Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D89E0A0AA35711F0A93CF5E3DAE4EC9C.roa
File: D89E0A0AA35711F0A93CF5E3DAE4EC9C.roa (raw, json)
Hash identifier: wl70HsPTtwwxOB6E6FsQMwzOmWVKeXNG6vQskLfDiPM=
Subject key identifier: 86:25:2A:C3:CE:96:1E:5F:0D:9B:C8:27:19:EA:AC:D4:18:9D:13:3E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017F32
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D89E0A0AA35711F0A93CF5E3DAE4EC9C.roa
Signing time: Tue 07 Oct 2025 08:30:14 +0000
ROA not before: Tue 07 Oct 2025 08:30:05 +0000
ROA not after: Sun 16 Nov 2025 08:30:05 +0000
asID: 142032
IP address blocks: 45.192.96.0/20 maxlen: 24
45.192.96.0/21 maxlen: 24
45.192.96.0/22 maxlen: 24
45.192.100.0/22 maxlen: 24
45.192.104.0/21 maxlen: 24
45.192.104.0/22 maxlen: 24
45.192.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98098 (0x17f32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 7 08:30:05 2025 GMT
Not After : Nov 16 08:30:05 2025 GMT
Subject: CN=68e4cf96-7faf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:80:1e:4c:60:04:9b:f7:d0:80:14:34:5f:f6:
87:60:f1:ac:22:a2:4c:c9:23:8c:ef:a7:61:7e:ff:
6a:6f:99:c5:58:a6:78:61:6d:68:6e:69:e9:b7:f0:
a3:cf:e7:c1:47:93:70:17:79:29:c5:c7:1d:e5:49:
ac:f9:f2:3b:a0:ab:e9:2c:79:3b:11:97:67:e8:e6:
ef:19:d7:47:49:6b:4a:bd:19:c8:95:fe:47:a7:5e:
f1:d5:22:9d:36:ca:42:cc:41:9f:e9:0a:c1:40:9f:
68:11:00:9c:78:f9:d3:f4:eb:e3:31:02:16:78:8f:
54:48:83:13:a3:1a:62:ea:c3:ad:0f:1c:01:c4:f7:
d6:9e:c9:46:85:43:14:b6:93:f8:f8:ea:3d:f1:e8:
34:80:7e:52:50:0c:13:f9:19:bb:50:f8:38:87:b7:
02:a3:6f:26:9b:c8:df:01:41:ef:c6:38:33:4c:de:
ec:85:76:8d:0a:6a:8c:e0:22:3d:4a:cf:c5:04:51:
54:07:ba:6f:0a:b9:b2:ee:1a:9b:65:45:1d:7c:cc:
d7:39:d7:43:bc:19:2c:c0:ae:10:49:73:6f:32:d2:
cb:a5:70:5f:8e:bc:72:0e:b3:c4:02:18:01:0c:67:
7b:19:a1:41:dd:27:b5:0f:99:c7:2a:f0:43:62:87:
69:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:25:2A:C3:CE:96:1E:5F:0D:9B:C8:27:19:EA:AC:D4:18:9D:13:3E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D89E0A0AA35711F0A93CF5E3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/20
Signature Algorithm: sha256WithRSAEncryption
b8:4f:bd:52:89:0f:f2:21:62:04:09:54:e2:d1:db:0c:c3:c1:
0d:c2:ce:d8:31:ea:69:ae:23:3f:93:d0:a5:0f:1f:62:7d:ab:
50:85:ec:ed:dd:94:e3:15:7a:21:61:53:21:0a:61:fc:ed:d5:
ab:ac:8b:4d:60:e5:11:2e:cd:50:d3:ac:21:99:7e:d6:b8:59:
10:ba:76:64:c7:48:34:ef:80:5b:e7:ec:ca:51:b1:48:ad:91:
e4:64:d8:f4:4b:78:19:0f:89:14:06:eb:ff:a7:5c:df:50:e9:
e1:f1:11:8c:ce:cb:ac:5e:21:3f:85:55:79:be:83:e2:1b:f5:
fe:2d:ea:a5:5d:29:79:21:dd:a9:f5:80:f0:13:8b:6c:65:2b:
15:e0:1d:d1:7d:2c:67:f3:22:5d:89:81:31:3d:6b:5e:71:ba:
20:48:73:ab:44:8c:37:7f:11:f4:bf:78:8d:3d:b8:e4:50:c2:
45:d9:3f:b7:2d:7e:ff:e0:26:60:f3:08:d6:9d:dc:4a:49:11:
b2:db:7a:56:92:ce:6f:73:24:ed:c1:ca:a5:0d:16:35:ae:5d:
b9:58:f3:59:c9:75:dc:ef:96:48:11:71:67:20:e9:f5:0f:fa:
c8:57:c6:02:2d:27:53:e3:33:4f:54:0f:13:c6:d2:b2:ae:ef:
09:bc:e4:df
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX8yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDA3MDgzMDA1WhcNMjUxMTE2MDgzMDA1WjAYMRYw
FAYDVQQDEw02OGU0Y2Y5Ni03ZmFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3IAeTGAEm/fQgBQ0X/aHYPGsIqJMySOM76dhfv9qb5nFWKZ4YW1obmnp
t/Cjz+fBR5NwF3kpxccd5Ums+fI7oKvpLHk7EZdn6ObvGddHSWtKvRnIlf5Hp17x
1SKdNspCzEGf6QrBQJ9oEQCcePnT9OvjMQIWeI9USIMToxpi6sOtDxwBxPfWnslG
hUMUtpP4+Oo98eg0gH5SUAwT+Rm7UPg4h7cCo28mm8jfAUHvxjgzTN7shXaNCmqM
4CI9Ss/FBFFUB7pvCrmy7hqbZUUdfMzXOddDvBkswK4QSXNvMtLLpXBfjrxyDrPE
AhgBDGd7GaFB3Se1D5nHKvBDYodpXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIYl
KsPOlh5fDZvIJxnqrNQYnRM+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EODlFMEEwQUEzNTcxMUYwQTkzQ0Y1RTNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcBgMA0GCSqGSIb3DQEBCwUA
A4IBAQC4T71SiQ/yIWIECVTi0dsMw8ENws7YMeppriM/k9ClDx9ifatQhezt3ZTj
FXohYVMhCmH87dWrrItNYOURLs1Q06whmX7WuFkQunZkx0g074Bb5+zKUbFIrZHk
ZNj0S3gZD4kUBuv/p1zfUOnh8RGMzsusXiE/hVV5voPiG/X+LeqlXSl5Id2p9YDw
E4tsZSsV4B3RfSxn8yJdiYExPWtecbogSHOrRIw3fxH0v3iNPbjkUMJF2T+3LX7/
4CZg8wjWndxKSRGy23pWks5vcyTtwcqlDRY1rl25WPNZyXXc75ZIEXFnIOn1D/rI
V8YCLSdT4zNPVA8TxtKyru8JvOTf
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:50:57 2025 by rpki-client