Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81AC5B3C952611F0912400EDDAE4EC9C.roa
File: 81AC5B3C952611F0912400EDDAE4EC9C.roa (raw, json)
Hash identifier: hhtVl8ToJPgEdipAX8i3dy+KrhCz3f1ZXZFeafC9gIY=
Subject key identifier: 5A:4C:FC:CE:36:4D:AB:CC:79:C0:53:E7:1B:0D:E6:DA:A0:BC:A0:CE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017C35
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81AC5B3C952611F0912400EDDAE4EC9C.roa
Signing time: Fri 19 Sep 2025 07:01:47 +0000
ROA not before: Fri 19 Sep 2025 07:01:42 +0000
ROA not after: Thu 25 Dec 2025 07:01:42 +0000
asID: 140401
IP address blocks: 45.198.248.0/24 maxlen: 24
45.198.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97333 (0x17c35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 19 07:01:42 2025 GMT
Not After : Dec 25 07:01:42 2025 GMT
Subject: CN=68ccffdb-1efa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e4:29:dc:59:1b:71:c6:75:11:dd:51:94:d0:
6e:ba:d4:48:74:eb:14:eb:10:e6:9d:7e:ee:51:73:
31:ba:8b:25:cd:20:c0:1d:de:3e:b9:a0:d0:4e:65:
a1:6e:4d:7e:34:da:c4:f1:31:e7:61:36:48:d2:0e:
b6:e7:da:b5:73:18:f2:0f:7f:4a:84:d8:a7:ca:45:
77:81:a8:d4:89:c3:66:9b:43:27:18:c6:c3:18:9a:
c9:43:1b:5c:f1:f6:20:00:dc:d9:ce:1b:8c:0f:bc:
1c:77:1f:33:1f:e5:29:be:ef:24:a0:ea:2d:ac:6a:
89:c5:ae:39:35:8b:85:71:13:f3:a2:a3:fb:c4:5f:
a5:e0:e7:70:62:86:1a:9d:95:b1:17:1b:f4:ab:ba:
08:84:61:cc:fc:4b:0f:30:c5:80:e9:d3:4b:04:8c:
35:03:94:ea:fc:14:cc:7e:da:cc:dc:e8:13:23:62:
25:db:b5:c2:f2:49:e7:1c:2c:70:b3:32:4f:e8:b4:
2b:5d:75:ef:10:cb:fa:c0:09:e0:be:bd:17:62:19:
78:4d:c9:b2:5c:4b:34:0f:c3:6f:12:3c:f7:83:37:
31:a5:63:19:32:f9:05:76:74:fd:f6:eb:d5:21:7c:
85:f9:fa:02:e1:2f:79:11:f1:74:60:b2:0d:eb:c2:
da:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4C:FC:CE:36:4D:AB:CC:79:C0:53:E7:1B:0D:E6:DA:A0:BC:A0:CE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81AC5B3C952611F0912400EDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.248.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:46:98:8e:09:f6:69:72:5b:eb:48:f5:20:ac:5e:e2:d6:65:
45:8e:a5:04:e1:e5:81:98:ac:71:3a:e0:1d:13:b4:d5:94:7f:
6c:6f:af:d3:c3:bc:46:00:0b:bf:bc:44:98:bc:88:ec:44:2c:
78:ac:17:d8:e0:90:db:64:de:00:66:b3:49:6f:ab:90:d2:d4:
f2:b4:f8:c1:ea:ef:b7:d6:9c:c9:81:91:48:a2:2a:eb:78:08:
ce:47:8b:63:08:b4:0e:7b:89:ca:2c:ff:a2:d6:89:21:c0:d7:
6c:60:da:5a:64:95:ea:d5:07:bf:f3:f5:72:20:b2:25:da:77:
27:93:b2:bd:ff:56:4d:bd:d0:e0:a6:22:6f:ee:f4:e2:88:b8:
83:5f:fd:89:70:54:3e:82:70:e3:c1:ee:e3:82:be:b0:cd:3f:
44:a4:14:50:74:c0:a0:88:0b:a5:57:61:9f:29:94:2f:72:8a:
df:21:f2:b9:ec:04:13:69:d0:f7:39:0d:28:2e:4b:90:62:a6:
5f:cd:ef:a0:89:33:2b:43:60:6d:c2:d5:f8:2c:2f:36:13:13:
c2:5c:d4:9c:28:03:11:fd:7f:c9:61:a3:0f:af:21:5b:75:f1:
ca:86:6f:dd:d1:e6:21:ae:f7:fc:68:cd:5c:b0:c7:76:4f:d9:
03:6b:76:37
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXw1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE5MDcwMTQyWhcNMjUxMjI1MDcwMTQyWjAYMRYw
FAYDVQQDEw02OGNjZmZkYi0xZWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApOQp3FkbccZ1Ed1RlNBuutRIdOsU6xDmnX7uUXMxuoslzSDAHd4+uaDQ
TmWhbk1+NNrE8THnYTZI0g6259q1cxjyD39KhNinykV3gajUicNmm0MnGMbDGJrJ
Qxtc8fYgANzZzhuMD7wcdx8zH+Upvu8koOotrGqJxa45NYuFcRPzoqP7xF+l4Odw
YoYanZWxFxv0q7oIhGHM/EsPMMWA6dNLBIw1A5Tq/BTMftrM3OgTI2Il27XC8knn
HCxwszJP6LQrXXXvEMv6wAngvr0XYhl4TcmyXEs0D8NvEjz3gzcxpWMZMvkFdnT9
9uvVIXyF+foC4S95EfF0YLIN68LaSQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFpM
/M42TavMecBT5xsN5tqgvKDOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MUFDNUIzQzk1MjYxMUYwOTEyNDAwRUREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcb4MA0GCSqGSIb3DQEBCwUA
A4IBAQChRpiOCfZpclvrSPUgrF7i1mVFjqUE4eWBmKxxOuAdE7TVlH9sb6/Tw7xG
AAu/vESYvIjsRCx4rBfY4JDbZN4AZrNJb6uQ0tTytPjB6u+31pzJgZFIoirreAjO
R4tjCLQOe4nKLP+i1okhwNdsYNpaZJXq1Qe/8/VyILIl2ncnk7K9/1ZNvdDgpiJv
7vTiiLiDX/2JcFQ+gnDjwe7jgr6wzT9EpBRQdMCgiAulV2GfKZQvcorfIfK57AQT
adD3OQ0oLkuQYqZfze+giTMrQ2BtwtX4LC82ExPCXNScKAMR/X/JYaMPryFbdfHK
hm/d0eYhrvf8aM1csMd2T9kDa3Y3
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:06 2025 by rpki-client