Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FADC6894543A11F0A6CCCDA7DAE4EC9C.roa
File: FADC6894543A11F0A6CCCDA7DAE4EC9C.roa (raw, json)
Hash identifier: 9AHkQxuhJbd6JPXaA80dGymHw3n0vB59rYiLEz8X3lU=
Subject key identifier: C4:BF:3E:DF:29:58:BA:5D:1A:74:BD:9C:0A:5F:F8:E3:A0:30:58:11
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015F55
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FADC6894543A11F0A6CCCDA7DAE4EC9C.roa
Signing time: Sat 28 Jun 2025 16:14:35 +0000
ROA not before: Sat 28 Jun 2025 16:14:29 +0000
ROA not after: Sun 03 Aug 2025 16:14:29 +0000
asID: 138995
IP address blocks: 45.192.168.0/24 maxlen: 24
45.192.170.0/24 maxlen: 24
45.192.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89941 (0x15f55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 28 16:14:29 2025 GMT
Not After : Aug 3 16:14:29 2025 GMT
Subject: CN=686014ea-c97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0a:e0:0c:2b:cc:eb:90:1c:67:69:51:fc:d9:
05:34:ef:77:e3:c2:36:e0:ee:3a:e4:bc:d9:de:24:
f0:40:4b:d3:cb:10:50:32:78:12:cb:bf:e6:68:dc:
49:c6:e6:68:ae:16:3f:d5:30:c6:0a:36:30:53:88:
8c:b0:04:af:48:00:91:6d:f6:b0:c2:f8:c0:ce:a1:
95:cc:25:ce:a1:35:a5:76:27:63:ce:0b:4b:2c:91:
35:93:df:e3:27:5e:2d:ce:4e:98:93:cd:f8:c2:de:
31:fd:ed:05:85:65:f2:91:a6:88:bb:e4:f3:14:d6:
97:54:70:8b:80:b2:a9:a1:bb:b6:74:ea:0e:7d:69:
3d:ac:2e:a7:13:5f:7a:cd:3f:b0:f6:63:a7:f6:b2:
89:6a:a0:37:4e:68:c7:20:78:84:63:f6:e8:12:82:
bf:ff:95:ea:b1:94:c3:20:2e:69:41:5e:4e:2b:e1:
39:8c:2b:fb:3c:75:26:84:0d:9a:98:50:d9:95:7c:
fd:6a:ce:b6:47:54:ae:ca:50:0c:e4:d3:45:8a:92:
f6:3f:47:72:b7:0c:08:31:f9:7f:44:01:4a:db:2b:
79:3e:ae:16:c0:4e:e0:05:f4:19:c5:d8:a6:68:47:
70:0c:c8:42:d2:7c:dc:22:ae:77:7b:5a:29:10:0e:
1b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:BF:3E:DF:29:58:BA:5D:1A:74:BD:9C:0A:5F:F8:E3:A0:30:58:11
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FADC6894543A11F0A6CCCDA7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.168.0/24
45.192.170.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:23:be:97:9d:be:95:5d:97:37:00:42:c5:f3:c2:18:b8:d2:
59:4b:c7:32:ee:28:85:ad:69:79:fa:76:95:8e:f3:3a:5e:74:
1b:7b:bc:e3:6b:03:ba:9f:fa:1d:42:44:52:36:ea:9e:c0:33:
0b:31:fe:11:a1:ee:76:08:0b:40:1f:16:8d:b3:c5:51:7d:89:
44:0b:27:2a:14:9d:81:b7:0e:0a:6e:f2:8d:c2:cd:ba:c0:8c:
3f:9f:b3:11:c4:f3:b9:fe:05:0f:a7:8b:c8:17:3e:1e:37:e0:
90:1e:40:f1:9f:77:f3:17:66:17:33:eb:54:f8:c1:b5:3a:61:
0e:d3:c0:51:e7:9d:67:d9:e8:a9:2e:53:3e:d8:0c:dc:cb:a0:
ec:31:e4:e7:8c:7a:d2:31:f3:5f:0e:1d:94:03:4e:11:ef:42:
d5:b2:c3:41:02:e2:6a:4c:b7:f2:b8:80:20:81:25:bf:72:b9:
d3:eb:d7:80:79:42:82:fa:25:f9:45:76:15:70:e1:dd:d6:ac:
62:96:0d:06:74:84:85:0d:3d:47:eb:93:79:6b:22:d7:6a:37:
a3:43:93:26:ea:6c:c6:b8:d9:58:ca:15:09:2e:22:4d:5c:23:
8e:d6:eb:63:07:88:b4:8c:a2:e2:a6:3b:fb:c5:05:ca:76:80:
65:13:a8:a9
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAV9VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjI4MTYxNDI5WhcNMjUwODAzMTYxNDI5WjAYMRYw
FAYDVQQDEw02ODYwMTRlYS1jOTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQrgDCvM65AcZ2lR/NkFNO9348I24O465LzZ3iTwQEvTyxBQMngSy7/m
aNxJxuZorhY/1TDGCjYwU4iMsASvSACRbfawwvjAzqGVzCXOoTWldidjzgtLLJE1
k9/jJ14tzk6Yk834wt4x/e0FhWXykaaIu+TzFNaXVHCLgLKpobu2dOoOfWk9rC6n
E196zT+w9mOn9rKJaqA3TmjHIHiEY/boEoK//5XqsZTDIC5pQV5OK+E5jCv7PHUm
hA2amFDZlXz9as62R1SuylAM5NNFipL2P0dytwwIMfl/RAFK2yt5Pq4WwE7gBfQZ
xdimaEdwDMhC0nzcIq53e1opEA4b7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMS/
Pt8pWLpdGnS9nApf+OOgMFgRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQURDNjg5NDU0M0ExMUYwQTZDQ0NEQTdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcCoAwQBLcCqMA0GCSqGSIb3
DQEBCwUAA4IBAQA7I76Xnb6VXZc3AELF88IYuNJZS8cy7iiFrWl5+naVjvM6XnQb
e7zjawO6n/odQkRSNuqewDMLMf4Roe52CAtAHxaNs8VRfYlECycqFJ2Btw4KbvKN
ws26wIw/n7MRxPO5/gUPp4vIFz4eN+CQHkDxn3fzF2YXM+tU+MG1OmEO08BR551n
2eipLlM+2Azcy6DsMeTnjHrSMfNfDh2UA04R70LVssNBAuJqTLfyuIAggSW/crnT
69eAeUKC+iX5RXYVcOHd1qxilg0GdISFDT1H65N5ayLXajejQ5Mm6mzGuNlYyhUJ
LiJNXCOO1utjB4i0jKLipjv7xQXKdoBlE6ip
-----END CERTIFICATE-----
Generated at Mon Jun 30 16:01:05 2025 by rpki-client