Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20C948667E1F11F0830CBAE8DAE4EC9C.roa
File: 20C948667E1F11F0830CBAE8DAE4EC9C.roa (raw, json)
Hash identifier: G/sM6GM7lcju2aZjhxi2RqyfESDKrDTtH25Oe8eFM/c=
Subject key identifier: 3E:E4:2F:3A:49:9D:98:AB:3C:EA:DD:02:D5:6B:C7:93:65:2C:54:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016D1F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20C948667E1F11F0830CBAE8DAE4EC9C.roa
Signing time: Wed 20 Aug 2025 23:41:03 +0000
ROA not before: Wed 20 Aug 2025 23:40:55 +0000
ROA not after: Sun 20 Aug 2028 23:40:55 +0000
asID: 17561
IP address blocks: 45.196.103.0/24 maxlen: 24
45.196.105.0/24 maxlen: 24
45.196.108.0/24 maxlen: 24
45.196.110.0/24 maxlen: 24
45.196.111.0/24 maxlen: 24
45.196.113.0/24 maxlen: 24
45.196.115.0/24 maxlen: 24
45.196.120.0/24 maxlen: 24
45.204.128.0/24 maxlen: 24
45.204.132.0/24 maxlen: 24
45.204.138.0/24 maxlen: 24
45.204.139.0/24 maxlen: 24
45.204.140.0/24 maxlen: 24
45.204.144.0/24 maxlen: 24
45.204.146.0/24 maxlen: 24
45.204.154.0/24 maxlen: 24
45.204.155.0/24 maxlen: 24
45.204.164.0/24 maxlen: 24
45.204.165.0/24 maxlen: 24
45.204.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93471 (0x16d1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 23:40:55 2025 GMT
Not After : Aug 20 23:40:55 2028 GMT
Subject: CN=68a65d0f-285d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:af:7c:9a:b7:84:8e:34:58:0f:21:05:ce:ab:
7b:0d:ee:9b:96:54:74:26:ed:2f:b4:91:c3:3c:57:
f2:fb:0a:5d:4e:e2:a9:5c:73:ac:42:e5:43:86:00:
88:41:ce:2c:6d:74:20:ad:11:0d:7d:12:97:44:66:
5c:e5:d7:46:73:89:e2:9d:1a:cc:2c:57:38:d0:e6:
cb:16:74:98:fb:09:c9:93:85:9e:47:d6:24:c6:d7:
af:75:7a:45:44:88:45:68:0d:b3:cb:22:99:6d:94:
68:bf:56:a1:ec:68:d2:5e:31:78:9b:99:71:16:4e:
34:ac:f1:69:26:db:7f:34:78:4d:af:ce:5a:9d:b3:
06:ba:ac:0e:90:b2:81:7f:df:4b:ad:f8:d6:4b:9b:
51:4e:10:9a:06:6a:29:87:37:95:f2:1a:e4:53:05:
06:15:6f:c4:a6:a7:ef:ac:57:30:77:19:c9:be:59:
c5:82:0e:6d:71:f8:c3:9f:f2:bd:d2:45:9a:95:d5:
41:e4:64:00:dc:0f:f1:9a:01:d0:65:e5:92:d0:49:
4d:b7:db:4f:45:99:f3:79:e8:b4:a3:d4:28:a2:36:
1c:52:71:6e:db:e6:1f:70:9f:73:9c:bf:a4:c2:e4:
b1:d7:32:8d:32:43:60:8f:a3:d2:c0:9b:c3:f0:e0:
b3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E4:2F:3A:49:9D:98:AB:3C:EA:DD:02:D5:6B:C7:93:65:2C:54:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20C948667E1F11F0830CBAE8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.103.0/24
45.196.105.0/24
