Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/901A43247E1411F0A70652A5DAE4EC9C.roa
File: 901A43247E1411F0A70652A5DAE4EC9C.roa (raw, json)
Hash identifier: eqTognqvbPYGgD93E5vAa16p51jZr3LW7Rev4z3UBoA=
Subject key identifier: 1C:5A:CA:1C:D5:D5:53:5F:12:CE:58:DC:E8:E0:92:64:B1:FB:01:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016CF3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/901A43247E1411F0A70652A5DAE4EC9C.roa
Signing time: Wed 20 Aug 2025 22:25:24 +0000
ROA not before: Wed 20 Aug 2025 22:25:18 +0000
ROA not after: Sat 22 Jul 2028 22:25:18 +0000
asID: 17561
IP address blocks: 45.192.1.0/24 maxlen: 24
45.194.116.0/24 maxlen: 24
45.194.117.0/24 maxlen: 24
45.194.120.0/24 maxlen: 24
45.194.128.0/24 maxlen: 24
45.194.129.0/24 maxlen: 24
45.194.130.0/24 maxlen: 24
45.194.131.0/24 maxlen: 24
45.194.132.0/24 maxlen: 24
45.194.133.0/24 maxlen: 24
45.194.134.0/24 maxlen: 24
45.194.135.0/24 maxlen: 24
45.194.136.0/24 maxlen: 24
45.194.137.0/24 maxlen: 24
45.194.138.0/24 maxlen: 24
45.194.139.0/24 maxlen: 24
45.194.140.0/24 maxlen: 24
45.195.87.0/24 maxlen: 24
45.200.121.0/24 maxlen: 24
45.207.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93427 (0x16cf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 22:25:18 2025 GMT
Not After : Jul 22 22:25:18 2028 GMT
Subject: CN=68a64b54-8132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2f:0d:bd:f8:0c:2f:dd:83:f3:05:c9:b5:48:
c2:cc:26:ab:c0:86:fb:62:94:ba:25:45:83:27:27:
96:2f:16:21:08:27:b4:3f:8e:c4:37:be:18:5c:85:
40:e1:3e:84:dd:4e:74:92:80:b2:3f:e0:bb:ef:8c:
4a:8c:a5:e8:39:ae:34:ad:f8:5c:32:a8:c0:98:cd:
69:f4:c9:78:c2:b5:4d:f3:e9:18:9a:47:35:79:b0:
5c:54:de:ae:2d:7a:5d:99:85:b5:ba:42:4b:75:d9:
ed:eb:e8:70:67:0e:e0:1a:cc:6c:a0:e0:b6:f6:5e:
1c:e6:fb:bd:f1:3c:4c:64:f9:35:3e:8c:a3:b7:cf:
4d:f4:87:12:b9:0d:aa:67:be:8a:45:28:36:1f:dd:
57:98:62:9f:24:70:2c:3a:89:31:95:bd:99:7c:e3:
14:07:f1:44:fa:5f:dd:be:0c:f7:c9:a9:73:94:b9:
68:ca:08:68:77:f4:ff:2f:a6:f3:f2:82:73:31:e1:
be:b3:e0:d9:5f:09:2a:20:cc:64:ff:e4:cf:23:2c:
cf:f2:18:98:80:9b:df:ab:33:56:bd:a5:87:95:57:
f4:f9:14:68:bb:e5:28:f4:31:7e:5a:c6:ee:d9:29:
95:67:f0:42:0d:52:39:62:f0:78:0b:3f:4a:1e:23:
24:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5A:CA:1C:D5:D5:53:5F:12:CE:58:DC:E8:E0:92:64:B1:FB:01:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/901A43247E1411F0A70652A5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.1.0/24
