Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2C85CEC889B11F0BEBE81E8DAE4EC9C.roa
File: D2C85CEC889B11F0BEBE81E8DAE4EC9C.roa (raw, json)
Hash identifier: go1NexDFsKtsluUXGwvKWCyOFG1jpmAX6ludJ17cmDo=
Subject key identifier: DD:36:E3:08:2D:90:96:4C:C8:E4:EE:73:F4:84:28:48:ED:89:23:30
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017758
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2C85CEC889B11F0BEBE81E8DAE4EC9C.roa
Signing time: Wed 03 Sep 2025 07:58:49 +0000
ROA not before: Wed 03 Sep 2025 07:58:44 +0000
ROA not after: Sun 05 Oct 2025 07:58:44 +0000
asID: 20326
IP address blocks: 45.202.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 06 Sep 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96088 (0x17758)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 3 07:58:44 2025 GMT
Not After : Oct 5 07:58:44 2025 GMT
Subject: CN=68b7f539-1099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f2:bf:7c:1d:0d:d7:6d:9f:8f:5e:d6:9c:fd:
22:0d:9f:eb:3c:b4:02:27:23:06:c1:ba:a6:84:17:
d7:bc:84:0a:da:14:d5:2c:a7:d1:70:ce:47:c6:e7:
ec:8c:84:d5:fe:d1:8a:79:4f:bb:26:c0:80:b0:83:
ae:98:d6:e4:07:d7:0f:6d:b1:97:93:ae:d1:40:d5:
45:b9:f3:a3:4c:4b:d5:cb:61:cf:ab:be:07:50:d0:
a2:62:58:60:17:8e:08:cb:d0:1b:0d:06:e1:d0:11:
ba:94:8b:2e:47:1f:46:a6:39:02:da:2b:69:e6:7d:
63:f0:76:b7:bc:54:7f:57:a4:b2:42:8b:ac:2d:7f:
98:e5:c3:a4:03:7e:65:31:da:ae:fc:8f:88:63:8f:
bb:7b:3c:68:62:73:d4:7d:56:08:2f:ca:bf:7c:89:
17:4e:5f:dd:fb:16:f2:ee:10:97:94:46:e6:29:31:
78:50:06:97:4a:60:72:37:e3:9e:87:57:55:2e:70:
77:aa:af:20:90:6d:2f:e8:88:56:8a:d0:dc:96:c3:
16:74:b1:88:a2:34:4f:7a:fd:c6:13:e4:20:5c:8a:
80:84:43:ca:f0:74:c9:ae:32:40:07:cb:54:0c:d8:
a9:49:3e:ff:e2:c9:fc:f3:a2:8d:37:e7:ff:2b:09:
31:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:36:E3:08:2D:90:96:4C:C8:E4:EE:73:F4:84:28:48:ED:89:23:30
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2C85CEC889B11F0BEBE81E8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.102.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:f1:30:fa:ee:9e:2d:bb:95:72:dc:c6:38:2e:5d:dc:d0:e2:
96:0a:c4:66:65:49:18:98:db:19:d7:80:26:10:be:41:75:48:
1c:4d:fb:2c:d4:e4:66:db:ec:4c:3d:af:30:ec:6d:ec:8f:0b:
ac:5a:bf:e4:4a:b8:67:65:c2:85:58:e0:d1:39:1a:5c:74:09:
4c:4b:c7:d9:a0:ad:90:b2:2a:25:43:e1:60:40:45:f0:eb:0d:
a4:47:d6:d2:fe:a0:88:75:58:03:ae:b4:4d:b2:99:f2:52:6c:
2a:c7:b0:c8:28:a0:96:dd:56:45:2d:a0:64:2e:cb:40:25:68:
e6:10:5e:0d:a4:b8:62:a7:1c:2e:12:82:b0:7e:94:3d:3b:5c:
ef:3b:87:8f:b4:a9:f2:f2:7b:7c:85:43:c1:06:27:cf:31:0d:
c3:b2:61:ac:80:db:3e:42:66:a9:de:8e:ae:50:a0:a5:01:1e:
36:cf:f6:5d:bb:30:78:ac:d0:ae:98:42:86:63:eb:a7:c8:ec:
74:20:d1:ea:55:ea:94:80:7e:18:47:65:e0:2b:a9:27:18:d4:
22:49:b8:c9:99:8f:91:8e:4a:8e:e1:86:3e:54:14:d2:a6:1d:
96:7b:86:d3:bb:b6:96:f5:e1:20:ed:86:d1:57:f8:62:fd:89:
24:c9:34:f0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXdYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTAzMDc1ODQ0WhcNMjUxMDA1MDc1ODQ0WjAYMRYw
FAYDVQQDEw02OGI3ZjUzOS0xMDk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyvK/fB0N122fj17WnP0iDZ/rPLQCJyMGwbqmhBfXvIQK2hTVLKfRcM5H
xufsjITV/tGKeU+7JsCAsIOumNbkB9cPbbGXk67RQNVFufOjTEvVy2HPq74HUNCi
YlhgF44Iy9AbDQbh0BG6lIsuRx9GpjkC2itp5n1j8Ha3vFR/V6SyQousLX+Y5cOk
A35lMdqu/I+IY4+7ezxoYnPUfVYIL8q/fIkXTl/d+xby7hCXlEbmKTF4UAaXSmBy
N+Oeh1dVLnB3qq8gkG0v6IhWitDclsMWdLGIojRPev3GE+QgXIqAhEPK8HTJrjJA
B8tUDNipST7/4sn886KNN+f/Kwkx4QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN02
4wgtkJZMyOTuc/SEKEjtiSMwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMkM4NUNFQzg4OUIxMUYwQkVCRTgxRThEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcpmMA0GCSqGSIb3DQEBCwUA
A4IBAQCf8TD67p4tu5Vy3MY4Ll3c0OKWCsRmZUkYmNsZ14AmEL5BdUgcTfss1ORm
2+xMPa8w7G3sjwusWr/kSrhnZcKFWODRORpcdAlMS8fZoK2QsiolQ+FgQEXw6w2k
R9bS/qCIdVgDrrRNspnyUmwqx7DIKKCW3VZFLaBkLstAJWjmEF4NpLhipxwuEoKw
fpQ9O1zvO4ePtKny8nt8hUPBBifPMQ3DsmGsgNs+Qmap3o6uUKClAR42z/ZduzB4
rNCumEKGY+unyOx0INHqVeqUgH4YR2XgK6knGNQiSbjJmY+RjkqO4YY+VBTSph2W
e4bTu7aW9eEg7YbRV/hi/YkkyTTw
-----END CERTIFICATE-----
Generated at Thu Sep 4 05:09:15 2025 by rpki-client