Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75BBDAC6737211F08850E4D7DAE4EC9C.roa
File: 75BBDAC6737211F08850E4D7DAE4EC9C.roa (raw, json)
Hash identifier: lpqYbAYD3zKwFDnU1OR18AMkWZZuiV9UIGqw6sDLkqU=
Subject key identifier: 2E:C2:B6:9D:87:CB:96:24:5A:29:3D:6C:45:73:2F:66:D2:FC:86:83
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0169A1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75BBDAC6737211F08850E4D7DAE4EC9C.roa
Signing time: Thu 07 Aug 2025 09:39:49 +0000
ROA not before: Thu 07 Aug 2025 09:39:44 +0000
ROA not after: Thu 11 Sep 2025 09:39:44 +0000
asID: 203020
IP address blocks: 45.196.0.0/21 maxlen: 24
45.196.8.0/22 maxlen: 24
45.196.12.0/23 maxlen: 24
45.202.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92577 (0x169a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 7 09:39:44 2025 GMT
Not After : Sep 11 09:39:44 2025 GMT
Subject: CN=68947465-c2a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1d:b8:71:f2:b3:e0:02:b1:c3:c7:0a:d2:95:
99:1b:84:7f:74:b8:83:b9:a5:a5:18:64:6b:e1:7c:
db:2f:7f:40:35:60:eb:34:c0:7f:b6:30:dd:33:bb:
00:53:6d:84:e9:15:6a:9a:3e:ad:fe:e2:22:29:26:
a8:4c:4e:e4:27:4b:22:39:c9:27:0d:4c:10:bb:fb:
3b:92:1f:00:eb:36:8f:f3:f1:ff:4a:2f:d5:a8:44:
5e:9a:fe:0f:21:fb:95:d4:da:bd:17:70:4d:a5:43:
80:d8:12:43:81:6c:75:ff:31:8b:b1:bc:2b:41:b9:
be:ce:cc:1d:1c:33:dd:99:4e:b7:1c:3a:48:9a:c4:
80:66:ea:3e:2a:ad:c8:84:fa:a5:79:e7:61:c3:9d:
a7:71:dc:12:fa:1f:64:7d:68:0e:02:62:d1:e6:51:
62:91:b6:f0:38:c0:5b:2b:5e:e2:8f:c1:88:f6:ba:
1d:60:d8:36:0c:cf:38:00:07:c4:26:93:43:40:6d:
9f:ea:80:e3:5f:cc:c1:09:84:4c:1a:9b:56:20:de:
24:a3:c7:36:1a:b0:4c:6e:a7:bb:d7:69:cd:45:52:
a9:ee:63:f6:3a:a4:84:a6:e7:74:36:1f:5e:e1:c1:
c0:0b:29:4b:46:1b:bd:83:38:8b:4b:3e:35:7a:80:
ff:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C2:B6:9D:87:CB:96:24:5A:29:3D:6C:45:73:2F:66:D2:FC:86:83
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75BBDAC6737211F08850E4D7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.0.0-45.196.13.255
45.202.46.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:9e:0b:70:2e:bd:a5:2a:3b:7f:f6:f1:7c:c2:1c:3d:60:42:
73:65:5e:4e:6c:91:67:ec:f5:67:b7:bd:e6:d3:e8:26:04:5c:
63:e9:03:28:19:7d:cf:23:db:8d:bc:db:90:75:ac:7c:ea:a1:
a6:e4:33:88:a0:f8:cf:a1:ca:f0:09:79:7a:81:26:46:7b:17:
3e:46:e4:38:cf:41:00:ac:f0:9e:29:7c:0f:fe:43:c4:94:17:
b9:44:94:fd:ff:dc:d9:65:6c:59:9e:9f:31:ca:f5:bb:c5:c6:
b9:94:8e:6d:44:5f:96:70:27:fe:9d:68:a2:3b:fd:9f:94:79:
b9:3e:41:2f:c1:a7:94:94:d6:38:3f:10:4b:92:fe:e1:d6:72:
23:bb:89:d3:ee:ee:24:85:98:96:f4:2f:f3:7b:cd:27:6b:5c:
1b:e1:5f:03:b2:4e:84:ac:f7:a3:3c:7c:7a:d8:d6:b2:68:45:
37:67:23:e0:e6:11:c7:63:c3:f4:7f:60:02:38:bf:0a:35:19:
91:df:fd:87:98:6c:e0:28:db:21:de:cf:22:5a:9a:d0:52:2c:
32:15:16:60:90:b4:7d:21:2a:eb:e6:fc:e0:e8:2b:ee:46:bc:
7c:9f:c3:d3:20:5a:b9:65:70:95:6f:6d:fe:e8:52:1a:72:b7:
7f:32:b4:bd
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIDAWmhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODA3MDkzOTQ0WhcNMjUwOTExMDkzOTQ0WjAYMRYw
FAYDVQQDEw02ODk0NzQ2NS1jMmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5x24cfKz4AKxw8cK0pWZG4R/dLiDuaWlGGRr4XzbL39ANWDrNMB/tjDd
M7sAU22E6RVqmj6t/uIiKSaoTE7kJ0siOcknDUwQu/s7kh8A6zaP8/H/Si/VqERe
mv4PIfuV1Nq9F3BNpUOA2BJDgWx1/zGLsbwrQbm+zswdHDPdmU63HDpImsSAZuo+
Kq3IhPqleedhw52ncdwS+h9kfWgOAmLR5lFikbbwOMBbK17ij8GI9rodYNg2DM84
AAfEJpNDQG2f6oDjX8zBCYRMGptWIN4ko8c2GrBMbqe712nNRVKp7mP2OqSEpud0
Nh9e4cHACylLRhu9gziLSz41eoD/QQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFC7C
tp2Hy5YkWik9bEVzL2bS/IaDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NUJCREFDNjczNzIxMUYwODg1MEU0RDdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwItxAMEAS3EDAMEAC3KLjAN
BgkqhkiG9w0BAQsFAAOCAQEAep4LcC69pSo7f/bxfMIcPWBCc2VeTmyRZ+z1Z7e9
5tPoJgRcY+kDKBl9zyPbjbzbkHWsfOqhpuQziKD4z6HK8Al5eoEmRnsXPkbkOM9B
AKzwnil8D/5DxJQXuUSU/f/c2WVsWZ6fMcr1u8XGuZSObURflnAn/p1oojv9n5R5
uT5BL8GnlJTWOD8QS5L+4dZyI7uJ0+7uJIWYlvQv83vNJ2tcG+FfA7JOhKz3ozx8
etjWsmhFN2cj4OYRx2PD9H9gAji/CjUZkd/9h5hs4CjbId7PIlqa0FIsMhUWYJC0
fSEq6+b84Ogr7ka8fJ/D0yBauWVwlW9t/uhSGnK3fzK0vQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:01:44 2025 by rpki-client