Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/44C2DBD2A43B11F0A87E54A4DAE4EC9C.roa
File: 44C2DBD2A43B11F0A87E54A4DAE4EC9C.roa (raw, json)
Hash identifier: IVV6zassynKboNa+IB0r6PHXBG+UoSxIfuQD5kWs1hs=
Subject key identifier: 4C:01:28:A1:94:9E:BC:CB:2D:06:B1:42:1C:9D:72:5C:A2:A4:53:23
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017F7C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/44C2DBD2A43B11F0A87E54A4DAE4EC9C.roa
Signing time: Wed 08 Oct 2025 11:38:12 +0000
ROA not before: Wed 08 Oct 2025 11:38:07 +0000
ROA not after: Sat 22 Nov 2025 11:38:07 +0000
asID: 401696
IP address blocks: 45.205.16.0/20 maxlen: 24
45.207.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98172 (0x17f7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 8 11:38:07 2025 GMT
Not After : Nov 22 11:38:07 2025 GMT
Subject: CN=68e64d23-1562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ad:91:94:aa:31:cc:a4:d9:2c:b1:e4:e1:60:
ff:9c:e9:63:de:9e:3f:0e:dd:47:bc:2e:82:0b:6d:
4b:7f:e5:73:4b:f2:8e:8b:ed:df:f9:d4:4c:c2:2e:
51:6d:11:76:81:b6:71:0f:e4:29:e6:2b:93:68:a5:
27:46:1a:1b:66:ed:0d:bf:32:b3:ac:2b:72:8f:4a:
0b:50:25:a8:4d:34:c9:8d:7b:31:cf:a5:4d:18:81:
fd:75:3b:c6:93:f8:f3:74:6e:7a:d6:41:43:93:7c:
72:8b:0b:ca:97:96:78:35:e0:69:b2:8a:3c:cf:c1:
31:c7:f9:b7:0d:7d:c1:5d:36:86:80:cb:89:23:9a:
2a:3d:fa:7e:f1:49:2c:e9:fb:e6:01:b6:30:e4:55:
c3:a3:e8:84:c9:65:6e:a5:01:47:7b:46:fd:f1:63:
65:69:48:b3:af:16:9a:49:77:e5:c4:8a:3c:80:96:
b1:a5:cd:3f:eb:57:03:cf:a8:ac:f9:a1:09:15:4c:
40:75:e5:14:52:ff:49:c5:40:a7:06:53:9c:87:05:
57:06:a0:c5:75:0e:0c:ba:13:c1:1b:d4:0b:2c:54:
bb:a0:24:1e:6b:56:65:e3:c5:46:e8:ee:76:28:27:
4b:b6:3c:d9:05:bb:d1:cf:40:38:7f:e3:26:7c:70:
e4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:01:28:A1:94:9E:BC:CB:2D:06:B1:42:1C:9D:72:5C:A2:A4:53:23
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/44C2DBD2A43B11F0A87E54A4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.16.0/20
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
14:b0:ca:f4:2c:33:40:b0:a8:35:10:f6:bf:e3:5f:77:e3:e9:
a0:ec:76:5e:09:5e:37:2b:29:40:2e:99:83:d6:a9:ec:df:85:
da:07:ae:0f:db:74:5d:11:71:00:00:2d:54:7d:ca:aa:66:8e:
c0:ca:4b:7d:93:e3:ae:a9:4d:fe:ee:42:b2:34:b8:b4:20:b1:
18:48:24:22:ef:e7:92:4a:ac:b4:86:b6:60:d6:19:42:a1:b5:
5c:53:eb:a3:08:5f:ed:17:21:5a:95:52:91:cb:d7:3b:c9:0d:
43:9d:1c:02:ae:1a:f0:c9:d9:a2:fa:51:90:52:f3:27:fd:d4:
e5:0e:34:db:4b:ac:db:af:a6:96:c1:aa:99:fe:78:71:08:f1:
21:ed:20:79:bc:2e:72:ae:e9:5c:16:03:01:db:45:a3:aa:de:
5c:e0:e7:73:dc:bc:05:d6:1b:d2:df:73:d0:21:5a:ad:11:32:
91:3e:f0:91:2f:91:ba:43:28:e5:1e:34:34:e3:6d:ee:64:1c:
b0:f9:7c:1b:3e:2a:03:84:00:fc:09:7e:5b:c0:9b:bd:4a:2d:
8a:52:53:ab:ae:e9:86:00:87:a6:c8:7b:9c:65:45:2c:ac:f1:
37:d9:ef:1c:f2:cd:2d:27:9e:a5:1b:88:54:42:06:0f:1f:14:
69:00:c3:e2
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAX98MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDA4MTEzODA3WhcNMjUxMTIyMTEzODA3WjAYMRYw
FAYDVQQDEw02OGU2NGQyMy0xNTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3q2RlKoxzKTZLLHk4WD/nOlj3p4/Dt1HvC6CC21Lf+VzS/KOi+3f+dRM
wi5RbRF2gbZxD+Qp5iuTaKUnRhobZu0NvzKzrCtyj0oLUCWoTTTJjXsxz6VNGIH9
dTvGk/jzdG561kFDk3xyiwvKl5Z4NeBpsoo8z8Exx/m3DX3BXTaGgMuJI5oqPfp+
8Uks6fvmAbYw5FXDo+iEyWVupQFHe0b98WNlaUizrxaaSXflxIo8gJaxpc0/61cD
z6is+aEJFUxAdeUUUv9JxUCnBlOchwVXBqDFdQ4MuhPBG9QLLFS7oCQea1Zl48VG
6O52KCdLtjzZBbvRz0A4f+MmfHDk3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEwB
KKGUnrzLLQaxQhydclyipFMjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NEMyREJEMkE0M0IxMUYwQTg3RTU0QTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQELc0QAwQFLc/AMA0GCSqGSIb3
DQEBCwUAA4IBAQAUsMr0LDNAsKg1EPa/41934+mg7HZeCV43KylALpmD1qns34Xa
B64P23RdEXEAAC1UfcqqZo7Aykt9k+OuqU3+7kKyNLi0ILEYSCQi7+eSSqy0hrZg
1hlCobVcU+ujCF/tFyFalVKRy9c7yQ1DnRwCrhrwydmi+lGQUvMn/dTlDjTbS6zb
r6aWwaqZ/nhxCPEh7SB5vC5yrulcFgMB20Wjqt5c4Odz3LwF1hvS33PQIVqtETKR
PvCRL5G6QyjlHjQ0423uZByw+XwbPioDhAD8CX5bwJu9Si2KUlOrrumGAIemyHuc
ZUUsrPE32e8c8s0tJ56lG4hUQgYPHxRpAMPi
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:06:14 2025 by rpki-client