Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/897BA746A43A11F0B314E29FDAE4EC9C.roa
File: 897BA746A43A11F0B314E29FDAE4EC9C.roa (raw, json)
Hash identifier: M7YNpgQDLeY/0sS67CfqPSwuOGsyZ851A0IAJrGAsZs=
Subject key identifier: E4:EE:86:FE:F9:8F:D7:57:5B:30:0D:7B:F7:DC:AF:5C:44:95:73:32
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017F7A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/897BA746A43A11F0B314E29FDAE4EC9C.roa
Signing time: Wed 08 Oct 2025 11:32:57 +0000
ROA not before: Wed 08 Oct 2025 11:32:52 +0000
ROA not after: Sat 15 Nov 2025 11:32:52 +0000
asID: 134824
IP address blocks: 45.192.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98170 (0x17f7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 8 11:32:52 2025 GMT
Not After : Nov 15 11:32:52 2025 GMT
Subject: CN=68e64be9-8977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2e:45:bd:de:51:f5:07:f5:a1:8f:30:92:74:
ff:b1:c2:17:60:79:6c:b8:61:60:60:10:91:6b:44:
0c:c9:71:21:d2:73:7c:56:50:de:e7:81:19:00:b1:
b5:b7:f3:3a:f5:ea:4f:ed:76:01:3f:27:56:2c:4b:
32:98:f8:22:e8:74:6e:ed:3a:c7:83:c8:48:08:6d:
5a:30:e4:c8:d3:b8:09:e2:23:04:38:5e:56:43:0d:
a1:c3:e4:6f:33:c0:ea:44:44:3c:e7:72:c2:f0:bf:
00:09:fe:9a:ab:df:ce:96:0e:58:f9:39:9d:15:cf:
1b:59:e8:44:c0:61:46:bc:33:fd:f5:9d:70:35:dd:
15:c6:18:ca:3b:08:8c:46:8a:e2:38:1f:be:5a:15:
f4:94:e5:d7:76:e1:5c:8b:41:0e:c5:26:db:3b:9c:
9e:5c:1c:7d:8b:18:27:2e:f9:25:04:c2:20:a1:f7:
4d:6b:27:c5:c0:29:49:4d:0e:06:7b:47:bf:46:a1:
c6:0e:a4:8b:74:ce:9f:d5:fb:81:a9:08:75:f9:87:
f5:dd:b6:57:88:6b:63:e9:af:fe:95:4e:3b:87:a9:
f4:52:ef:e7:27:8d:cb:48:d4:2e:4d:a3:3b:eb:56:
49:0d:dd:e0:2a:57:43:89:72:18:ea:5d:5d:c7:60:
0c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:EE:86:FE:F9:8F:D7:57:5B:30:0D:7B:F7:DC:AF:5C:44:95:73:32
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/897BA746A43A11F0B314E29FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.129.0/24
Signature Algorithm: sha256WithRSAEncryption
57:4a:4c:2c:fe:63:3f:3a:ea:22:7b:0f:b9:97:44:fb:84:36:
68:bc:9e:be:f6:ab:ec:ce:0c:0a:67:e6:6a:73:ed:10:c7:c0:
a1:5e:f8:37:28:3e:93:5c:69:6e:83:3f:64:ab:6e:aa:d8:4d:
66:df:41:93:33:03:c3:b3:fa:04:a6:5d:8b:02:ed:42:7d:5d:
5a:aa:11:86:01:2f:67:e2:bd:3d:a8:b6:4e:ed:16:f0:93:0b:
26:55:0f:0d:7f:e8:28:7f:6b:4a:48:ac:55:9b:98:09:35:a3:
69:4e:0a:7e:dd:f4:03:53:a4:e6:92:a1:00:61:b0:f4:0e:e2:
a2:3b:97:37:bc:59:f5:d7:19:0d:77:7e:c6:37:83:bf:4e:34:
75:11:b6:ec:97:e2:e4:e7:3c:c5:a7:d3:75:ca:9f:c2:c0:1f:
9f:9c:0d:60:5e:4d:8f:ac:64:b3:dd:16:52:e3:69:43:36:b7:
70:3d:93:e7:d5:73:9e:a5:15:9b:7f:3d:8d:45:22:b3:9d:47:
97:14:a1:15:f1:aa:3c:f2:3a:c3:d9:59:6c:0e:86:3e:0f:90:
7a:c0:5c:d0:e2:11:2b:6c:90:74:ab:c1:78:73:aa:b9:cc:1c:
ab:86:ca:de:11:c9:65:90:bd:de:18:ea:42:be:94:87:aa:92:
27:90:01:24
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX96MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDA4MTEzMjUyWhcNMjUxMTE1MTEzMjUyWjAYMRYw
FAYDVQQDEw02OGU2NGJlOS04OTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxC5Fvd5R9Qf1oY8wknT/scIXYHlsuGFgYBCRa0QMyXEh0nN8VlDe54EZ
ALG1t/M69epP7XYBPydWLEsymPgi6HRu7TrHg8hICG1aMOTI07gJ4iMEOF5WQw2h
w+RvM8DqREQ853LC8L8ACf6aq9/Olg5Y+TmdFc8bWehEwGFGvDP99Z1wNd0VxhjK
OwiMRoriOB++WhX0lOXXduFci0EOxSbbO5yeXBx9ixgnLvklBMIgofdNayfFwClJ
TQ4Ge0e/RqHGDqSLdM6f1fuBqQh1+Yf13bZXiGtj6a/+lU47h6n0Uu/nJ43LSNQu
TaM761ZJDd3gKldDiXIY6l1dx2AMSQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOTu
hv75j9dXWzANe/fcr1xElXMyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84OTdCQTc0NkE0M0ExMUYwQjMxNEUyOUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcCBMA0GCSqGSIb3DQEBCwUA
A4IBAQBXSkws/mM/Ouoiew+5l0T7hDZovJ6+9qvszgwKZ+Zqc+0Qx8ChXvg3KD6T
XGlugz9kq26q2E1m30GTMwPDs/oEpl2LAu1CfV1aqhGGAS9n4r09qLZO7Rbwkwsm
VQ8Nf+gof2tKSKxVm5gJNaNpTgp+3fQDU6TmkqEAYbD0DuKiO5c3vFn11xkNd37G
N4O/TjR1Ebbsl+Lk5zzFp9N1yp/CwB+fnA1gXk2PrGSz3RZS42lDNrdwPZPn1XOe
pRWbfz2NRSKznUeXFKEV8ao88jrD2VlsDoY+D5B6wFzQ4hErbJB0q8F4c6q5zByr
hsreEcllkL3eGOpCvpSHqpInkAEk
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:06 2025 by rpki-client