Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53E96B127DFD11F0BC049E90DAE4EC9C.roa
File: 53E96B127DFD11F0BC049E90DAE4EC9C.roa (raw, json)
Hash identifier: Poeevzjn/zqCw9O7gnTcczVHYMak9JE36O+zSymsUpY=
Subject key identifier: 15:60:F9:93:36:8F:42:E2:4C:D0:DF:9C:72:95:12:EB:6A:37:73:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016CAC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53E96B127DFD11F0BC049E90DAE4EC9C.roa
Signing time: Wed 20 Aug 2025 19:39:04 +0000
ROA not before: Wed 20 Aug 2025 19:38:58 +0000
ROA not after: Mon 29 May 2028 19:38:58 +0000
asID: 17561
IP address blocks: 45.197.167.0/24 maxlen: 24
45.197.172.0/24 maxlen: 24
45.197.173.0/24 maxlen: 24
45.197.174.0/24 maxlen: 24
45.197.175.0/24 maxlen: 24
45.197.176.0/24 maxlen: 24
45.197.177.0/24 maxlen: 24
45.197.178.0/24 maxlen: 24
45.197.179.0/24 maxlen: 24
45.197.180.0/24 maxlen: 24
45.197.181.0/24 maxlen: 24
45.197.182.0/24 maxlen: 24
45.197.183.0/24 maxlen: 24
45.197.184.0/24 maxlen: 24
45.197.185.0/24 maxlen: 24
45.197.186.0/24 maxlen: 24
45.197.187.0/24 maxlen: 24
45.197.188.0/24 maxlen: 24
45.197.189.0/24 maxlen: 24
45.197.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93356 (0x16cac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 19:38:58 2025 GMT
Not After : May 29 19:38:58 2028 GMT
Subject: CN=68a62458-efbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2f:95:75:c2:8a:4a:65:6d:93:5e:0b:96:6f:
77:ac:7b:17:b3:98:67:c3:05:ba:3d:88:91:0e:fb:
75:0e:8d:47:e3:f3:a2:2c:54:b5:a3:c3:9b:ba:dc:
0f:b0:f9:87:a2:74:01:cc:64:83:be:b2:a6:64:8b:
78:9b:54:3d:70:4d:b3:6c:cd:85:88:d6:d0:d5:2a:
8b:7d:2c:9a:a6:70:b2:0a:9b:ba:7d:b4:ad:f0:b2:
d2:d9:2a:31:56:4f:92:33:33:e7:cb:ba:9b:5b:ef:
79:6b:1b:21:a0:72:86:d5:15:4c:6e:c4:e9:a9:ca:
a8:00:a8:c3:2b:04:96:c5:4e:3a:90:d6:6b:f2:18:
43:4a:dc:ac:68:22:cc:8a:64:48:b7:c7:ef:2a:a1:
07:cf:ad:f9:e4:4e:45:bd:e4:d1:18:ff:4b:80:51:
23:0c:54:7c:3b:46:e7:02:59:47:2f:90:08:b8:7b:
6f:1a:1a:bb:a0:e8:42:32:ba:bc:53:95:c4:07:85:
58:4e:d3:4b:14:76:07:d1:11:a7:84:06:0a:ec:4b:
a8:ed:6c:98:37:00:eb:5d:8a:d6:7d:5a:dd:c6:18:
fa:ee:6c:ce:51:25:96:70:fb:2f:d3:35:08:97:38:
bd:9c:40:e0:31:63:af:34:f8:5f:d8:20:d8:c7:07:
4f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:60:F9:93:36:8F:42:E2:4C:D0:DF:9C:72:95:12:EB:6A:37:73:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53E96B127DFD11F0BC049E90DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.167.0/24
45.197.172.0-45.197.190.255
Signature Algorithm: sha256WithRSAEncryption
7d:2b:43:89:3f:f0:77:69:65:7e:78:d7:fe:14:f6:43:73:88:
a9:2e:45:18:9a:cd:d3:8b:0b:ec:44:73:fb:00:25:13:f6:fb:
db:37:53:2d:1e:85:f7:ae:66:83:b2:de:50:3e:dd:98:3e:4a:
d2:f5:08:96:39:0b:57:a2:44:0a:10:dc:c7:c3:90:c3:b0:f5:
2c:71:96:82:e4:4c:2c:b1:b3:90:49:ee:57:ea:fb:f5:70:6a:
91:e7:ee:4a:a7:05:c5:3c:24:b4:2b:7c:94:e4:f2:cb:f1:06:
0a:8e:0e:5a:51:19:95:36:42:c7:97:10:98:22:aa:48:3b:3b:
3c:6e:cb:95:c9:23:61:c6:97:f0:37:85:22:bc:bb:38:db:9b:
1b:73:0f:4d:f9:09:fe:dc:55:b5:0e:ec:7d:d8:4d:10:11:8e:
cf:4e:6d:88:d1:48:00:e6:b8:a0:5e:9a:02:e8:86:c4:1a:98:
4d:9f:02:16:bb:dd:e0:13:3d:14:19:dc:11:69:45:f4:9b:52:
77:14:ce:f4:e3:9b:fa:65:2c:aa:17:6a:f0:4f:0b:62:fa:9a:
75:21:5c:6b:b0:41:fd:05:86:bc:ad:80:76:38:80:29:8e:92:
27:6f:e2:26:de:0d:b4:93:df:95:77:e4:c5:78:b9:94:b8:af:
2a:41:15:af
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAWysMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIwMTkzODU4WhcNMjgwNTI5MTkzODU4WjAYMRYw
FAYDVQQDEw02OGE2MjQ1OC1lZmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyC+VdcKKSmVtk14Llm93rHsXs5hnwwW6PYiRDvt1Do1H4/OiLFS1o8Ob
utwPsPmHonQBzGSDvrKmZIt4m1Q9cE2zbM2FiNbQ1SqLfSyapnCyCpu6fbSt8LLS
2SoxVk+SMzPny7qbW+95axshoHKG1RVMbsTpqcqoAKjDKwSWxU46kNZr8hhDStys
aCLMimRIt8fvKqEHz6355E5FveTRGP9LgFEjDFR8O0bnAllHL5AIuHtvGhq7oOhC
Mrq8U5XEB4VYTtNLFHYH0RGnhAYK7Euo7WyYNwDrXYrWfVrdxhj67mzOUSWWcPsv
0zUIlzi9nEDgMWOvNPhf2CDYxwdPlQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFBVg
+ZM2j0LiTNDfnHKVEutqN3M0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81M0U5NkIxMjdERkQxMUYwQkMwNDlFOTBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALcWnMAwDBAItxawDBAAtxb4w
DQYJKoZIhvcNAQELBQADggEBAH0rQ4k/8HdpZX541/4U9kNziKkuRRiazdOLC+xE
c/sAJRP2+9s3Uy0ehfeuZoOy3lA+3Zg+StL1CJY5C1eiRAoQ3MfDkMOw9SxxloLk
TCyxs5BJ7lfq+/VwapHn7kqnBcU8JLQrfJTk8svxBgqODlpRGZU2QseXEJgiqkg7
Ozxuy5XJI2HGl/A3hSK8uzjbmxtzD035Cf7cVbUO7H3YTRARjs9ObYjRSADmuKBe
mgLohsQamE2fAha73eATPRQZ3BFpRfSbUncUzvTjm/plLKoXavBPC2L6mnUhXGuw
Qf0FhrytgHY4gCmOkidv4ibeDbST35V35MV4uZS4rypBFa8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:04:23 2025 by rpki-client