Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21C758FEB4A511F0AB0EF2CBDAE4EC9C.roa
File: 21C758FEB4A511F0AB0EF2CBDAE4EC9C.roa (raw, json)
Hash identifier: un3V1pQheowzi4ExdP93izBnN7/+I0OGw8SlT/mYh0I=
Subject key identifier: 0A:3D:FD:4C:2C:0F:BE:AA:0D:64:11:46:4D:EA:5A:31:1D:32:7B:73
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0183A0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21C758FEB4A511F0AB0EF2CBDAE4EC9C.roa
Signing time: Wed 29 Oct 2025 08:56:18 +0000
ROA not before: Wed 29 Oct 2025 08:56:13 +0000
ROA not after: Tue 02 Dec 2025 08:56:13 +0000
asID: 147176
IP address blocks: 45.201.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99232 (0x183a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 29 08:56:13 2025 GMT
Not After : Dec 2 08:56:13 2025 GMT
Subject: CN=6901d6b2-b7a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3f:d8:1f:12:70:23:33:79:09:ac:8e:b4:61:
a2:66:ca:91:0e:1c:5e:6a:cf:8f:15:a0:64:89:6c:
44:66:67:58:7c:2f:90:f5:41:9f:ea:ba:00:ad:27:
2d:8b:03:dc:ef:b6:42:84:cd:c2:11:2a:50:42:20:
a7:ff:d7:63:35:da:aa:20:1c:0c:90:3c:5e:33:12:
53:06:43:32:70:4e:d7:a7:7d:09:51:ce:c7:a5:10:
bd:97:3f:25:be:a6:ca:e4:a6:b6:43:e1:d8:34:31:
ec:6c:c2:e1:3f:25:30:27:ec:e9:d7:26:42:2f:02:
db:75:6c:17:ea:dc:75:5f:0c:1a:e5:8a:06:d9:2d:
89:4f:6c:f7:72:e1:7d:84:39:38:4d:a2:c5:9f:2d:
37:9d:5b:43:08:b5:cb:ed:0b:b3:50:c1:43:64:c0:
a4:56:3e:f1:6c:38:5a:2e:63:1b:3a:dd:67:3b:08:
54:b4:76:75:6f:72:97:24:75:83:8e:7e:ad:ac:4b:
5d:86:8f:ac:d3:ba:42:d1:aa:e8:55:d0:68:8d:48:
37:44:d2:4a:92:3d:cf:2b:ba:8b:22:98:b4:ea:61:
24:bd:7a:ad:a3:01:86:cc:54:7f:41:ea:15:37:d8:
a4:36:a3:87:15:df:ea:4b:a2:50:b1:49:52:a8:18:
53:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:3D:FD:4C:2C:0F:BE:AA:0D:64:11:46:4D:EA:5A:31:1D:32:7B:73
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21C758FEB4A511F0AB0EF2CBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.1.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b3:b5:a6:33:63:3a:0f:d9:56:20:bc:66:a1:ee:05:19:e5:
91:90:1e:90:f6:09:13:7a:fe:b2:d3:b1:ad:7b:2d:ce:6c:8b:
1e:4d:a3:56:7a:34:fe:6c:4c:1c:c5:0a:2b:c6:80:d6:80:de:
5e:79:28:b5:86:81:ea:08:31:b7:b6:af:c4:e2:74:e3:51:0a:
56:2b:81:d3:fc:7b:01:21:06:3c:9a:56:35:3b:8a:73:e3:74:
72:ba:01:9b:e6:1d:0d:0d:9d:80:8f:dc:93:4c:11:8c:4b:23:
d1:52:5a:6b:5b:33:97:1f:94:f1:11:4c:a8:d6:52:e6:ef:d3:
a9:1c:aa:52:92:35:d7:ee:15:bb:14:7e:e3:00:16:dd:4a:62:
eb:6b:80:ae:ca:0a:d7:96:e3:e3:d8:9c:26:ac:08:43:cc:96:
c5:9f:42:0d:16:6a:20:db:00:2a:80:25:31:89:a8:d6:2e:26:
9a:42:d3:a9:11:43:cb:8c:13:91:d0:47:26:85:af:4b:2c:d3:
68:41:3e:a3:06:02:66:33:b2:45:41:61:48:5e:60:c7:bc:0b:
da:84:e8:37:cc:55:12:83:fc:3b:95:2f:11:5d:4f:86:23:9c:
25:58:82:94:b9:ac:53:0f:fc:45:8d:88:24:a5:e0:30:2a:b0:
d6:6a:5a:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYOgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDI5MDg1NjEzWhcNMjUxMjAyMDg1NjEzWjAYMRYw
FAYDVQQDEw02OTAxZDZiMi1iN2EzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyD/YHxJwIzN5CayOtGGiZsqRDhxeas+PFaBkiWxEZmdYfC+Q9UGf6roA
rSctiwPc77ZChM3CESpQQiCn/9djNdqqIBwMkDxeMxJTBkMycE7Xp30JUc7HpRC9
lz8lvqbK5Ka2Q+HYNDHsbMLhPyUwJ+zp1yZCLwLbdWwX6tx1Xwwa5YoG2S2JT2z3
cuF9hDk4TaLFny03nVtDCLXL7QuzUMFDZMCkVj7xbDhaLmMbOt1nOwhUtHZ1b3KX
JHWDjn6trEtdho+s07pC0aroVdBojUg3RNJKkj3PK7qLIpi06mEkvXqtowGGzFR/
QeoVN9ikNqOHFd/qS6JQsUlSqBhTeQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAo9
/UwsD76qDWQRRk3qWjEdMntzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMUM3NThGRUI0QTUxMUYwQUIwRUYyQ0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALckBMA0GCSqGSIb3DQEBCwUA
A4IBAQBDs7WmM2M6D9lWILxmoe4FGeWRkB6Q9gkTev6y07Gtey3ObIseTaNWejT+
bEwcxQorxoDWgN5eeSi1hoHqCDG3tq/E4nTjUQpWK4HT/HsBIQY8mlY1O4pz43Ry
ugGb5h0NDZ2Aj9yTTBGMSyPRUlprWzOXH5TxEUyo1lLm79OpHKpSkjXX7hW7FH7j
ABbdSmLra4CuygrXluPj2JwmrAhDzJbFn0INFmog2wAqgCUxiajWLiaaQtOpEUPL
jBOR0Ecmha9LLNNoQT6jBgJmM7JFQWFIXmDHvAvahOg3zFUSg/w7lS8RXU+GI5wl
WIKUuaxTD/xFjYgkpeAwKrDWalrc
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:49:47 2025 by rpki-client