Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD3BF8CE83BA11F0AF98D092DAE4EC9C.roa
File: BD3BF8CE83BA11F0AF98D092DAE4EC9C.roa (raw, json)
Hash identifier: ZOo91rPSWJVm3zLjXYTaoRJjjZftyBKTZyziR4d9juM=
Subject key identifier: 8C:DD:2D:4D:91:4D:CB:60:9E:7E:E8:74:F6:2C:0C:E1:DC:74:F8:91
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017239
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD3BF8CE83BA11F0AF98D092DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 02:57:31 +0000
ROA not before: Thu 28 Aug 2025 02:57:26 +0000
ROA not after: Sun 23 Aug 2026 02:57:26 +0000
asID: 13335
IP address blocks: 45.192.222.0/24 maxlen: 24
45.192.223.0/24 maxlen: 24
45.192.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94777 (0x17239)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 28 02:57:26 2025 GMT
Not After : Aug 23 02:57:26 2026 GMT
Subject: CN=68afc59b-8f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:e0:80:da:8e:1e:ef:1b:6d:9d:41:85:97:d1:
e3:af:13:34:7c:a9:3d:8a:21:ec:0f:23:c7:23:55:
7c:7f:6e:c6:1c:5b:f8:fb:af:38:10:46:5e:71:e2:
5d:53:22:10:85:b4:44:9a:8b:4e:34:3e:e0:e0:e1:
42:98:1d:3d:76:81:07:bb:8c:2a:e5:05:11:20:80:
df:87:7c:86:f2:33:07:2e:20:95:82:17:ce:de:4d:
b3:62:f7:55:30:fa:8b:3a:cd:94:6d:ad:10:ad:46:
74:7c:85:9b:c1:ba:b8:3e:a3:c4:f0:84:b1:ec:32:
42:3a:1f:30:44:db:61:bd:11:e0:8a:1c:96:d9:4e:
a0:c5:93:33:5d:d6:78:f1:57:28:44:73:75:48:8d:
34:42:08:11:0a:88:c0:08:48:25:55:5d:aa:6e:26:
b4:9f:50:03:60:38:56:a5:ce:29:6c:1c:b7:1b:73:
fc:33:84:6e:a3:d8:60:eb:2d:92:8f:d6:94:30:9d:
35:3f:d1:b8:66:af:e1:68:e1:8c:51:c9:9e:1c:6e:
ae:76:3a:af:25:d9:26:df:5f:7a:a2:cf:4a:9f:96:
2a:a5:b1:1c:14:de:ed:47:33:ee:6a:92:6a:be:51:
a5:f6:b0:9b:00:82:78:3c:be:61:2b:88:28:56:cb:
fe:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:DD:2D:4D:91:4D:CB:60:9E:7E:E8:74:F6:2C:0C:E1:DC:74:F8:91
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD3BF8CE83BA11F0AF98D092DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.222.0-45.192.224.255
Signature Algorithm: sha256WithRSAEncryption
2d:87:b9:4c:66:41:05:e1:9b:d9:7a:11:d0:19:f1:d9:64:04:
01:40:cf:dd:65:82:f1:4e:87:de:65:44:a2:9c:99:da:a3:88:
6e:d6:8b:90:ca:de:f7:48:3f:78:5e:3b:d2:47:ca:d8:56:f0:
3e:a4:75:e1:59:11:61:27:a1:e5:11:2e:d1:7e:65:fb:e0:3f:
a8:39:b9:6e:69:45:75:40:9d:d5:b5:9a:e8:d1:50:ae:d0:31:
89:75:37:b7:7a:36:9a:c9:7d:89:37:f5:f2:f1:cc:3b:76:cc:
84:4c:65:b2:8f:e4:3e:15:46:ef:36:7d:27:37:86:ba:ea:60:
8c:fe:15:f8:d1:ef:f8:e9:7b:f9:49:9e:05:39:5a:40:29:16:
17:b9:30:34:bb:de:c8:3b:a9:99:24:50:75:7e:e5:d2:fc:45:
5f:7c:3b:89:c9:c6:d5:2d:47:b8:30:cb:4b:6f:eb:4a:78:53:
ba:27:4f:e1:4b:7b:d8:08:1a:f4:76:f8:1b:60:83:08:82:46:
6e:14:a4:ce:51:16:32:eb:68:6e:7a:53:e7:57:8e:68:f3:aa:
83:85:34:50:0b:5b:41:17:d7:2d:10:cf:88:c3:43:0a:a9:c1:
a4:c7:d3:0e:cb:e5:f9:72:20:53:b3:f4:e3:ed:31:e1:20:58:
33:66:ce:4f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAXI5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODI4MDI1NzI2WhcNMjYwODIzMDI1NzI2WjAYMRYw
FAYDVQQDEw02OGFmYzU5Yi04ZjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+eCA2o4e7xttnUGFl9HjrxM0fKk9iiHsDyPHI1V8f27GHFv4+684EEZe
ceJdUyIQhbREmotOND7g4OFCmB09doEHu4wq5QURIIDfh3yG8jMHLiCVghfO3k2z
YvdVMPqLOs2Uba0QrUZ0fIWbwbq4PqPE8ISx7DJCOh8wRNthvRHgihyW2U6gxZMz
XdZ48VcoRHN1SI00QggRCojACEglVV2qbia0n1ADYDhWpc4pbBy3G3P8M4Ruo9hg
6y2Sj9aUMJ01P9G4Zq/haOGMUcmeHG6udjqvJdkm3196os9Kn5YqpbEcFN7tRzPu
apJqvlGl9rCbAIJ4PL5hK4goVsv+VwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIzd
LU2RTctgnn7odPYsDOHcdPiRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRDNCRjhDRTgzQkExMUYwQUY5OEQwOTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEtwN4DBAAtwOAwDQYJKoZI
hvcNAQELBQADggEBAC2HuUxmQQXhm9l6EdAZ8dlkBAFAz91lgvFOh95lRKKcmdqj
iG7Wi5DK3vdIP3heO9JHythW8D6kdeFZEWEnoeURLtF+ZfvgP6g5uW5pRXVAndW1
mujRUK7QMYl1N7d6NprJfYk39fLxzDt2zIRMZbKP5D4VRu82fSc3hrrqYIz+FfjR
7/jpe/lJngU5WkApFhe5MDS73sg7qZkkUHV+5dL8RV98O4nJxtUtR7gwy0tv60p4
U7onT+FLe9gIGvR2+BtggwiCRm4UpM5RFjLraG56U+dXjmjzqoOFNFALW0EX1y0Q
z4jDQwqpwaTH0w7L5flyIFOz9OPtMeEgWDNmzk8=
-----END CERTIFICATE-----
Generated at Wed Sep 3 13:51:07 2025 by rpki-client