Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB331386946A11F08A5407AFDAE4EC9C.roa
File: AB331386946A11F08A5407AFDAE4EC9C.roa (raw, json)
Hash identifier: JgNbw71/iNaICP6jGV/S+t2pqoLkZBK+7V7yi6V64fM=
Subject key identifier: A3:F1:65:55:F3:BD:A0:BD:0A:B8:5E:11:63:3F:0A:52:15:85:8F:94
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017BDD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB331386946A11F08A5407AFDAE4EC9C.roa
Signing time: Thu 18 Sep 2025 08:37:11 +0000
ROA not before: Thu 18 Sep 2025 08:37:06 +0000
ROA not after: Thu 25 Dec 2025 08:37:06 +0000
asID: 142286
IP address blocks: 45.207.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 21 Sep 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97245 (0x17bdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 18 08:37:06 2025 GMT
Not After : Dec 25 08:37:06 2025 GMT
Subject: CN=68cbc4b7-fe3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:a7:e8:8a:e7:12:9d:37:de:52:d2:98:ce:03:
a5:ed:3f:d5:be:68:4b:3e:bd:93:71:40:59:da:46:
7f:0c:e1:6d:5a:c3:8d:b3:65:24:5a:ae:9f:fb:e6:
1f:02:39:2b:ba:84:4d:33:6b:4e:1d:2c:ca:f6:48:
93:0d:1f:0a:a1:7e:7f:78:e2:2a:70:35:13:b1:cf:
81:0d:24:a2:76:5f:7c:d3:69:62:b7:e2:f1:4c:dc:
6b:22:e4:6f:5c:1a:5f:87:50:1f:9d:f2:59:02:62:
f7:df:b1:fd:41:b1:d2:12:a5:7a:25:bd:fb:79:05:
0e:79:b3:e0:cf:cb:22:c3:a6:3c:35:db:15:a4:08:
7d:90:ef:ff:84:a2:fa:d0:91:37:10:cb:5b:70:b0:
03:39:6e:84:90:19:65:15:47:20:cd:ed:eb:75:11:
73:25:5b:c3:f2:2b:fd:b5:c6:8f:b8:70:44:b4:61:
ed:09:00:b9:6d:ba:fc:47:a3:40:08:5d:b5:85:17:
33:71:e8:a4:52:08:9b:90:1a:3b:40:68:bf:2b:93:
33:4e:92:7f:4e:50:ba:f8:35:5e:ca:2a:29:44:72:
03:15:7b:f8:07:3b:43:65:5f:da:50:8d:23:03:a8:
bd:4c:a1:93:e7:1b:73:e7:6c:c1:76:ca:b1:71:ee:
ca:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F1:65:55:F3:BD:A0:BD:0A:B8:5E:11:63:3F:0A:52:15:85:8F:94
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB331386946A11F08A5407AFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.64.0/18
Signature Algorithm: sha256WithRSAEncryption
68:13:16:39:d3:a9:3f:29:68:4c:14:af:c2:7f:ee:8d:22:fa:
3f:5f:c1:aa:ef:05:ad:6f:5a:27:8a:61:de:81:32:22:f8:65:
11:dd:4e:7e:d2:90:2e:df:87:94:05:ca:e1:18:e8:18:0b:54:
e0:d4:d0:fd:ed:18:de:6b:9e:e4:80:91:c7:2f:0c:12:62:53:
9b:16:00:da:ac:15:4a:ec:30:47:f9:fa:cb:e1:7e:5c:8a:c7:
76:1e:f7:ba:35:6f:d1:47:6d:2b:87:7c:81:f1:e4:1b:c1:49:
93:8a:04:0d:16:88:b2:30:a1:3b:f3:08:db:0a:06:ca:92:e3:
c2:35:c6:59:04:64:83:1f:f4:40:cb:cf:d9:0a:2c:12:a3:31:
46:24:0e:e8:8b:cb:66:6d:f1:4a:e0:9e:96:93:fc:fd:80:43:
1a:1e:00:14:5e:28:98:63:9b:2c:96:2f:fc:df:f8:2d:c8:1b:
69:79:ca:e0:c1:db:99:8c:1d:50:f2:37:38:24:a9:a8:6e:9a:
95:49:95:1c:2f:7f:b0:cf:33:38:e2:eb:c9:f1:bf:33:ce:8d:
f6:96:ea:80:6d:7a:5d:af:58:df:3c:0f:24:ed:4a:44:09:67:
b9:0f:de:07:5e:63:aa:48:85:d0:78:dc:d7:0d:9c:c7:0a:f3:
24:6c:44:f3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXvdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE4MDgzNzA2WhcNMjUxMjI1MDgzNzA2WjAYMRYw
FAYDVQQDEw02OGNiYzRiNy1mZTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9KfoiucSnTfeUtKYzgOl7T/VvmhLPr2TcUBZ2kZ/DOFtWsONs2UkWq6f
++YfAjkruoRNM2tOHSzK9kiTDR8KoX5/eOIqcDUTsc+BDSSidl9802lit+LxTNxr
IuRvXBpfh1AfnfJZAmL337H9QbHSEqV6Jb37eQUOebPgz8siw6Y8NdsVpAh9kO//
hKL60JE3EMtbcLADOW6EkBllFUcgze3rdRFzJVvD8iv9tcaPuHBEtGHtCQC5bbr8
R6NACF21hRczceikUgibkBo7QGi/K5MzTpJ/TlC6+DVeyiopRHIDFXv4BztDZV/a
UI0jA6i9TKGT5xtz52zBdsqxce7KawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKPx
ZVXzvaC9CrheEWM/ClIVhY+UMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQjMzMTM4Njk0NkExMUYwOEE1NDA3QUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGLc9AMA0GCSqGSIb3DQEBCwUA
A4IBAQBoExY506k/KWhMFK/Cf+6NIvo/X8Gq7wWtb1onimHegTIi+GUR3U5+0pAu
34eUBcrhGOgYC1Tg1ND97Rjea57kgJHHLwwSYlObFgDarBVK7DBH+frL4X5cisd2
Hve6NW/RR20rh3yB8eQbwUmTigQNFoiyMKE78wjbCgbKkuPCNcZZBGSDH/RAy8/Z
CiwSozFGJA7oi8tmbfFK4J6Wk/z9gEMaHgAUXiiYY5ssli/83/gtyBtpecrgwduZ
jB1Q8jc4JKmobpqVSZUcL3+wzzM44uvJ8b8zzo32luqAbXpdr1jfPA8k7UpECWe5
D94HXmOqSIXQeNzXDZzHCvMkbETz
-----END CERTIFICATE-----
Generated at Fri Sep 19 08:06:37 2025 by rpki-client