4b:67:
a4:2b:fe:58:57:f2:3e:0f:e2:3f:29:d0:8d:dd:39:
b5:ea:e8:8e:09:a1:09:d9:31:45:29:1d:74:8b:64:
01:c2:d3:eb:21:f2:fa:af:39:dd:ec:e7:b2:81:fe:
b5:25:01:5b:c8:1c:dc:c7:3c:50:2b:6e:38:94:04:
a5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A1:4D:9C:A3:DF:F1:74:14:D5:D0:A1:4C:08:84:F0:F3:09:6B:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6ECD75628C9011F0B5F19A9DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.16.0/20
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
b5:ca:fb:ec:08:59:f8:99:02:6b:6b:c8:25:4c:88:fb:7d:7a:
cd:91:2b:6d:8d:ec:60:0f:8c:e9:a2:c3:d2:68:18:e2:e7:8d:
9b:32:4b:87:0a:4c:e1:b2:d2:f3:54:36:5a:e4:03:2d:a9:46:
64:75:c0:26:ba:1a:66:c6:b5:ce:c4:74:d2:55:52:af:63:2c:
08:3a:fd:ac:4c:72:e9:67:60:a2:2c:01:67:8f:da:09:fb:a6:
3c:d6:d5:7f:52:d1:9b:6d:f2:a1:36:db:1e:90:97:61:8f:82:
0a:c9:6b:dd:c6:58:ae:8e:1b:e9:0c:0c:bf:96:a4:1e:5a:22:
e7:53:37:85:17:4e:f1:7e:96:11:aa:68:10:f3:0c:c3:07:05:
c8:37:47:94:09:8a:7e:61:a8:d9:1f:ff:58:a2:6c:db:39:29:
5a:b3:78:c4:8b:75:83:6d:31:8d:df:2c:71:2e:dc:df:15:31:
16:13:a2:f7:f5:d8:9f:ae:24:8b:af:b6:75:d1:1d:9a:26:75:
ae:2b:6d:c0:39:50:b0:e6:aa:fc:5e:00:90:71:97:0a:f9:e3:
66:d7:20:b3:f9:d5:71:d5:64:bf:63:09:e7:51:69:f7:c9:08:
92:be:b6:23:a2:ab:4b:29:7d:72:f1:0a:ed:66:d5:d4:75:57:
75:94:cc:99
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXmUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTA4MDg0NzE3WhcNMjUxMDIyMDg0NzE3WjAYMRYw
FAYDVQQDEw02OGJlOTgxOS03ZDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA24SxS1KH/++l6TFjM5gyAMvJK4SPYIsLykjcHMn5w8BGpJ5uIL0xZFgR
sBliQvNr9HtTjn+Bw1vO4etO6vrvDd9zwBDbDnSTbiKGx8YohzOx1d+9TCXZIPKi
7nwbLt7MoXXRefr4DfM/Omup0NxtzArdnFDKtCiyBYdLSkPMTwgyo8E58TneBALy
RPL3xnpdxzZHZ/NonLqqzagGE7E/6vyZ+1sZz/mThfD2QoT7cBdRPo24l8wXzbb+
uRtUjM7wS2ekK/5YV/I+D+I/KdCN3Tm16uiOCaEJ2TFFKR10i2QBwtPrIfL6rznd
7Oeygf61JQFbyBzcxzxQK244lASl5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNSh
TZyj3/F0FNXQoUwIhPDzCWsiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RUNENzU2MjhDOTAxMUYwQjVGMTlBOUREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQELc0QAwQFLc/AMA0GCSqGSIb3
DQEBCwUAA4IBAQC1yvvsCFn4mQJra8glTIj7fXrNkSttjexgD4zposPSaBji542b
MkuHCkzhstLzVDZa5AMtqUZkdcAmuhpmxrXOxHTSVVKvYywIOv2sTHLpZ2CiLAFn
j9oJ+6Y81tV/UtGbbfKhNtsekJdhj4IKyWvdxliujhvpDAy/lqQeWiLnUzeFF07x
fpYRqmgQ8wzDBwXIN0eUCYp+YajZH/9YomzbOSlas3jEi3WDbTGN3yxxLtzfFTEW
E6L39difriSLr7Z10R2aJnWuK23AOVCw5qr8XgCQcZcK+eNm1yCz+dVx1WS/Ywnn
UWn3yQiSvrYjoqtLKX1y8QrtZtXUdVd1lMyZ
-----END CERTIFICATE-----
Generated at Thu Sep 18 08:12:54 2025 by rpki-client