Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/125D36EAAFF011F0B915BAB2DAE4EC9C.roa
File: 125D36EAAFF011F0B915BAB2DAE4EC9C.roa (raw, json)
Hash identifier: 4u8HckTI9kP7OgvtGYsl4eJ1xoWQRNR2D2LV20v0P74=
Subject key identifier: 8F:E2:53:38:F2:BD:B7:B3:A4:19:73:46:BF:11:51:66:1A:2D:CE:50
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018229
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/125D36EAAFF011F0B915BAB2DAE4EC9C.roa
Signing time: Thu 23 Oct 2025 09:10:09 +0000
ROA not before: Thu 23 Oct 2025 09:10:04 +0000
ROA not after: Sun 23 Nov 2025 09:10:04 +0000
asID: 138910
IP address blocks: 45.195.240.0/24 maxlen: 24
45.195.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98857 (0x18229)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 23 09:10:04 2025 GMT
Not After : Nov 23 09:10:04 2025 GMT
Subject: CN=68f9f0f1-e2ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c2:b1:ed:fd:51:72:fc:0f:e7:f6:08:45:6b:
fc:1d:34:8c:65:9e:c5:ea:ad:37:93:db:a0:35:79:
94:3e:62:63:77:e5:fe:b6:4a:2d:41:2b:00:4a:26:
ec:9b:ff:c9:08:64:df:0f:e5:28:11:5e:02:5a:73:
22:d8:c1:da:ca:bc:d4:b4:05:72:94:1b:f0:70:d6:
2e:28:71:03:fb:aa:6f:0d:1c:39:84:f9:f0:12:2e:
e3:5c:63:91:c1:be:1c:06:35:7c:ad:40:68:a8:55:
45:3a:1b:03:9e:1b:33:58:24:dd:ac:1f:b8:5d:5a:
67:0b:ff:b8:df:e6:3c:02:ec:10:d1:03:92:fa:67:
3e:05:61:46:63:35:9e:d5:28:09:6e:08:8e:c2:12:
da:28:43:05:30:e0:17:bf:a3:cf:5d:10:a4:3b:52:
b2:e0:d7:aa:0a:2d:23:67:1d:80:ce:da:9b:f6:7b:
ed:82:a0:5f:8d:b9:5a:c1:b9:78:c0:20:23:63:28:
b4:0b:2b:03:af:7b:5c:e9:9d:37:a5:f8:db:80:0f:
6a:10:ca:72:8a:ee:a0:db:3e:b2:31:af:09:0a:da:
1b:68:cb:83:c3:07:c1:dd:fd:cb:43:57:d9:74:81:
e2:07:b5:c6:99:02:44:75:ef:72:f2:52:3e:ab:38:
57:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E2:53:38:F2:BD:B7:B3:A4:19:73:46:BF:11:51:66:1A:2D:CE:50
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/125D36EAAFF011F0B915BAB2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.240.0/23
Signature Algorithm: sha256WithRSAEncryption
18:05:65:4c:17:b2:02:f3:e8:fb:2b:b0:65:a4:76:9d:87:5a:
53:f2:cf:d0:d6:53:46:49:dc:31:bb:10:cd:07:fe:3f:e5:3a:
ae:6c:d8:fe:eb:3d:3d:1a:1a:df:84:bd:94:f2:19:0f:75:9f:
fd:ae:96:c2:56:3e:f0:d0:7b:f7:47:82:3a:7c:23:db:6e:54:
02:db:ad:97:27:bd:51:7a:85:e5:5e:27:8f:47:7b:98:ce:e3:
80:c0:be:99:28:6a:07:d9:ca:de:74:15:be:a2:b7:05:85:68:
7e:78:94:67:1f:dc:1a:f5:7c:7f:ff:31:0e:e2:f6:80:c1:9f:
37:1b:cd:52:69:29:9d:f8:f4:fe:64:9a:3e:c3:91:cf:77:16:
34:b6:e4:ad:d1:50:55:a8:dd:7c:88:81:1d:73:cd:65:b9:d1:
63:c6:4b:88:c9:9c:5f:cd:56:33:d3:ca:47:a3:7a:01:30:b2:
e0:eb:92:60:8f:75:e7:0f:da:9f:ee:4d:02:e1:68:32:b9:ee:
db:34:16:2a:99:43:ea:cb:2e:04:79:b9:a2:dc:c1:02:ec:ae:
cd:80:9c:d2:c0:fa:a7:ed:b1:1e:20:63:fc:d7:f2:aa:3e:51:
20:2e:e2:cc:54:b3:c6:6c:14:1d:22:3d:20:ef:52:52:22:6c:
b2:13:34:7c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYIpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDIzMDkxMDA0WhcNMjUxMTIzMDkxMDA0WjAYMRYw
FAYDVQQDEw02OGY5ZjBmMS1lMmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA48Kx7f1RcvwP5/YIRWv8HTSMZZ7F6q03k9ugNXmUPmJjd+X+tkotQSsA
Sibsm//JCGTfD+UoEV4CWnMi2MHayrzUtAVylBvwcNYuKHED+6pvDRw5hPnwEi7j
XGORwb4cBjV8rUBoqFVFOhsDnhszWCTdrB+4XVpnC/+43+Y8AuwQ0QOS+mc+BWFG
YzWe1SgJbgiOwhLaKEMFMOAXv6PPXRCkO1Ky4NeqCi0jZx2Aztqb9nvtgqBfjbla
wbl4wCAjYyi0CysDr3tc6Z03pfjbgA9qEMpyiu6g2z6yMa8JCtobaMuDwwfB3f3L
Q1fZdIHiB7XGmQJEde9y8lI+qzhXCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI/i
UzjyvbezpBlzRr8RUWYaLc5QMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMjVEMzZFQUFGRjAxMUYwQjkxNUJBQjJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcPwMA0GCSqGSIb3DQEBCwUA
A4IBAQAYBWVMF7IC8+j7K7BlpHadh1pT8s/Q1lNGSdwxuxDNB/4/5TqubNj+6z09
GhrfhL2U8hkPdZ/9rpbCVj7w0Hv3R4I6fCPbblQC262XJ71ReoXlXiePR3uYzuOA
wL6ZKGoH2credBW+orcFhWh+eJRnH9wa9Xx//zEO4vaAwZ83G81SaSmd+PT+ZJo+
w5HPdxY0tuSt0VBVqN18iIEdc81ludFjxkuIyZxfzVYz08pHo3oBMLLg65Jgj3Xn
D9qf7k0C4Wgyue7bNBYqmUPqyy4Eebmi3MEC7K7NgJzSwPqn7bEeIGP81/KqPlEg
LuLMVLPGbBQdIj0g71JSImyyEzR8
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:58:44 2025 by rpki-client