Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4E51794842F11F0BB167994DAE4EC9C.roa
File: B4E51794842F11F0BB167994DAE4EC9C.roa (raw, json)
Hash identifier: sUFKC0on7XvYjn+uo3CO0VAaZ4df+2qqxyojlkxiOeo=
Subject key identifier: 10:DE:CE:8F:A7:73:C9:05:8A:94:A6:F6:D4:8C:01:AD:93:D9:E1:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0172CA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4E51794842F11F0BB167994DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 16:54:48 +0000
ROA not before: Thu 28 Aug 2025 16:54:44 +0000
ROA not after: Sat 04 Oct 2025 16:54:44 +0000
asID: 401434
IP address blocks: 45.196.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94922 (0x172ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 28 16:54:44 2025 GMT
Not After : Oct 4 16:54:44 2025 GMT
Subject: CN=68b089d8-3669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e6:4a:f0:90:b2:a6:60:3d:6f:e1:94:a1:53:
c5:f4:03:74:f5:d0:1d:ac:6c:d3:28:c7:25:d9:fe:
34:2e:0d:7e:69:63:8e:e8:1c:f1:4b:03:11:19:c9:
24:22:6f:67:72:fc:85:b2:cd:fe:54:ac:a7:56:b2:
29:79:e0:74:96:ec:17:25:f8:c2:20:35:ae:db:17:
f5:96:1f:38:68:42:40:ef:2f:1e:d9:b6:e6:2f:87:
70:28:2c:fe:fc:40:32:db:99:71:05:cf:b5:9b:75:
d0:6b:bc:0c:f7:4a:02:90:2e:40:a1:59:0a:bd:40:
b4:0c:59:32:f1:78:9e:19:f6:74:bf:bf:bf:bf:3d:
7d:74:dc:7d:2f:27:5c:c9:c7:69:19:27:1a:fc:63:
8b:2f:3b:ef:1c:99:27:ef:d6:18:9f:ce:20:3a:52:
43:43:22:37:f4:78:27:0a:00:1a:84:ec:f7:f5:32:
ef:d2:7a:eb:4d:a8:2c:69:a6:59:15:85:71:6b:3f:
96:25:9d:93:6b:d7:96:e3:76:61:e8:78:a1:db:b8:
05:10:f7:73:44:9e:37:cf:7b:80:10:10:13:26:c9:
eb:1e:24:b8:b8:c6:15:30:79:8b:b3:66:54:21:67:
70:9a:26:e4:3c:08:64:d4:ab:a3:a5:71:df:c4:f3:
71:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:DE:CE:8F:A7:73:C9:05:8A:94:A6:F6:D4:8C:01:AD:93:D9:E1:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4E51794842F11F0BB167994DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.216.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:cd:42:3e:3c:ba:b5:fe:5a:bd:7a:c5:be:38:f3:d0:5e:41:
8d:b2:cf:8c:c5:57:9e:6e:a7:a3:98:4b:0c:09:d7:05:3d:b2:
f4:e0:bd:d4:4d:0b:3d:e0:d9:8a:a0:6c:1f:ba:8b:88:cd:93:
fb:ff:d2:a8:03:57:43:aa:15:22:44:dc:a3:49:aa:29:fe:ae:
de:17:36:e5:79:6f:a6:42:74:69:0f:77:69:a3:d4:21:78:21:
50:da:b7:5b:f8:5a:2a:b2:c3:d6:2d:76:08:50:d9:1f:97:49:
b6:d5:2f:85:19:8d:15:3c:73:d5:13:57:e2:13:df:a5:0f:5e:
24:e1:6c:ed:95:09:dc:fe:51:88:ea:6e:23:1d:cb:25:dc:12:
f0:1a:b1:9b:8a:59:0f:29:29:cd:19:e7:c9:1b:a9:dd:cf:3c:
93:1e:f8:bc:3f:75:97:d0:18:b0:32:8b:25:ee:d7:f5:90:77:
5a:91:ab:94:b3:6f:9e:8a:8d:ef:a4:d4:7b:ed:91:9e:a3:12:
e0:18:5e:e1:90:53:bb:58:69:e0:25:e5:1f:c7:b6:20:91:8a:
17:1c:0f:95:4e:d1:67:d1:c1:e4:39:c0:e4:9d:d9:71:ed:1b:
6a:24:01:98:28:3d:47:08:53:55:27:07:59:92:cb:f6:59:d4:
30:84:77:f6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXLKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODI4MTY1NDQ0WhcNMjUxMDA0MTY1NDQ0WjAYMRYw
FAYDVQQDEw02OGIwODlkOC0zNjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAueZK8JCypmA9b+GUoVPF9AN09dAdrGzTKMcl2f40Lg1+aWOO6BzxSwMR
GckkIm9ncvyFss3+VKynVrIpeeB0luwXJfjCIDWu2xf1lh84aEJA7y8e2bbmL4dw
KCz+/EAy25lxBc+1m3XQa7wM90oCkC5AoVkKvUC0DFky8XieGfZ0v7+/vz19dNx9
LydcycdpGSca/GOLLzvvHJkn79YYn84gOlJDQyI39HgnCgAahOz39TLv0nrrTags
aaZZFYVxaz+WJZ2Ta9eW43Zh6Hih27gFEPdzRJ43z3uAEBATJsnrHiS4uMYVMHmL
s2ZUIWdwmibkPAhk1KujpXHfxPNx/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBDe
zo+nc8kFipSm9tSMAa2T2eHTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNEU1MTc5NDg0MkYxMUYwQkIxNjc5OTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcTYMA0GCSqGSIb3DQEBCwUA
A4IBAQCkzUI+PLq1/lq9esW+OPPQXkGNss+MxVeebqejmEsMCdcFPbL04L3UTQs9
4NmKoGwfuouIzZP7/9KoA1dDqhUiRNyjSaop/q7eFzbleW+mQnRpD3dpo9QheCFQ
2rdb+FoqssPWLXYIUNkfl0m21S+FGY0VPHPVE1fiE9+lD14k4WztlQnc/lGI6m4j
Hcsl3BLwGrGbilkPKSnNGefJG6ndzzyTHvi8P3WX0BiwMosl7tf1kHdakauUs2+e
io3vpNR77ZGeoxLgGF7hkFO7WGngJeUfx7YgkYoXHA+VTtFn0cHkOcDkndlx7Rtq
JAGYKD1HCFNVJwdZksv2WdQwhHf2
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:20:48 2025 by rpki-client