Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33933E06A2A111F0B5BCB1C4DAE4EC9C.roa
File: 33933E06A2A111F0B5BCB1C4DAE4EC9C.roa (raw, json)
Hash identifier: JFPPGa9LjQXmz4pf3EjW23C2zaZjvAF/97k7GtoysTo=
Subject key identifier: DC:F1:00:4A:A4:0A:CC:B2:59:78:59:99:8C:7B:47:5D:24:07:41:29
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017F08
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33933E06A2A111F0B5BCB1C4DAE4EC9C.roa
Signing time: Mon 06 Oct 2025 10:42:49 +0000
ROA not before: Mon 06 Oct 2025 10:42:42 +0000
ROA not after: Mon 10 Nov 2025 10:42:42 +0000
asID: 25198
IP address blocks: 45.202.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98056 (0x17f08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 6 10:42:42 2025 GMT
Not After : Nov 10 10:42:42 2025 GMT
Subject: CN=68e39d29-7b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1a:12:84:85:ed:ee:c2:12:6e:c2:fb:d3:bc:
b6:19:ce:c2:d8:3a:d4:5e:e5:68:3e:fe:37:0d:80:
9e:58:ad:3a:04:f0:00:80:8a:05:82:de:85:79:0c:
d4:84:34:ee:43:eb:8e:17:37:d2:7b:1d:07:57:7c:
6e:1c:75:be:e1:19:27:ea:85:c8:ea:87:c6:34:c0:
15:a3:49:4a:9d:11:43:95:18:b4:d5:5a:e2:10:75:
04:4b:f3:ad:3d:a3:36:e0:a0:65:f0:13:4a:cd:4f:
b2:ad:6e:71:dd:34:0b:71:87:77:90:6a:86:4f:78:
97:d2:c6:01:20:9f:83:c7:0e:f4:df:1f:b5:71:00:
5b:32:36:3e:f2:40:76:cc:64:b1:fa:b6:6a:bd:7e:
98:c6:29:28:f7:27:0e:77:cb:0d:b4:4d:43:06:1e:
ff:6c:1f:64:e9:03:86:1a:e0:fb:be:09:27:b9:5d:
60:5a:fd:49:3b:62:68:b9:06:c9:f6:22:ab:95:14:
ed:d9:57:61:aa:88:c0:f6:a1:12:e9:fc:34:b7:9f:
41:34:fb:c6:a8:6e:4e:b1:05:c1:b9:8f:e0:dd:08:
4a:fe:66:de:bc:e4:82:0e:00:a7:f7:d9:a8:49:25:
d1:8b:36:8b:06:f7:f3:69:c3:87:26:a6:2f:95:c3:
6a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F1:00:4A:A4:0A:CC:B2:59:78:59:99:8C:7B:47:5D:24:07:41:29
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33933E06A2A111F0B5BCB1C4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.88.0/24
Signature Algorithm: sha256WithRSAEncryption
56:a4:ca:8b:5e:c7:51:95:84:23:4d:25:c4:b2:7e:e6:bd:4f:
34:f2:db:0c:3a:d0:20:72:6c:20:41:25:df:6a:98:f5:f4:87:
bb:e3:05:c9:54:ea:cd:86:72:11:7a:70:8c:b6:23:ff:e6:ee:
47:82:23:50:07:2c:ff:62:da:62:11:81:83:7c:14:93:49:76:
eb:a3:d6:18:13:42:30:67:42:47:be:1d:fa:39:e7:f8:9c:80:
3e:95:6b:a3:85:6f:66:fa:a3:c7:67:d8:5c:d8:9f:46:6f:1c:
2d:1b:1f:d0:6b:49:d0:c5:20:04:9a:4d:fa:ce:1d:66:46:27:
1b:09:75:91:6a:0a:cd:ed:b9:4f:6a:51:fe:70:32:10:2b:bd:
1d:6e:0f:9f:ff:48:37:37:50:ac:7f:a2:6c:e1:f8:5f:29:40:
ec:62:5a:16:b1:4a:ff:84:03:81:82:34:d9:05:54:96:4b:2c:
36:d5:87:91:c0:b7:d7:97:06:86:b5:39:e0:22:74:88:61:ce:
ba:54:b4:6e:95:9e:64:f1:dc:d3:4c:d5:ae:43:a8:26:ed:5d:
59:4c:e6:98:df:69:1f:a8:76:6b:2b:47:65:c8:40:ea:fa:04:
8d:f0:63:9c:88:c4:15:1d:86:60:9e:4e:20:fe:42:74:2e:7a:
1b:3f:92:0a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX8IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDA2MTA0MjQyWhcNMjUxMTEwMTA0MjQyWjAYMRYw
FAYDVQQDEw02OGUzOWQyOS03YjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArhoShIXt7sISbsL707y2Gc7C2DrUXuVoPv43DYCeWK06BPAAgIoFgt6F
eQzUhDTuQ+uOFzfSex0HV3xuHHW+4Rkn6oXI6ofGNMAVo0lKnRFDlRi01VriEHUE
S/OtPaM24KBl8BNKzU+yrW5x3TQLcYd3kGqGT3iX0sYBIJ+Dxw703x+1cQBbMjY+
8kB2zGSx+rZqvX6Yxiko9ycOd8sNtE1DBh7/bB9k6QOGGuD7vgknuV1gWv1JO2Jo
uQbJ9iKrlRTt2VdhqojA9qES6fw0t59BNPvGqG5OsQXBuY/g3QhK/mbevOSCDgCn
99moSSXRizaLBvfzacOHJqYvlcNqjwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNzx
AEqkCsyyWXhZmYx7R10kB0EpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMzkzM0UwNkEyQTExMUYwQjVCQ0IxQzREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcpYMA0GCSqGSIb3DQEBCwUA
A4IBAQBWpMqLXsdRlYQjTSXEsn7mvU808tsMOtAgcmwgQSXfapj19Ie74wXJVOrN
hnIRenCMtiP/5u5HgiNQByz/YtpiEYGDfBSTSXbro9YYE0IwZ0JHvh36Oef4nIA+
lWujhW9m+qPHZ9hc2J9GbxwtGx/Qa0nQxSAEmk36zh1mRicbCXWRagrN7blPalH+
cDIQK70dbg+f/0g3N1Csf6Js4fhfKUDsYloWsUr/hAOBgjTZBVSWSyw21YeRwLfX
lwaGtTngInSIYc66VLRulZ5k8dzTTNWuQ6gm7V1ZTOaY32kfqHZrK0dlyEDq+gSN
8GOciMQVHYZgnk4g/kJ0LnobP5IK
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:25:22 2025 by rpki-client