Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7387F6D46FD711F0974DF4CDDAE4EC9C.roa
File: 7387F6D46FD711F0974DF4CDDAE4EC9C.roa (raw, json)
Hash identifier: jBWsyMqsznsaf651NJ3zX/2kuT7I4qe3H9P7D9fylkY=
Subject key identifier: 3B:6C:EA:59:97:7F:CD:7E:AE:F4:76:BA:10:03:D1:20:2C:C1:8E:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0168D8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7387F6D46FD711F0974DF4CDDAE4EC9C.roa
Signing time: Sat 02 Aug 2025 19:32:40 +0000
ROA not before: Sat 02 Aug 2025 19:32:33 +0000
ROA not after: Mon 15 Sep 2025 19:32:33 +0000
asID: 396356
IP address blocks: 45.203.165.0/24 maxlen: 24
45.203.166.0/23 maxlen: 24
45.203.168.0/21 maxlen: 24
45.203.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92376 (0x168d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 2 19:32:33 2025 GMT
Not After : Sep 15 19:32:33 2025 GMT
Subject: CN=688e67d8-8efc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:e3:8a:a1:57:11:c1:02:65:87:9e:2d:aa:
c7:85:fb:39:70:77:22:8b:94:02:32:83:1b:37:be:
95:23:39:56:89:f8:41:a9:8f:50:28:b7:e9:5c:0b:
a2:c5:c5:64:c5:10:5e:ab:68:32:3a:52:06:b1:8f:
c2:f0:67:db:de:a5:1b:d8:1d:31:9b:d5:b0:67:4d:
9f:2e:cd:77:16:ee:9e:65:3a:3f:53:ad:61:d3:b1:
00:cb:e7:ba:87:40:95:8a:96:a4:0e:b1:2a:6d:97:
d5:dd:f5:f2:04:73:ae:94:8f:45:3c:10:27:0b:05:
cd:72:93:0e:40:ca:0d:88:fb:ae:95:3e:9b:79:b3:
8e:d6:b0:9c:23:e7:1e:0b:62:05:24:f8:f0:79:6e:
ec:93:1f:22:8b:3e:c8:99:c5:55:74:dd:54:9e:6a:
1f:31:70:af:3b:93:f1:25:03:bf:8a:22:29:8a:e9:
44:aa:36:80:56:52:86:91:cd:2b:94:f2:b7:f2:98:
88:7a:cc:c7:1b:b3:12:98:91:c5:cf:60:ea:87:9f:
f4:06:c8:9b:db:88:5a:6d:b7:e7:63:9c:29:38:0c:
a4:0e:23:ef:d3:ed:1e:a8:60:04:09:38:f9:a2:de:
54:31:ba:33:97:3b:df:50:c7:81:4d:07:c3:63:9c:
9c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6C:EA:59:97:7F:CD:7E:AE:F4:76:BA:10:03:D1:20:2C:C1:8E:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7387F6D46FD711F0974DF4CDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.165.0-45.203.191.255
Signature Algorithm: sha256WithRSAEncryption
9c:9f:cc:8a:be:ce:08:dd:b7:c6:16:58:69:88:0c:3a:1a:2b:
32:9e:07:2b:e3:82:47:b4:47:19:42:77:a8:dc:b4:5f:e0:b3:
da:a5:f4:62:51:f6:36:f7:00:33:6b:70:c1:11:4b:a0:b2:3e:
55:64:5b:1a:1c:81:94:a7:8c:19:a1:d0:98:17:2e:a7:e0:b3:
1a:59:78:20:7c:7d:a0:32:79:a6:e9:da:8a:4b:3c:2c:ec:10:
2d:94:08:ab:57:c0:93:64:f8:d3:77:28:29:a1:9d:c9:dc:17:
6f:7e:1a:f1:2b:ed:d2:b4:b0:ed:17:b0:5c:f3:a4:ba:47:ed:
0e:e8:62:07:f6:df:03:18:b4:46:75:0b:77:a1:a5:3d:32:bc:
8b:32:90:d3:97:f2:79:94:c1:a3:08:36:c1:a2:ce:b0:fc:58:
ba:7d:76:01:26:0a:5f:31:df:4e:c8:ef:a3:82:bb:d8:99:ca:
e6:76:52:7b:1f:0f:cb:a9:b1:e8:2d:80:83:65:45:52:c4:bc:
44:fa:43:4d:a4:1c:e9:5f:97:bd:36:5d:46:78:d2:95:30:54:
7b:4e:b9:7c:40:af:44:c1:af:32:a9:54:8a:b9:d5:e9:c0:c6:
5a:f3:bb:01:77:29:3f:01:8f:18:bd:52:9a:01:a4:d0:8f:3a:
4b:dd:8f:4c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWjYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODAyMTkzMjMzWhcNMjUwOTE1MTkzMjMzWjAYMRYw
FAYDVQQDEw02ODhlNjdkOC04ZWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoV/jiqFXEcECZYeeLarHhfs5cHcii5QCMoMbN76VIzlWifhBqY9QKLfp
XAuixcVkxRBeq2gyOlIGsY/C8Gfb3qUb2B0xm9WwZ02fLs13Fu6eZTo/U61h07EA
y+e6h0CVipakDrEqbZfV3fXyBHOulI9FPBAnCwXNcpMOQMoNiPuulT6bebOO1rCc
I+ceC2IFJPjweW7skx8iiz7ImcVVdN1UnmofMXCvO5PxJQO/iiIpiulEqjaAVlKG
kc0rlPK38piIeszHG7MSmJHFz2Dqh5/0Bsib24habbfnY5wpOAykDiPv0+0eqGAE
CTj5ot5UMbozlzvfUMeBTQfDY5ycVQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDts
6lmXf81+rvR2uhAD0SAswY6oMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83Mzg3RjZENDZGRDcxMUYwOTc0REY0Q0REQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAty6UDBAYty4AwDQYJKoZI
hvcNAQELBQADggEBAJyfzIq+zgjdt8YWWGmIDDoaKzKeByvjgke0RxlCd6jctF/g
s9ql9GJR9jb3ADNrcMERS6CyPlVkWxocgZSnjBmh0JgXLqfgsxpZeCB8faAyeabp
2opLPCzsEC2UCKtXwJNk+NN3KCmhncncF29+GvEr7dK0sO0XsFzzpLpH7Q7oYgf2
3wMYtEZ1C3ehpT0yvIsykNOX8nmUwaMINsGizrD8WLp9dgEmCl8x307I76OCu9iZ
yuZ2UnsfD8upsegtgINlRVLEvET6Q02kHOlfl702XUZ40pUwVHtOuXxAr0TBrzKp
VIq51enAxlrzuwF3KT8Bjxi9UpoBpNCPOkvdj0w=
-----END CERTIFICATE-----
Generated at Wed Aug 6 07:53:11 2025 by rpki-client