Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B5EE7/01510A006B9111F0AF55F681DAE4EC9C/38D8D2366B9211F095FD868ADAE4EC9C.roa
File: 38D8D2366B9211F095FD868ADAE4EC9C.roa (raw, json)
Hash identifier: QAj9ZVXFClZ+xgA1S3DzLLKJ/tdZw+gURdKUv7+f/hc=
Subject key identifier: 8C:E0:97:27:DF:DF:8A:97:D0:47:73:F0:CB:A3:FB:21:19:81:F4:B8
Certificate issuer: /CN=F36B5EE7AR/serialNumber=675CBA4B50BD5CE898472D554F17049CBDEC0439
Certificate serial: 02
Authority key identifier: 67:5C:BA:4B:50:BD:5C:E8:98:47:2D:55:4F:17:04:9C:BD:EC:04:39
Authority info access: rsync://rpki.afrinic.net/repository/arin/Z1y6S1C9XOiYRy1VTxcEnL3sBDk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B5EE7/01510A006B9111F0AF55F681DAE4EC9C/38D8D2366B9211F095FD868ADAE4EC9C.roa
Signing time: Mon 28 Jul 2025 09:07:01 +0000
ROA not before: Mon 28 Jul 2025 09:06:34 +0000
ROA not after: Sat 28 Jul 2035 09:06:34 +0000
asID: 327794
IP address blocks: 45.221.80.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B5EE7/01510A006B9111F0AF55F681DAE4EC9C/Z1y6S1C9XOiYRy1VTxcEnL3sBDk.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B5EE7/01510A006B9111F0AF55F681DAE4EC9C/Z1y6S1C9XOiYRy1VTxcEnL3sBDk.mft
rsync://rpki.afrinic.net/repository/arin/Z1y6S1C9XOiYRy1VTxcEnL3sBDk.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 04 Aug 2025 00:26:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B5EE7AR, serialNumber=675CBA4B50BD5CE898472D554F17049CBDEC0439
Validity
Not Before: Jul 28 09:06:34 2025 GMT
Not After : Jul 28 09:06:34 2035 GMT
Subject: CN=68873db5-0246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f1:0c:81:c2:18:5b:30:76:cf:bb:87:66:6c:
9b:f4:ca:c4:43:60:9f:e4:d9:a8:1b:31:4a:74:84:
43:70:e7:92:a1:48:6d:02:b4:9a:2e:8a:cc:e0:ab:
8a:00:78:06:87:a6:34:2a:62:3d:0f:03:ff:b0:8d:
de:c4:41:f7:6a:11:e7:9b:e4:bc:96:59:5e:f3:b7:
06:3e:c6:9a:21:19:0f:51:49:9d:94:8c:61:28:14:
1d:b1:24:e6:78:2f:15:d4:03:c0:9f:a1:65:ef:a6:
44:5b:12:ed:d9:e2:dd:7e:c9:01:75:5f:79:2a:4a:
e3:5a:eb:db:82:ce:35:15:6c:b2:b2:54:d9:5e:d9:
22:b7:f9:4e:b2:dc:8d:a7:43:1a:6f:b4:be:2b:72:
7d:9e:5b:6b:d8:b9:92:0e:9c:17:7a:c4:9d:8e:0b:
4a:0f:df:05:1c:af:9c:0d:09:6f:95:ff:e9:14:7a:
58:8e:39:d6:b0:b1:83:5f:36:0d:66:ae:9a:1f:c2:
78:6a:98:2b:e1:4a:60:75:fc:78:aa:1b:40:50:d2:
f0:47:9f:12:21:d7:bc:dc:8f:29:63:a7:8a:ca:d3:
b7:af:64:c0:5e:c1:1d:4e:7c:ab:75:51:ea:05:96:
94:9a:02:9e:7e:a4:22:e2:ab:29:a7:29:6f:fb:6b:
ad:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E0:97:27:DF:DF:8A:97:D0:47:73:F0:CB:A3:FB:21:19:81:F4:B8
X509v3 Authority Key Identifier:
