Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF720EF89AC711F089CC16DEDAE4EC9C.roa
File: AF720EF89AC711F089CC16DEDAE4EC9C.roa (raw, json)
Hash identifier: 4WftkDuo4cFpV0zdPm3yX2EoGP080hg334I8K27pOP0=
Subject key identifier: 95:EA:D3:C2:B1:30:69:FC:C8:6A:DF:4A:6A:23:A8:89:FA:39:30:36
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D7B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF720EF89AC711F089CC16DEDAE4EC9C.roa
Signing time: Fri 26 Sep 2025 10:58:08 +0000
ROA not before: Fri 26 Sep 2025 10:58:02 +0000
ROA not after: Sun 09 Nov 2025 10:58:02 +0000
asID: 63139
IP address blocks: 45.197.67.0/24 maxlen: 24
45.197.68.0/23 maxlen: 24
45.197.68.0/24 maxlen: 24
45.197.69.0/24 maxlen: 24
45.197.70.0/24 maxlen: 24
45.197.71.0/24 maxlen: 24
45.197.72.0/24 maxlen: 24
45.197.73.0/24 maxlen: 24
45.197.74.0/24 maxlen: 24
45.197.75.0/24 maxlen: 24
45.197.88.0/24 maxlen: 24
45.197.89.0/24 maxlen: 24
45.197.90.0/24 maxlen: 24
45.197.91.0/24 maxlen: 24
45.197.92.0/24 maxlen: 24
45.197.93.0/24 maxlen: 24
45.197.94.0/24 maxlen: 24
45.197.95.0/24 maxlen: 24
45.197.96.0/24 maxlen: 24
45.197.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97659 (0x17d7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 26 10:58:02 2025 GMT
Not After : Nov 9 10:58:02 2025 GMT
Subject: CN=68d671c0-8572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:eb:65:96:b1:0a:b6:66:c4:91:2c:ab:1b:59:
04:dd:8d:4c:4a:5f:a6:41:99:7c:c4:fe:4d:9c:f2:
4b:cd:db:92:cd:62:33:08:1c:27:d1:c5:ec:9c:b3:
a1:f5:cf:bd:f7:0b:ba:26:e8:5b:da:7c:b8:b5:59:
73:fc:89:2c:45:37:57:dd:88:fa:4d:a0:b3:31:1f:
01:b5:28:87:3a:c8:a2:de:5a:a2:16:0f:ed:15:b5:
77:54:36:b1:59:71:f9:34:9f:6c:4b:db:86:dd:c4:
9f:98:8d:fb:36:1f:7c:01:18:57:66:f8:85:be:57:
53:6a:f3:e8:27:9a:11:b5:7c:94:b1:cc:1c:9c:96:
40:28:0b:df:f4:80:89:f6:90:a3:df:41:15:41:f0:
cc:34:3d:80:b0:1c:35:1f:63:f0:e5:21:61:90:3d:
e8:2e:e4:c7:2f:58:a1:ab:3b:a4:2e:27:f3:7f:7e:
21:37:6d:e7:a1:a7:9c:4a:51:d8:37:a9:69:58:e6:
ce:a9:c9:dd:51:66:92:06:5f:ae:04:b8:a8:83:c9:
dd:43:b6:5e:49:c9:0e:fb:9e:48:79:fe:96:42:4a:
97:60:40:9f:be:e9:b6:46:b0:7e:1a:00:d6:59:51:
ea:79:c5:0b:78:0b:3f:68:fc:e9:e4:2b:6c:ac:4e:
e1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EA:D3:C2:B1:30:69:FC:C8:6A:DF:4A:6A:23:A8:89:FA:39:30:36
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF720EF89AC711F089CC16DEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.67.0-45.197.75.255
45.197.88.0-45.197.97.255
Signature Algorithm: sha256WithRSAEncryption
9b:d6:c8:13:58:7d:97:c0:bc:09:b8:97:37:a9:92:30:80:3b:
a7:7d:56:42:1b:90:09:de:25:0a:29:0c:b6:c6:30:af:81:e4:
a8:ad:af:da:8c:f5:d3:a6:cd:ef:61:ee:d4:ac:85:15:3d:c9:
5e:c1:ea:e3:98:1c:69:d1:04:b8:8f:2b:83:52:2f:dd:4b:3b:
1b:b1:8b:30:97:2a:32:9e:3a:fd:15:03:5f:9c:5a:4b:9e:72:
82:30:5d:de:f3:12:5f:7b:0f:cd:85:5f:21:90:ea:61:7b:c6:
b1:35:de:83:2f:3e:c4:a1:c1:91:d8:b8:69:76:e2:42:9d:4b:
25:ea:e9:4c:54:ea:91:6f:1b:e2:8e:58:c6:a0:38:eb:23:f4:
5d:3e:6a:ce:58:b2:f5:df:4a:a5:50:3f:b9:19:f1:45:88:f7:
b2:45:24:0d:fd:df:cd:5f:34:69:61:b7:13:60:a5:24:cc:43:
84:fd:0f:87:9c:b3:53:3a:1c:ab:1a:31:29:26:e7:6a:5d:54:
55:dc:d9:36:d8:9a:c1:f0:4d:bb:27:c1:89:99:cd:30:d0:ac:
cd:31:5a:9d:6d:d4:65:9c:3f:d5:6b:c1:90:a0:c2:0b:87:ac:
4f:72:78:0b:4e:3c:b5:23:b3:ef:f6:45:f0:64:e7:8a:6e:63:
da:49:57:33
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAX17MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI2MTA1ODAyWhcNMjUxMTA5MTA1ODAyWjAYMRYw
FAYDVQQDEw02OGQ2NzFjMC04NTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1utllrEKtmbEkSyrG1kE3Y1MSl+mQZl8xP5NnPJLzduSzWIzCBwn0cXs
nLOh9c+99wu6Juhb2ny4tVlz/IksRTdX3Yj6TaCzMR8BtSiHOsii3lqiFg/tFbV3
VDaxWXH5NJ9sS9uG3cSfmI37Nh98ARhXZviFvldTavPoJ5oRtXyUscwcnJZAKAvf
9ICJ9pCj30EVQfDMND2AsBw1H2Pw5SFhkD3oLuTHL1ihqzukLifzf34hN23noaec
SlHYN6lpWObOqcndUWaSBl+uBLiog8ndQ7ZeSckO+55Ief6WQkqXYECfvum2RrB+
GgDWWVHqecULeAs/aPzp5CtsrE7hAwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFJXq
08KxMGn8yGrfSmojqIn6OTA2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRjcyMEVGODlBQzcxMUYwODlDQzE2REVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAtxUMDBAItxUgwDAMEAy3F
WAMEAS3FYDANBgkqhkiG9w0BAQsFAAOCAQEAm9bIE1h9l8C8CbiXN6mSMIA7p31W
QhuQCd4lCikMtsYwr4HkqK2v2oz106bN72Hu1KyFFT3JXsHq45gcadEEuI8rg1Iv
3Us7G7GLMJcqMp46/RUDX5xaS55ygjBd3vMSX3sPzYVfIZDqYXvGsTXegy8+xKHB
kdi4aXbiQp1LJerpTFTqkW8b4o5YxqA46yP0XT5qzliy9d9KpVA/uRnxRYj3skUk
Df3fzV80aWG3E2ClJMxDhP0Ph5yzUzocqxoxKSbnal1UVdzZNtiawfBNuyfBiZnN
MNCszTFanW3UZZw/1WvBkKDCC4esT3J4C048tSOz7/ZF8GTnim5j2klXMw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:26 2025 by rpki-client