Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BF2371C8E2111F0A7C6DA7CDAE4EC9C.roa
File: 8BF2371C8E2111F0A7C6DA7CDAE4EC9C.roa (raw, json)
Hash identifier: Xewx4U8hfbzttnSm5i7DBnyIihDenhLSlfv2U/HXHz0=
Subject key identifier: 4E:72:5E:74:65:AB:2D:9F:39:D8:4B:76:A3:D2:07:3A:97:7A:10:C4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017A56
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BF2371C8E2111F0A7C6DA7CDAE4EC9C.roa
Signing time: Wed 10 Sep 2025 08:38:39 +0000
ROA not before: Wed 10 Sep 2025 08:38:32 +0000
ROA not after: Mon 20 Oct 2025 08:38:32 +0000
asID: 61112
IP address blocks: 45.196.233.0/24 maxlen: 24
45.196.234.0/23 maxlen: 24
45.196.235.0/24 maxlen: 24
45.196.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Oct 2025 08:38:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96854 (0x17a56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 10 08:38:32 2025 GMT
Not After : Oct 20 08:38:32 2025 GMT
Subject: CN=68c1390e-d399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a8:5c:70:e4:8a:f6:de:3e:20:31:38:e6:62:
90:7c:6a:a5:6f:4a:9a:7b:e0:b1:28:04:e5:2f:9c:
c8:cb:7f:08:cf:0a:0d:e9:b7:b5:26:42:96:54:d0:
f0:72:a1:2e:3e:f1:64:6a:81:79:37:93:82:b8:80:
32:bf:3d:ae:7a:21:4b:69:14:6e:1e:99:07:b1:2d:
b6:42:11:60:2f:a1:75:51:7e:91:22:8e:60:70:54:
a2:bd:bd:78:6c:79:d1:c7:c3:75:39:24:1b:e5:2b:
e6:0a:bb:22:72:6c:a8:a0:89:38:8b:96:42:4b:8e:
d5:20:87:d7:f8:cc:3a:b1:cc:4a:c6:8b:5c:3f:36:
22:c2:91:aa:a0:91:7e:2f:f3:33:80:de:e7:6c:e9:
62:eb:c5:94:6f:31:bf:2d:c7:d9:48:8d:e3:11:ed:
2b:2c:bc:31:e1:65:38:38:c4:59:c5:19:69:90:bf:
d2:95:6f:bd:ea:de:4d:21:af:54:cf:f5:52:35:15:
71:de:28:29:28:49:7d:9c:32:a3:0d:40:d2:d8:05:
d1:b1:8b:d7:10:f4:ea:72:d9:e8:bb:80:fe:32:e2:
23:c4:b8:1c:30:80:55:5c:db:ef:54:0b:23:4d:7e:
1b:b8:6b:1a:f9:b0:7a:cc:da:7b:b0:48:e8:d2:92:
f0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:72:5E:74:65:AB:2D:9F:39:D8:4B:76:A3:D2:07:3A:97:7A:10:C4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BF2371C8E2111F0A7C6DA7CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.233.0-45.196.235.255
45.196.240.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:2a:34:cf:d4:f0:14:24:bb:57:01:16:4b:98:33:f6:2b:2b:
5e:47:cc:8d:84:27:14:f9:eb:43:ff:aa:b1:39:d7:45:b4:6b:
5c:c9:78:4b:da:6c:42:21:82:89:5d:09:cb:1f:4b:22:e6:77:
bc:56:88:39:af:ea:87:cf:b0:4b:49:56:25:37:0c:6c:87:18:
8f:c0:d4:e4:ef:77:4d:13:20:b0:35:79:2e:f8:dd:25:bd:01:
da:25:ab:b1:75:2e:e5:b2:af:7f:d5:26:4a:52:03:97:5c:6a:
17:08:09:01:f7:3e:3c:96:eb:f3:3b:af:ee:d6:10:4e:70:2d:
bd:59:89:14:5f:f4:ac:38:75:4a:ca:99:e8:b9:32:94:50:53:
b7:88:89:ca:5c:ae:10:cb:03:9a:0b:06:ab:42:a5:65:84:e8:
1d:c7:46:6c:5a:b6:fb:b7:2f:df:5c:e6:60:b0:eb:47:bf:f6:
63:da:04:00:7e:de:c3:6c:8a:af:ec:df:36:6a:63:8c:53:03:
08:a1:56:fe:10:af:cd:b4:91:5d:33:74:d9:c5:6d:76:b8:3b:
65:00:df:d0:28:1a:b3:70:e2:2c:9a:66:de:7c:7c:59:3d:48:
02:39:57:ba:05:11:fc:bd:e8:7d:d2:4e:5e:72:62:ea:f5:a6:
58:b6:e5:cd
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAXpWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTEwMDgzODMyWhcNMjUxMDIwMDgzODMyWjAYMRYw
FAYDVQQDEw02OGMxMzkwZS1kMzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsKhccOSK9t4+IDE45mKQfGqlb0qae+CxKATlL5zIy38IzwoN6be1JkKW
VNDwcqEuPvFkaoF5N5OCuIAyvz2ueiFLaRRuHpkHsS22QhFgL6F1UX6RIo5gcFSi
vb14bHnRx8N1OSQb5SvmCrsicmyooIk4i5ZCS47VIIfX+Mw6scxKxotcPzYiwpGq
oJF+L/MzgN7nbOli68WUbzG/LcfZSI3jEe0rLLwx4WU4OMRZxRlpkL/SlW+96t5N
Ia9Uz/VSNRVx3igpKEl9nDKjDUDS2AXRsYvXEPTqctnou4D+MuIjxLgcMIBVXNvv
VAsjTX4buGsa+bB6zNp7sEjo0pLweQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFE5y
XnRlqy2fOdhLdqPSBzqXehDEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QkYyMzcxQzhFMjExMUYwQTdDNkRBN0NEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtxOkDBAItxOgDBAAtxPAw
DQYJKoZIhvcNAQELBQADggEBAE0qNM/U8BQku1cBFkuYM/YrK15HzI2EJxT560P/
qrE510W0a1zJeEvabEIhgoldCcsfSyLmd7xWiDmv6ofPsEtJViU3DGyHGI/A1OTv
d00TILA1eS743SW9Adolq7F1LuWyr3/VJkpSA5dcahcICQH3PjyW6/M7r+7WEE5w
Lb1ZiRRf9Kw4dUrKmei5MpRQU7eIicpcrhDLA5oLBqtCpWWE6B3HRmxatvu3L99c
5mCw60e/9mPaBAB+3sNsiq/s3zZqY4xTAwihVv4Qr820kV0zdNnFbXa4O2UA39Ao
GrNw4iyaZt58fFk9SAI5V7oFEfy96H3STl5yYur1pli25c0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:41 2025 by rpki-client