Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43A21A5EA41511F0AE91CAB3DAE4EC9C.roa
File: 43A21A5EA41511F0AE91CAB3DAE4EC9C.roa (raw, json)
Hash identifier: G9ZTZt9/7Jd8R4tTuYsw+QVNEnZ3unSL5fNYzjOfe+E=
Subject key identifier: E4:9D:31:8F:02:00:64:3B:CB:78:8B:29:25:FE:52:EB:8E:FD:12:2B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017F4E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43A21A5EA41511F0AE91CAB3DAE4EC9C.roa
Signing time: Wed 08 Oct 2025 07:06:09 +0000
ROA not before: Wed 08 Oct 2025 07:06:04 +0000
ROA not after: Sun 07 Dec 2025 07:06:04 +0000
asID: 141883
IP address blocks: 45.204.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98126 (0x17f4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 8 07:06:04 2025 GMT
Not After : Dec 7 07:06:04 2025 GMT
Subject: CN=68e60d61-6bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3f:20:e5:94:8a:2b:65:e4:03:15:68:b3:34:
72:78:b7:e3:01:96:15:dc:4e:76:f2:11:93:23:cf:
fa:56:4b:59:23:ee:34:b4:4a:4f:79:7a:d5:ea:4e:
11:17:77:73:36:61:f2:ee:1c:29:c9:20:c9:78:7c:
39:9e:27:b0:0c:eb:4e:c3:48:6c:15:75:cc:c9:79:
2f:8f:72:78:a7:f4:62:49:26:e4:38:e5:32:a9:80:
43:75:ae:d8:be:c8:69:31:84:e1:a7:fc:d5:dd:cd:
78:27:02:9a:39:5f:20:f8:08:90:08:6f:cd:b1:e0:
8c:93:95:0d:37:95:84:5f:70:07:01:a6:76:01:53:
6e:61:46:b0:bd:08:52:63:b7:96:18:c0:25:dc:ae:
6f:d3:cd:43:46:55:42:ef:13:c2:72:15:e1:9c:25:
02:54:c9:76:e6:7d:a2:49:56:ab:23:e3:6c:58:9d:
db:fc:90:cc:36:a3:f1:76:8a:25:96:6a:d8:9d:e2:
79:24:50:0f:c6:ba:24:68:e8:bc:fb:2e:f5:e3:10:
44:7c:60:77:75:df:44:a1:a7:ed:33:3d:8c:f3:0c:
2e:26:4e:17:b2:7c:39:11:0a:e2:16:72:a8:e0:75:
f8:af:08:a5:57:27:f2:13:81:76:9c:fb:ef:eb:c4:
18:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9D:31:8F:02:00:64:3B:CB:78:8B:29:25:FE:52:EB:8E:FD:12:2B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43A21A5EA41511F0AE91CAB3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.0.0/24
Signature Algorithm: sha256WithRSAEncryption
27:29:ba:44:8c:00:82:42:5b:02:db:60:a7:88:f9:b3:75:c8:
6f:e1:08:fc:35:c7:f9:0c:25:59:67:cd:b1:56:e7:c3:f9:dc:
78:ad:a3:36:00:9f:72:55:f4:32:14:a8:0f:3f:51:08:a1:1a:
47:1b:04:32:80:d6:34:a2:ef:0d:e4:6e:1b:ad:54:8e:91:e8:
08:b7:dc:92:86:85:f5:84:c5:18:20:b2:07:a8:8b:e8:c1:fc:
a2:98:ae:41:ec:2e:ab:91:c4:0e:30:aa:1c:d1:92:46:07:f4:
ee:9a:78:1f:ae:13:59:eb:b1:c1:b0:18:82:5b:5d:3b:e9:12:
61:4d:c9:05:fe:01:58:97:0d:08:7e:10:c1:ea:6b:b6:21:ea:
c4:b9:1f:5f:79:20:93:2f:d1:59:e9:0b:a3:60:41:37:62:ac:
cd:b3:32:81:3d:1a:b5:72:b2:4f:bd:a1:44:71:05:97:aa:5d:
2e:5f:9e:85:56:31:7f:fd:70:b1:71:32:23:ad:45:14:39:7f:
c9:f6:4d:39:92:bc:55:0b:fc:d4:1c:76:b0:ca:20:fe:3b:c1:
60:24:73:ac:f5:c3:65:bc:dc:7f:5b:ea:c1:1b:46:46:56:1e:
8d:dc:49:88:4f:fd:96:28:4e:e3:44:eb:be:f9:80:17:f4:fe:
78:37:da:7b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX9OMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDA4MDcwNjA0WhcNMjUxMjA3MDcwNjA0WjAYMRYw
FAYDVQQDEw02OGU2MGQ2MS02YmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArD8g5ZSKK2XkAxVoszRyeLfjAZYV3E528hGTI8/6VktZI+40tEpPeXrV
6k4RF3dzNmHy7hwpySDJeHw5niewDOtOw0hsFXXMyXkvj3J4p/RiSSbkOOUyqYBD
da7YvshpMYThp/zV3c14JwKaOV8g+AiQCG/NseCMk5UNN5WEX3AHAaZ2AVNuYUaw
vQhSY7eWGMAl3K5v081DRlVC7xPCchXhnCUCVMl25n2iSVarI+NsWJ3b/JDMNqPx
doollmrYneJ5JFAPxrokaOi8+y714xBEfGB3dd9EoaftMz2M8wwuJk4Xsnw5EQri
FnKo4HX4rwilVyfyE4F2nPvv68QYrwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOSd
MY8CAGQ7y3iLKSX+UuuO/RIrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80M0EyMUE1RUE0MTUxMUYwQUU5MUNBQjNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcwAMA0GCSqGSIb3DQEBCwUA
A4IBAQAnKbpEjACCQlsC22CniPmzdchv4Qj8Ncf5DCVZZ82xVufD+dx4raM2AJ9y
VfQyFKgPP1EIoRpHGwQygNY0ou8N5G4brVSOkegIt9yShoX1hMUYILIHqIvowfyi
mK5B7C6rkcQOMKoc0ZJGB/TumngfrhNZ67HBsBiCW1076RJhTckF/gFYlw0IfhDB
6mu2IerEuR9feSCTL9FZ6QujYEE3YqzNszKBPRq1crJPvaFEcQWXql0uX56FVjF/
/XCxcTIjrUUUOX/J9k05krxVC/zUHHawyiD+O8FgJHOs9cNlvNx/W+rBG0ZGVh6N
3EmIT/2WKE7jROu++YAX9P54N9p7
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:25:37 2025 by rpki-client