Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1698B7D2752D11F0829DDE94DAE4EC9C.roa
File: 1698B7D2752D11F0829DDE94DAE4EC9C.roa (raw, json)
Hash identifier: 4lu4SepYoaGfabOV75KHks8YOd/IhXF5R0jQmTpPJE0=
Subject key identifier: FA:EE:2F:5B:40:69:DC:05:20:4C:22:F9:41:75:63:FD:BC:93:F5:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0169E8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1698B7D2752D11F0829DDE94DAE4EC9C.roa
Signing time: Sat 09 Aug 2025 14:28:17 +0000
ROA not before: Sat 09 Aug 2025 14:28:12 +0000
ROA not after: Mon 22 Sep 2025 14:28:12 +0000
asID: 401701
IP address blocks: 45.192.96.0/20 maxlen: 24
45.205.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92648 (0x169e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 9 14:28:12 2025 GMT
Not After : Sep 22 14:28:12 2025 GMT
Subject: CN=68975b00-0329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:dd:3c:bc:20:f8:8e:88:12:71:ce:3f:03:e9:
8e:bc:9a:5b:2c:a5:fe:1b:3c:75:3e:45:31:d5:91:
29:56:10:59:df:52:90:3a:b9:09:a4:5a:3d:74:27:
17:d4:52:88:9a:dc:5e:8e:9d:fc:98:7a:0c:29:9a:
dc:02:c6:e5:07:96:93:6e:08:f0:ae:5d:7e:e2:5f:
ed:5b:36:db:2c:53:e9:8f:8a:a5:90:89:26:22:27:
49:61:65:2b:b4:87:71:3a:f4:45:bc:fa:0b:03:aa:
29:ba:ca:ae:0f:48:f4:49:2f:52:e3:55:6a:6f:c1:
7d:b2:e9:61:5b:db:b9:2f:e6:99:43:25:9c:c2:20:
cf:20:59:2c:03:22:8c:eb:97:ae:eb:0c:08:3d:f3:
89:e5:d8:74:5e:df:fb:9b:3f:70:c9:62:ea:83:46:
c7:bf:0b:a3:7a:2b:dd:24:ba:b8:e1:5d:60:8e:11:
ec:ea:61:1f:00:56:a5:89:d1:3a:50:10:5e:24:00:
3d:fe:3a:31:4f:2d:a8:c9:11:98:18:0d:56:7e:19:
c0:8b:ad:9c:27:b4:55:54:16:84:a7:a1:fe:0a:92:
15:52:f3:39:7d:33:c6:d4:c4:78:5e:5d:92:1e:38:
aa:50:a7:8e:83:9e:25:bf:19:f5:0b:94:0d:9f:5c:
97:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EE:2F:5B:40:69:DC:05:20:4C:22:F9:41:75:63:FD:BC:93:F5:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1698B7D2752D11F0829DDE94DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/20
45.205.16.0/20
Signature Algorithm: sha256WithRSAEncryption
49:9e:2b:0d:87:93:da:4a:08:9d:0e:9a:77:4e:ec:b6:c5:2a:
f1:f2:93:a3:e8:89:ed:63:c7:35:be:89:69:4f:5d:5f:e1:0b:
1f:d2:2f:5b:c9:b4:58:70:fd:44:69:2c:95:e0:42:10:51:14:
65:07:cf:6e:57:a7:f1:73:21:73:cb:01:47:7b:0c:9e:58:26:
8e:5b:aa:24:ab:03:3b:24:d5:14:ec:a5:ea:c4:76:f4:8c:8a:
4c:00:04:0e:bd:79:7b:1a:c3:c7:a0:7d:94:42:d4:57:d5:14:
6a:7b:38:3a:c4:24:73:a2:58:9a:4d:09:53:75:92:5f:f3:05:
bc:bc:01:06:a9:e8:4b:27:e4:d4:3e:ad:8f:0b:20:c9:89:49:
d5:d0:09:c1:71:d5:b1:8e:26:a7:73:27:8f:5c:1c:1e:18:c3:
29:77:5d:05:1d:9e:67:23:f1:0f:ec:ff:c3:85:bb:6d:c9:13:
87:12:1a:6c:18:f8:ea:37:a8:63:70:10:d8:3b:d3:0c:e1:4e:
d1:44:4e:26:39:bc:90:89:84:4d:fc:71:ee:1f:2b:f5:23:3c:
9e:0f:22:b2:4d:17:32:7c:00:8e:95:e1:40:e8:2b:37:ac:b9:
0b:d7:60:ef:f3:ca:3d:b5:ad:d6:a5:8f:3c:ed:d9:06:79:fb:
d1:7e:ef:7c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWnoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODA5MTQyODEyWhcNMjUwOTIyMTQyODEyWjAYMRYw
FAYDVQQDEw02ODk3NWIwMC0wMzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxd08vCD4jogScc4/A+mOvJpbLKX+Gzx1PkUx1ZEpVhBZ31KQOrkJpFo9
dCcX1FKImtxejp38mHoMKZrcAsblB5aTbgjwrl1+4l/tWzbbLFPpj4qlkIkmIidJ
YWUrtIdxOvRFvPoLA6opusquD0j0SS9S41Vqb8F9sulhW9u5L+aZQyWcwiDPIFks
AyKM65eu6wwIPfOJ5dh0Xt/7mz9wyWLqg0bHvwujeivdJLq44V1gjhHs6mEfAFal
idE6UBBeJAA9/joxTy2oyRGYGA1WfhnAi62cJ7RVVBaEp6H+CpIVUvM5fTPG1MR4
Xl2SHjiqUKeOg54lvxn1C5QNn1yXXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPru
L1tAadwFIEwi+UF1Y/28k/VdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNjk4QjdEMjc1MkQxMUYwODI5RERFOTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQELcBgAwQELc0QMA0GCSqGSIb3
DQEBCwUAA4IBAQBJnisNh5PaSgidDpp3Tuy2xSrx8pOj6IntY8c1volpT11f4Qsf
0i9bybRYcP1EaSyV4EIQURRlB89uV6fxcyFzywFHewyeWCaOW6okqwM7JNUU7KXq
xHb0jIpMAAQOvXl7GsPHoH2UQtRX1RRqezg6xCRzoliaTQlTdZJf8wW8vAEGqehL
J+TUPq2PCyDJiUnV0AnBcdWxjiancyePXBweGMMpd10FHZ5nI/EP7P/DhbttyROH
EhpsGPjqN6hjcBDYO9MM4U7RRE4mObyQiYRN/HHuHyv1IzyeDyKyTRcyfACOleFA
6Cs3rLkL12Dv88o9ta3WpY887dkGefvRfu98
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:10:15 2025 by rpki-client