Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67ACF100B31811F0A7F6C4E9DAE4EC9C.roa
File: 67ACF100B31811F0A7F6C4E9DAE4EC9C.roa (raw, json)
Hash identifier: EQQ0alewC+2aif5PD2w/Ovitgpm+j+3qRcCJhguhKng=
Subject key identifier: 4D:A9:B8:64:4F:3B:EF:9E:D0:19:7A:BC:AC:DC:D5:97:DC:65:E9:98
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0182C5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67ACF100B31811F0A7F6C4E9DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 09:36:25 +0000
ROA not before: Mon 27 Oct 2025 09:36:19 +0000
ROA not after: Sun 23 Nov 2025 09:36:19 +0000
asID: 27951
IP address blocks: 45.195.254.0/24 maxlen: 24
45.196.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99013 (0x182c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 27 09:36:19 2025 GMT
Not After : Nov 23 09:36:19 2025 GMT
Subject: CN=68ff3d19-5c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:47:32:42:8c:4f:8c:2f:a6:c4:cc:0b:a6:04:
b8:3e:12:d6:1b:f8:99:53:83:f1:bf:bf:de:09:2f:
b2:d7:d1:a6:40:05:8d:03:aa:f2:0a:43:ab:6e:45:
0f:38:49:2e:19:57:47:50:1e:93:51:f1:3a:4d:16:
f4:42:e8:b6:7f:a4:5e:20:83:75:c9:dd:d7:fe:96:
ec:62:98:4b:33:23:37:4f:d6:f0:9f:4e:6b:2c:ce:
a0:0d:49:17:44:3b:ee:5e:8e:44:40:e3:a4:9b:57:
85:1b:60:59:16:4a:bc:d4:86:8b:a5:80:65:b4:ef:
ee:a0:7d:41:a2:38:d4:17:ad:dc:93:b8:39:25:ae:
6c:9e:a8:19:02:c3:a6:e4:15:67:b7:9c:97:08:9d:
95:b8:a4:24:51:e4:36:2f:bf:6e:29:7f:c6:03:81:
4c:bb:8c:b8:57:3e:c1:7c:9e:98:67:12:bc:d8:ec:
06:c8:63:0f:2d:09:32:98:cf:9e:26:57:c6:99:6f:
6e:c8:aa:53:b7:85:9c:f8:1a:f8:7f:59:0c:07:68:
48:29:5a:e3:ff:5d:9d:84:d6:e9:d3:76:3a:53:c8:
14:6a:b9:0b:de:4b:f3:57:1c:95:d0:4c:e4:b4:28:
9f:2f:da:d4:1b:0a:f6:6b:ec:36:63:04:87:00:ab:
db:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A9:B8:64:4F:3B:EF:9E:D0:19:7A:BC:AC:DC:D5:97:DC:65:E9:98
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67ACF100B31811F0A7F6C4E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.254.0/24
45.196.91.0/24
Signature Algorithm: sha256WithRSAEncryption
97:3b:0c:cb:1d:9e:8b:3f:b5:af:12:2a:25:67:47:97:39:c9:
26:60:4a:7c:8b:07:e3:a6:26:da:5a:b6:2c:78:2d:da:af:7a:
e9:c6:04:a4:dc:4e:58:7e:55:11:39:12:87:72:ff:4a:d8:f7:
2a:02:26:90:8d:4c:0c:14:fc:f9:a6:98:a0:5f:30:f5:04:98:
09:cd:82:ca:a4:4c:d9:b3:ec:61:b6:95:27:b7:68:c1:89:4e:
ca:8a:3e:5d:63:aa:f2:7f:19:74:aa:ed:fd:c5:98:14:a0:cb:
bc:15:38:fc:a1:7c:2b:0d:9f:ba:a6:db:ae:b4:ef:de:cf:4c:
61:a4:a3:71:9f:f5:6a:9d:f2:37:8e:19:ef:79:7d:1f:36:9d:
6a:91:46:0f:15:1e:59:f2:05:f9:bd:d4:b0:40:e9:e9:8a:df:
52:be:3d:b4:14:29:fa:e8:6d:3b:c6:b6:ea:27:08:33:e8:4e:
bd:04:71:58:06:66:16:d8:ac:eb:be:f9:b1:f7:2b:23:75:41:
5b:7c:5e:9f:06:ed:a7:db:42:04:47:b2:ec:8d:ff:c4:bd:f9:
d4:1e:f2:ca:ed:44:1d:f7:d1:66:7b:b7:3b:a8:4a:b7:b9:ae:
82:8c:d1:29:01:89:5a:a4:5b:80:28:8e:a2:f0:c3:1f:e3:4e:
49:c1:b7:14
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAYLFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDI3MDkzNjE5WhcNMjUxMTIzMDkzNjE5WjAYMRYw
FAYDVQQDEw02OGZmM2QxOS01YzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu0cyQoxPjC+mxMwLpgS4PhLWG/iZU4Pxv7/eCS+y19GmQAWNA6ryCkOr
bkUPOEkuGVdHUB6TUfE6TRb0Qui2f6ReIIN1yd3X/pbsYphLMyM3T9bwn05rLM6g
DUkXRDvuXo5EQOOkm1eFG2BZFkq81IaLpYBltO/uoH1BojjUF63ck7g5Ja5snqgZ
AsOm5BVnt5yXCJ2VuKQkUeQ2L79uKX/GA4FMu4y4Vz7BfJ6YZxK82OwGyGMPLQky
mM+eJlfGmW9uyKpTt4Wc+Br4f1kMB2hIKVrj/12dhNbp03Y6U8gUarkL3kvzVxyV
0EzktCifL9rUGwr2a+w2YwSHAKvbKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE2p
uGRPO++e0Bl6vKzc1ZfcZemYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82N0FDRjEwMEIzMTgxMUYwQTdGNkM0RTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcP+AwQALcRbMA0GCSqGSIb3
DQEBCwUAA4IBAQCXOwzLHZ6LP7WvEiolZ0eXOckmYEp8iwfjpibaWrYseC3ar3rp
xgSk3E5YflURORKHcv9K2PcqAiaQjUwMFPz5ppigXzD1BJgJzYLKpEzZs+xhtpUn
t2jBiU7Kij5dY6ryfxl0qu39xZgUoMu8FTj8oXwrDZ+6ptuutO/ez0xhpKNxn/Vq
nfI3jhnveX0fNp1qkUYPFR5Z8gX5vdSwQOnpit9Svj20FCn66G07xrbqJwgz6E69
BHFYBmYW2Kzrvvmx9ysjdUFbfF6fBu2n20IER7Lsjf/EvfnUHvLK7UQd99Fme7c7
qEq3ua6CjNEpAYlapFuAKI6i8MMf405JwbcU
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:58:31 2025 by rpki-client