keyid:67:5C:BA:4B:50:BD:5C:E8:98:47:2D:55:4F:17:04:9C:BD:EC:04:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B5EE7/01510A006B9111F0AF55F681DAE4EC9C/Z1y6S1C9XOiYRy1VTxcEnL3sBDk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/Z1y6S1C9XOiYRy1VTxcEnL3sBDk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B5EE7/01510A006B9111F0AF55F681DAE4EC9C/38D8D2366B9211F095FD868ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.221.80.0/20
Signature Algorithm: sha256WithRSAEncryption
ae:c8:b7:d0:8a:83:7c:70:e7:60:76:fc:85:4a:be:08:49:6e:
94:a1:98:30:01:c8:3b:77:7f:00:0a:d1:ce:1d:9a:57:9a:cb:
14:3f:37:22:8e:23:77:ef:bc:8c:97:c2:a0:3f:f7:c2:59:4c:
2a:20:17:55:c6:9c:9f:1a:e9:89:2a:14:1a:23:fc:aa:9c:87:
f4:b2:14:e0:4b:28:67:ec:a2:c7:f8:4d:52:d4:da:a8:4f:2a:
ee:9a:4d:32:a8:6e:9a:b9:b0:9e:95:f3:2c:50:b1:50:62:45:
6e:47:92:bc:00:7e:4d:69:56:17:5e:38:78:0d:05:fe:90:2e:
b8:15:34:60:29:43:7a:e0:55:88:45:82:36:bf:21:cb:5a:36:
73:59:8b:28:3d:46:27:bd:d9:98:c2:87:02:fd:82:91:eb:38:
42:e4:ef:4d:cc:c2:16:37:9d:73:d0:be:91:a3:10:36:30:47:
92:b3:c5:80:24:71:dd:a4:0e:2b:ac:4a:1d:08:53:21:74:14:
89:cd:ca:f5:f9:0f:c3:de:e4:b1:23:ad:d8:39:67:aa:2f:e4:
1f:6a:a3:fc:22:63:ea:25:d0:63:1c:a7:3a:84:5d:90:1c:55:
e5:4d:7b:03:be:19:d5:08:a2:f9:8f:f7:6d:dc:69:d8:c3:20:
fc:1f:05:a1
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
NUVFN0FSMTEwLwYDVQQFEyg2NzVDQkE0QjUwQkQ1Q0U4OTg0NzJENTU0RjE3MDQ5
Q0JERUMwNDM5MB4XDTI1MDcyODA5MDYzNFoXDTM1MDcyODA5MDYzNFowGDEWMBQG
A1UEAxMNNjg4NzNkYjUtMDI0NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7xDIHCGFswds+7h2Zsm/TKxENgn+TZqBsxSnSEQ3DnkqFIbQK0mi6KzOCr
igB4BoemNCpiPQ8D/7CN3sRB92oR55vkvJZZXvO3Bj7GmiEZD1FJnZSMYSgUHbEk
5ngvFdQDwJ+hZe+mRFsS7dni3X7JAXVfeSpK41rr24LONRVssrJU2V7ZIrf5TrLc
jadDGm+0vityfZ5ba9i5kg6cF3rEnY4LSg/fBRyvnA0Jb5X/6RR6WI451rCxg182
DWaumh/CeGqYK+FKYHX8eKobQFDS8EefEiHXvNyPKWOnisrTt69kwF7BHU58q3VR
6gWWlJoCnn6kIuKrKacpb/trrWsCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSM4Jcn
39+Kl9BHc/DLo/shGYH0uDAfBgNVHSMEGDAWgBRnXLpLUL1c6JhHLVVPFwScvewE
OTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjVFRTcvMDE1MTBBMDA2QjkxMTFGMEFGNTVGNjgxREFFNEVDOUMvWjF5NlMx
QzlYT2lZUnkxVlR4Y0VuTDNzQkRrLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
WjF5NlMxQzlYT2lZUnkxVlR4Y0VuTDNzQkRrLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QjVFRTcvMDE1MTBBMDA2QjkxMTFGMEFGNTVGNjgxREFFNEVD
OUMvMzhEOEQyMzY2QjkyMTFGMDk1RkQ4NjhBREFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC3dUDANBgkqhkiG9w0BAQsFAAOC
AQEArsi30IqDfHDnYHb8hUq+CElulKGYMAHIO3d/AArRzh2aV5rLFD83Io4jd++8
jJfCoD/3wllMKiAXVcacnxrpiSoUGiP8qpyH9LIU4EsoZ+yix/hNUtTaqE8q7ppN
MqhumrmwnpXzLFCxUGJFbkeSvAB+TWlWF144eA0F/pAuuBU0YClDeuBViEWCNr8h
y1o2c1mLKD1GJ73ZmMKHAv2Ckes4QuTvTczCFjedc9C+kaMQNjBHkrPFgCRx3aQO
K6xKHQhTIXQUic3K9fkPw97ksSOt2Dlnqi/kH2qj/CJj6iXQYxynOoRdkBxV5U17
A74Z1Qii+Y/3bdxp2MMg/B8FoQ==
-----END CERTIFICATE-----
Generated at Sat Aug 2 13:46:10 2025 by rpki-client