Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C337B8E910011F0B7171B81DAE4EC9C.roa
File: 1C337B8E910011F0B7171B81DAE4EC9C.roa (raw, json)
Hash identifier: WO+cIKPGj5ak4a1f/hqbzdVv/Rax9gwR6aoDnwJnWL8=
Subject key identifier: FE:71:C4:D7:6B:3D:8B:03:D6:FC:13:37:B0:CF:21:A8:FE:E7:5C:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017B03
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C337B8E910011F0B7171B81DAE4EC9C.roa
Signing time: Sun 14 Sep 2025 00:16:51 +0000
ROA not before: Sun 14 Sep 2025 00:00:46 +0000
ROA not after: Mon 20 Oct 2025 00:00:46 +0000
asID: 214413
IP address blocks: 45.194.87.0/24 maxlen: 24
45.194.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Oct 2025 00:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97027 (0x17b03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 14 00:00:46 2025 GMT
Not After : Oct 20 00:00:46 2025 GMT
Subject: CN=68c60973-eb01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4c:b3:15:23:e9:f1:19:d9:b7:ea:31:0d:10:
a3:d5:99:04:b4:d0:8d:d6:fe:77:32:aa:58:e5:6f:
76:0d:81:01:38:2f:0e:6f:dd:23:7d:a5:6e:a5:0b:
e2:15:af:f6:7b:16:98:e1:9c:ce:5b:49:43:e8:9f:
13:64:85:e6:1c:6f:c0:49:75:7f:f8:32:7a:db:22:
ef:e8:6d:a5:3e:1b:2f:89:d2:ac:0c:57:bc:14:9f:
86:29:07:81:c3:f5:87:4a:6d:7c:f5:bd:bf:fb:e3:
5b:f2:a6:08:8f:e5:45:49:7a:49:c7:cc:01:98:73:
e1:50:b9:36:55:4d:3d:64:41:63:23:ce:91:f2:d9:
2f:78:21:12:22:fb:11:b1:96:96:e9:58:ea:f5:0f:
86:53:69:38:9f:f9:5e:2d:5a:e2:d3:01:b6:a6:d1:
6f:c4:bb:a0:22:8b:7b:fc:89:0a:e1:5d:78:4d:43:
fb:fd:c7:bd:03:82:58:4f:25:6a:73:45:a2:74:3b:
b1:13:11:25:37:b3:e5:8c:b6:d9:8d:57:08:a8:9f:
c9:0d:30:91:db:4c:8c:0e:c1:07:34:56:cf:29:8e:
f1:09:b0:e0:30:f9:45:3b:13:e0:00:65:19:b5:6d:
62:70:59:a8:2b:81:26:85:c6:e4:97:f9:48:f0:02:
b8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:71:C4:D7:6B:3D:8B:03:D6:FC:13:37:B0:CF:21:A8:FE:E7:5C:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C337B8E910011F0B7171B81DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.87.0/24
45.194.95.0/24
Signature Algorithm: sha256WithRSAEncryption
09:ea:84:45:4e:ca:d5:2e:82:86:6b:82:c9:26:54:a0:95:3c:
95:bb:af:19:95:41:37:ac:14:c0:85:b2:6c:aa:11:16:d7:39:
2a:9b:2a:01:67:fa:13:fc:76:af:b7:4a:9e:47:75:d7:ae:10:
96:a9:33:41:fe:5c:6f:01:d4:00:9d:09:d8:08:95:f7:58:91:
e5:02:8e:7a:ce:ca:14:b7:e5:fe:f0:83:26:13:e8:31:c8:20:
f8:64:79:83:d9:50:b7:b0:1b:f9:1f:95:c3:a4:8f:81:39:da:
ff:f0:2d:40:82:43:d3:b9:60:61:3c:5d:79:0e:4a:4a:b5:d2:
c5:10:d9:34:7a:66:b9:e9:39:22:26:c4:10:5e:9b:a9:ac:57:
43:78:9c:4d:6f:de:d9:fd:69:df:c4:d9:cc:74:3d:28:56:6f:
60:7d:85:ae:2f:80:53:57:39:2d:e5:d6:ac:cd:9e:25:1e:8d:
c6:4a:e0:49:74:2a:10:6e:ad:9b:50:7c:e5:b2:4e:49:fe:80:
36:42:54:c8:9c:fe:1c:68:a3:5d:18:a7:e1:09:f7:b8:98:e5:
37:3c:2d:9d:0d:9d:1d:ba:89:b3:df:a1:6b:e4:3a:4b:f2:af:
a4:be:c5:8d:22:7d:fc:77:66:ae:c4:08:ea:95:d0:59:70:64:
36:49:c1:4b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXsDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE0MDAwMDQ2WhcNMjUxMDIwMDAwMDQ2WjAYMRYw
FAYDVQQDEw02OGM2MDk3My1lYjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyEyzFSPp8RnZt+oxDRCj1ZkEtNCN1v53MqpY5W92DYEBOC8Ob90jfaVu
pQviFa/2exaY4ZzOW0lD6J8TZIXmHG/ASXV/+DJ62yLv6G2lPhsvidKsDFe8FJ+G
KQeBw/WHSm189b2/++Nb8qYIj+VFSXpJx8wBmHPhULk2VU09ZEFjI86R8tkveCES
IvsRsZaW6Vjq9Q+GU2k4n/leLVri0wG2ptFvxLugIot7/IkK4V14TUP7/ce9A4JY
TyVqc0WidDuxExElN7PljLbZjVcIqJ/JDTCR20yMDsEHNFbPKY7xCbDgMPlFOxPg
AGUZtW1icFmoK4Emhcbkl/lI8AK43wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP5x
xNdrPYsD1vwTN7DPIaj+51y+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQzMzN0I4RTkxMDAxMUYwQjcxNzFCODFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcJXAwQALcJfMA0GCSqGSIb3
DQEBCwUAA4IBAQAJ6oRFTsrVLoKGa4LJJlSglTyVu68ZlUE3rBTAhbJsqhEW1zkq
myoBZ/oT/Havt0qeR3XXrhCWqTNB/lxvAdQAnQnYCJX3WJHlAo56zsoUt+X+8IMm
E+gxyCD4ZHmD2VC3sBv5H5XDpI+BOdr/8C1AgkPTuWBhPF15DkpKtdLFENk0ema5
6TkiJsQQXpuprFdDeJxNb97Z/WnfxNnMdD0oVm9gfYWuL4BTVzkt5daszZ4lHo3G
SuBJdCoQbq2bUHzlsk5J/oA2QlTInP4caKNdGKfhCfe4mOU3PC2dDZ0duomz36Fr
5DpL8q+kvsWNIn38d2auxAjqldBZcGQ2ScFL
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:06:06 2025 by rpki-client