Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7C545FD27F2C11F08CA3E6E9DAE4EC9C.roa
File: 7C545FD27F2C11F08CA3E6E9DAE4EC9C.roa (raw, json)
Hash identifier: ecXvyzFhQiNWbQQboQX7X+rK66gWaEKc/4Gy+qyj3IA=
Subject key identifier: 53:3F:2B:E4:F7:D1:FA:73:8D:A4:7E:AF:9C:BB:FB:E4:49:A1:C5:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016E9D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7C545FD27F2C11F08CA3E6E9DAE4EC9C.roa
Signing time: Fri 22 Aug 2025 07:49:09 +0000
ROA not before: Fri 22 Aug 2025 07:49:04 +0000
ROA not after: Fri 29 Aug 2025 07:49:04 +0000
asID: 3257
IP address blocks: 45.199.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93853 (0x16e9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 22 07:49:04 2025 GMT
Not After : Aug 29 07:49:04 2025 GMT
Subject: CN=68a820f5-8c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:25:44:31:ab:31:6c:e7:71:6f:f2:dc:7c:58:
97:68:1d:a2:76:57:5a:f8:cc:9a:0e:d4:c8:60:a4:
e7:3b:1e:22:b7:51:46:9b:84:d3:8d:01:1a:19:74:
e6:8d:2d:84:56:40:10:e3:b7:c4:97:35:63:55:03:
3e:23:20:8a:dd:3c:0d:2b:49:7c:1b:39:db:51:21:
ba:c4:c6:19:52:fc:52:1a:81:97:49:0a:5f:53:3e:
75:84:13:9e:cb:d2:6b:40:f3:ae:e2:cd:17:72:92:
e7:61:b5:ee:43:80:4f:87:d7:e7:cc:eb:bf:8e:94:
47:ac:b0:ae:a7:59:2f:ef:bc:88:5b:12:e7:25:76:
62:12:c9:0d:e8:19:af:6f:43:28:7f:61:66:fb:c1:
51:dd:d6:d7:a5:c5:75:0d:8a:fc:1a:6e:27:63:2f:
f7:64:23:cb:5c:77:c2:7e:d5:b4:7e:c5:bb:85:d2:
0d:b8:8d:6e:13:66:13:b8:3a:3f:aa:fc:1f:1f:f6:
8d:ee:7c:fb:85:df:14:29:ee:bb:e0:9c:ab:cf:ad:
4b:fd:ef:59:bd:31:b3:2a:dd:b6:3c:81:ec:49:90:
b0:0c:af:d3:e4:07:8f:a3:3d:bd:24:08:14:33:78:
0d:16:19:11:58:53:d4:10:97:d5:a1:d5:bf:88:7c:
1f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:3F:2B:E4:F7:D1:FA:73:8D:A4:7E:AF:9C:BB:FB:E4:49:A1:C5:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7C545FD27F2C11F08CA3E6E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.149.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:dd:f9:12:54:86:38:f8:f2:42:28:39:25:de:a4:69:8a:cb:
24:72:79:ae:0c:97:00:02:94:e3:ca:25:83:98:dc:7a:d8:ed:
05:b7:fd:c9:5c:c3:fb:86:5b:cc:5b:a6:9f:99:89:83:9a:d6:
b3:bf:5b:f5:00:68:2c:f2:20:05:24:4e:aa:18:ef:05:fa:ef:
b9:4a:36:ad:29:8a:e0:22:34:5f:23:d9:b1:7a:4f:77:38:bb:
34:32:7c:f5:9f:0d:57:02:b3:cf:79:c2:19:7e:63:ba:e3:7d:
e8:0b:3e:93:d0:01:f0:49:c1:bc:18:5b:d1:ba:7a:67:88:b8:
d0:10:e4:6b:3b:dc:ca:3f:38:8b:bd:07:d0:17:72:6d:a9:e6:
7b:f5:36:dd:b6:1b:d6:42:f5:6e:f2:a2:76:36:98:b8:dd:af:
92:85:48:06:eb:9d:91:34:46:6c:6a:99:53:24:b3:ed:f0:64:
20:7e:3d:6a:b3:d2:48:17:6e:cf:09:04:05:71:2d:25:1e:11:
ef:24:12:0e:2d:26:85:86:0f:dc:c7:0c:0a:cf:8a:fa:65:b9:
55:14:ef:e5:0a:5a:da:b8:fd:82:5f:e0:d3:f4:59:6a:57:72:
53:e7:b9:fd:56:3a:f9:9e:a0:0e:fb:67:8f:f5:ac:a5:8e:ad:
e6:20:50:c1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAW6dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIyMDc0OTA0WhcNMjUwODI5MDc0OTA0WjAYMRYw
FAYDVQQDEw02OGE4MjBmNS04YzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApiVEMasxbOdxb/LcfFiXaB2idlda+MyaDtTIYKTnOx4it1FGm4TTjQEa
GXTmjS2EVkAQ47fElzVjVQM+IyCK3TwNK0l8GznbUSG6xMYZUvxSGoGXSQpfUz51
hBOey9JrQPOu4s0XcpLnYbXuQ4BPh9fnzOu/jpRHrLCup1kv77yIWxLnJXZiEskN
6Bmvb0Mof2Fm+8FR3dbXpcV1DYr8Gm4nYy/3ZCPLXHfCftW0fsW7hdINuI1uE2YT
uDo/qvwfH/aN7nz7hd8UKe674Jyrz61L/e9ZvTGzKt22PIHsSZCwDK/T5AePoz29
JAgUM3gNFhkRWFPUEJfVodW/iHwf7wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFM/
K+T30fpzjaR+r5y7++RJocXcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QzU0NUZEMjdGMkMxMUYwOENBM0U2RTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALceVMA0GCSqGSIb3DQEBCwUA
A4IBAQAP3fkSVIY4+PJCKDkl3qRpisskcnmuDJcAApTjyiWDmNx62O0Ft/3JXMP7
hlvMW6afmYmDmtazv1v1AGgs8iAFJE6qGO8F+u+5SjatKYrgIjRfI9mxek93OLs0
Mnz1nw1XArPPecIZfmO6433oCz6T0AHwScG8GFvRunpniLjQEORrO9zKPziLvQfQ
F3JtqeZ79TbdthvWQvVu8qJ2Npi43a+ShUgG652RNEZsaplTJLPt8GQgfj1qs9JI
F27PCQQFcS0lHhHvJBIOLSaFhg/cxwwKz4r6ZblVFO/lClrauP2CX+DT9FlqV3JT
57n9Vjr5nqAO+2eP9ayljq3mIFDB
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:05:46 2025 by rpki-client