Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F61902AE752D11F08633C69CDAE4EC9C.roa
File: F61902AE752D11F08633C69CDAE4EC9C.roa (raw, json)
Hash identifier: tgjY/dXs79Y1z02sEAXtY2WmcZ44s3y+O9HfPeFhvPU=
Subject key identifier: 59:98:42:FA:02:B4:3B:D6:0E:DC:00:D8:15:FD:6F:1E:48:AC:4A:61
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0169EA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F61902AE752D11F08633C69CDAE4EC9C.roa
Signing time: Sat 09 Aug 2025 14:34:31 +0000
ROA not before: Sat 09 Aug 2025 14:34:26 +0000
ROA not after: Mon 22 Sep 2025 14:34:26 +0000
asID: 40779
IP address blocks: 45.192.96.0/20 maxlen: 24
45.205.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92650 (0x169ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 9 14:34:26 2025 GMT
Not After : Sep 22 14:34:26 2025 GMT
Subject: CN=68975c77-2553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fb:5f:7d:4b:87:42:e0:75:8b:ce:e1:d8:b8:
1f:a4:41:f4:1e:50:69:f0:c9:fc:61:47:65:06:c3:
c5:e3:f3:f2:31:6d:1c:6b:9e:ee:26:2f:30:ac:a4:
3f:71:25:0f:17:0a:c1:28:66:de:3f:0c:22:e6:25:
0d:5d:c0:93:b7:ce:97:57:6e:63:30:a6:99:a8:86:
5d:17:c7:32:89:2b:e5:dd:4b:ca:6c:de:2c:aa:f8:
a2:4e:6c:b9:8c:c7:af:12:5f:a4:d0:73:3b:50:60:
c0:a5:cf:b4:89:fa:f2:f7:4e:18:0f:8a:aa:95:d8:
1c:53:77:09:3c:b0:de:da:6f:74:ae:5f:f8:5c:59:
ca:08:77:05:28:c9:8b:79:ff:0f:32:3f:ef:c9:3c:
31:95:26:79:23:0e:b7:12:83:7d:68:4a:7e:b7:09:
dd:62:94:40:8b:58:e0:d0:c0:bf:54:d6:fb:10:2d:
7c:bb:65:90:ca:b9:62:c3:4f:dc:c3:43:f2:72:fb:
86:91:c5:35:8e:e2:04:38:d0:ad:ac:52:01:30:7e:
67:be:c5:e0:14:34:72:2c:b8:96:9b:95:3a:7c:8c:
c7:ad:67:36:8e:58:1c:9f:f1:a8:06:85:7e:2d:e2:
4e:4e:59:d2:7f:3a:19:07:27:32:ab:22:3d:5d:4e:
4f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:98:42:FA:02:B4:3B:D6:0E:DC:00:D8:15:FD:6F:1E:48:AC:4A:61
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F61902AE752D11F08633C69CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/20
45.205.16.0/20
Signature Algorithm: sha256WithRSAEncryption
33:77:65:13:e8:f0:55:33:08:72:53:93:26:a8:b9:f6:56:6e:
44:88:43:c4:a2:09:ae:85:9e:9b:8b:63:a0:63:3f:88:9c:44:
e2:5d:14:f7:3e:f9:c4:5d:0d:45:d4:6c:0e:39:92:d6:52:6f:
36:4d:ad:e1:e4:32:57:b2:5e:24:a6:44:22:87:ad:5f:87:72:
11:b3:8c:4f:50:ab:06:12:e3:5f:10:2d:c2:01:38:24:e9:d0:
ba:21:76:64:c7:45:51:90:50:53:06:54:16:d8:f9:58:d2:39:
c7:10:56:91:a2:56:dd:3f:0f:33:25:7c:15:c1:b2:c1:be:95:
ac:02:2c:45:93:12:bf:dd:5c:ac:62:4e:18:6b:77:ce:ce:fe:
3b:8d:34:91:6f:c6:24:91:94:66:ba:64:61:ff:be:40:7b:a1:
c8:70:9e:eb:3c:94:7b:24:9e:2f:b4:87:b8:84:c0:e3:ee:8b:
4a:ae:09:ac:27:b3:62:59:5b:d2:88:19:75:9f:a0:e6:37:f0:
1a:e7:66:cf:46:7f:46:a7:6d:80:f4:6d:e5:c6:10:c9:00:fa:
54:eb:1c:7b:15:32:ff:b7:38:a2:ef:71:0b:03:fa:0c:8e:a0:
05:e2:7e:17:27:68:76:d3:62:fe:87:a9:61:b9:c0:f3:37:1c:
2b:5d:a6:40
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWnqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODA5MTQzNDI2WhcNMjUwOTIyMTQzNDI2WjAYMRYw
FAYDVQQDEw02ODk3NWM3Ny0yNTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1vtffUuHQuB1i87h2LgfpEH0HlBp8Mn8YUdlBsPF4/PyMW0ca57uJi8w
rKQ/cSUPFwrBKGbePwwi5iUNXcCTt86XV25jMKaZqIZdF8cyiSvl3UvKbN4sqvii
Tmy5jMevEl+k0HM7UGDApc+0ifry904YD4qqldgcU3cJPLDe2m90rl/4XFnKCHcF
KMmLef8PMj/vyTwxlSZ5Iw63EoN9aEp+twndYpRAi1jg0MC/VNb7EC18u2WQyrli
w0/cw0PycvuGkcU1juIEONCtrFIBMH5nvsXgFDRyLLiWm5U6fIzHrWc2jlgcn/Go
BoV+LeJOTlnSfzoZBycyqyI9XU5PwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFmY
QvoCtDvWDtwA2BX9bx5IrEphMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNjE5MDJBRTc1MkQxMUYwODYzM0M2OUNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQELcBgAwQELc0QMA0GCSqGSIb3
DQEBCwUAA4IBAQAzd2UT6PBVMwhyU5MmqLn2Vm5EiEPEogmuhZ6bi2OgYz+InETi
XRT3PvnEXQ1F1GwOOZLWUm82Ta3h5DJXsl4kpkQih61fh3IRs4xPUKsGEuNfEC3C
ATgk6dC6IXZkx0VRkFBTBlQW2PlY0jnHEFaRolbdPw8zJXwVwbLBvpWsAixFkxK/
3VysYk4Ya3fOzv47jTSRb8YkkZRmumRh/75Ae6HIcJ7rPJR7JJ4vtIe4hMDj7otK
rgmsJ7NiWVvSiBl1n6DmN/Aa52bPRn9Gp22A9G3lxhDJAPpU6xx7FTL/tzii73EL
A/oMjqAF4n4XJ2h202L+h6lhucDzNxwrXaZA
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:17:11 2025 by rpki-client