45.196.108.0/24
45.196.110.0/23
45.196.113.0/24
45.196.115.0/24
45.196.120.0/24
45.204.128.0/24
45.204.132.0/24
45.204.138.0-45.204.140.255
45.204.144.0/24
45.204.146.0/24
45.204.154.0/23
45.204.164.0/23
45.204.174.0/24
Signature Algorithm: sha256WithRSAEncryption
64:e7:13:0f:8c:ec:cb:34:89:4d:ba:ae:4e:af:52:65:fb:bb:
e1:a1:d6:da:06:70:95:a5:0e:39:93:04:6b:80:92:e9:0c:0f:
6a:07:b1:09:6d:42:4f:44:66:c3:56:3c:ab:06:47:22:1d:0a:
c8:c3:0b:3e:b3:2c:e9:75:1d:c4:02:6a:7b:78:23:c1:c8:76:
9b:c5:87:2b:74:ac:22:b7:e5:f4:3b:21:c3:73:0e:93:da:11:
24:09:25:e7:3e:6f:19:be:19:39:6e:2a:f1:9c:48:09:79:3d:
4c:9d:5c:48:41:d0:b4:7f:23:8d:a1:9f:ff:33:db:aa:6a:66:
18:1f:0f:b5:a7:7b:bf:9d:d8:7b:c0:12:4d:b2:05:7a:c4:d3:
d5:20:7b:b3:d9:6c:d2:43:8e:44:ef:a6:56:c5:7b:c8:b0:0c:
34:ea:88:86:da:1a:d3:d7:93:f5:ed:62:d1:72:d5:e0:27:85:
85:b0:56:77:4c:2b:73:64:2c:00:b0:a6:eb:29:0d:68:a8:70:
4e:5d:ec:19:09:0a:e3:26:b9:77:52:77:ae:a5:8b:ad:ae:94:
87:96:21:6b:70:85:83:c1:c4:4b:5f:76:bc:0a:63:e4:3b:67:
59:03:9e:48:91:66:8a:23:b0:44:2d:64:8d:64:30:28:52:68:
dd:cc:37:b9
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgIDAW0fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIwMjM0MDU1WhcNMjgwODIwMjM0MDU1WjAYMRYw
FAYDVQQDEw02OGE2NWQwZi0yODVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuK98mreEjjRYDyEFzqt7De6bllR0Ju0vtJHDPFfy+wpdTuKpXHOsQuVD
hgCIQc4sbXQgrRENfRKXRGZc5ddGc4ninRrMLFc40ObLFnSY+wnJk4WeR9Ykxtev
dXpFRIhFaA2zyyKZbZRov1ah7GjSXjF4m5lxFk40rPFpJtt/NHhNr85anbMGuqwO
kLKBf99LrfjWS5tRThCaBmophzeV8hrkUwUGFW/EpqfvrFcwdxnJvlnFgg5tcfjD
n/K90kWaldVB5GQA3A/xmgHQZeWS0ElNt9tPRZnzeei0o9QoojYcUnFu2+YfcJ9z
nL+kwuSx1zKNMkNgj6PSwJvD8OCz+wIDAQABo4IC/jCCAvowHQYDVR0OBBYEFD7k
LzpJnZirPOrdAtVrx5NlLFQMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMEM5NDg2NjdFMUYxMUYwODMwQ0JBRThEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQALcRnAwQALcRpAwQALcRsAwQB
LcRuAwQALcRxAwQALcRzAwQALcR4AwQALcyAAwQALcyEMAwDBAEtzIoDBAAtzIwD
BAAtzJADBAAtzJIDBAEtzJoDBAEtzKQDBAAtzK4wDQYJKoZIhvcNAQELBQADggEB
AGTnEw+M7Ms0iU26rk6vUmX7u+Gh1toGcJWlDjmTBGuAkukMD2oHsQltQk9EZsNW
PKsGRyIdCsjDCz6zLOl1HcQCant4I8HIdpvFhyt0rCK35fQ7IcNzDpPaESQJJec+
bxm+GTluKvGcSAl5PUydXEhB0LR/I42hn/8z26pqZhgfD7Wne7+d2HvAEk2yBXrE
09Uge7PZbNJDjkTvplbFe8iwDDTqiIbaGtPXk/XtYtFy1eAnhYWwVndMK3NkLACw
puspDWiocE5d7BkJCuMmuXdSd66li62ulIeWIWtwhYPBxEtfdrwKY+Q7Z1kDnkiR
ZoojsEQtZI1kMChSaN3MN7k=
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:02:12 2025 by rpki-client