45.194.116.0/23
45.194.120.0/24
45.194.128.0-45.194.140.255
45.195.87.0/24
45.200.121.0/24
45.207.61.0/24
Signature Algorithm: sha256WithRSAEncryption
35:8c:ca:96:42:8c:65:45:98:bb:63:43:05:35:b9:22:c1:b1:
e5:47:63:17:f2:de:26:88:cc:5d:16:7b:ef:bb:72:af:58:7b:
63:ba:46:44:dc:dd:58:28:29:17:17:bb:49:bc:fa:31:da:2a:
0d:57:55:99:86:f0:80:e4:bb:9f:fe:29:d0:15:80:77:0b:36:
a4:73:16:ee:45:69:b0:d3:8a:b1:b4:1b:42:90:9b:6b:bf:fc:
92:02:b6:3e:a4:f7:fe:be:e5:7f:04:0e:25:be:03:c4:a3:c7:
ec:d8:b6:c9:93:69:fe:73:0e:35:c0:70:26:f5:1a:7a:b6:ea:
f1:1f:8f:d8:dc:86:1c:83:e8:72:38:e7:1d:9e:86:14:c5:77:
ab:e7:52:e0:3a:5d:24:e1:fb:ec:d7:15:9e:d7:57:82:c1:30:
67:4b:e6:95:40:76:8a:ca:c8:47:07:d8:62:42:7e:d4:26:55:
27:9a:27:6b:4c:ea:2c:86:5a:d7:01:b2:a0:29:bc:38:f5:ab:
8a:7d:13:26:4a:09:fa:64:14:e2:ea:b2:3d:48:8c:06:d2:a6:
ed:a1:3d:5f:80:52:5c:12:ba:c3:75:45:d6:2d:b1:e5:39:e6:
b3:54:9b:d3:65:79:6e:48:8b:88:d7:e1:20:c2:5a:2e:82:83:
cf:c7:21:cd
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIDAWzzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIwMjIyNTE4WhcNMjgwNzIyMjIyNTE4WjAYMRYw
FAYDVQQDEw02OGE2NGI1NC04MTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuC8NvfgML92D8wXJtUjCzCarwIb7YpS6JUWDJyeWLxYhCCe0P47EN74Y
XIVA4T6E3U50koCyP+C774xKjKXoOa40rfhcMqjAmM1p9Ml4wrVN8+kYmkc1ebBc
VN6uLXpdmYW1ukJLddnt6+hwZw7gGsxsoOC29l4c5vu98TxMZPk1Poyjt89N9IcS
uQ2qZ76KRSg2H91XmGKfJHAsOokxlb2ZfOMUB/FE+l/dvgz3yalzlLloyghod/T/
L6bz8oJzMeG+s+DZXwkqIMxk/+TPIyzP8hiYgJvfqzNWvaWHlVf0+RRou+Uo9DF+
Wsbu2SmVZ/BCDVI5YvB4Cz9KHiMk8QIDAQABo4ICzjCCAsowHQYDVR0OBBYEFBxa
yhzV1VNfEs5Y3OjgkmSx+wFlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MDFBNDMyNDdFMTQxMUYwQTcwNjUyQTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALcABAwQBLcJ0AwQALcJ4MAwD
BActwoADBAAtwowDBAAtw1cDBAAtyHkDBAAtzz0wDQYJKoZIhvcNAQELBQADggEB
ADWMypZCjGVFmLtjQwU1uSLBseVHYxfy3iaIzF0We++7cq9Ye2O6RkTc3VgoKRcX
u0m8+jHaKg1XVZmG8IDku5/+KdAVgHcLNqRzFu5FabDTirG0G0KQm2u//JICtj6k
9/6+5X8EDiW+A8Sjx+zYtsmTaf5zDjXAcCb1Gnq26vEfj9jchhyD6HI45x2ehhTF
d6vnUuA6XSTh++zXFZ7XV4LBMGdL5pVAdorKyEcH2GJCftQmVSeaJ2tM6iyGWtcB
sqApvDj1q4p9EyZKCfpkFOLqsj1IjAbSpu2hPV+AUlwSusN1RdYtseU55rNUm9Nl
eW5Ii4jX4SDCWi6Cg8/HIc0=
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:20:23 2025 by rpki-client