Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B52F1976AFEE11F0860EA0AADAE4EC9C.roa
File: B52F1976AFEE11F0860EA0AADAE4EC9C.roa (raw, json)
Hash identifier: HhIOBdCePuvdeSM1/0wQomYMA/dK0lqepBNfwhpfGmA=
Subject key identifier: D3:6E:48:48:30:9D:5E:BF:B0:11:9A:14:5E:82:93:38:14:1E:F0:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018223
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B52F1976AFEE11F0860EA0AADAE4EC9C.roa
Signing time: Thu 23 Oct 2025 09:00:23 +0000
ROA not before: Thu 23 Oct 2025 09:00:18 +0000
ROA not after: Sun 23 Nov 2025 09:00:18 +0000
asID: 208185
IP address blocks: 45.207.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98851 (0x18223)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 23 09:00:18 2025 GMT
Not After : Nov 23 09:00:18 2025 GMT
Subject: CN=68f9eea7-86ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:63:56:6a:d2:6c:9a:c3:79:9c:38:fc:ea:f2:
4a:f7:c2:9d:6f:f1:33:2b:b8:6a:9c:4e:68:fb:d3:
2e:4b:da:47:25:2a:19:e1:6d:f6:bc:a8:b3:4c:2d:
4b:f9:dc:be:4a:76:9c:46:78:a3:c0:32:ff:32:9d:
e4:a4:01:ba:61:78:ce:45:5c:99:cc:34:eb:7a:00:
fc:47:ad:b4:d8:7d:d7:54:04:0e:44:e2:aa:ec:13:
1d:bb:55:05:72:1f:52:de:71:73:64:54:55:89:26:
74:e2:67:b7:64:6a:46:f9:06:b5:49:c0:92:65:74:
86:d6:84:e9:f3:6a:b7:f3:b2:b1:e6:09:98:89:40:
3e:cd:4b:c6:75:6f:fc:4a:35:5f:59:de:23:20:25:
08:06:4a:6c:bb:46:e9:d2:62:dd:8e:b4:a5:ab:0e:
7d:e3:af:18:f7:86:56:e1:ff:90:08:35:19:89:55:
be:ce:64:50:0d:1d:df:61:0c:14:7d:02:62:3f:ad:
c2:c0:c7:02:6e:70:35:21:d6:62:10:34:aa:a5:43:
d8:56:ab:84:ef:9e:80:23:e0:68:f0:c5:de:14:fa:
87:18:94:b6:d7:ed:49:9c:0f:9c:77:82:ea:b2:b0:
62:04:b4:6e:df:8e:9f:79:87:f3:8f:cd:b7:34:e2:
38:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:6E:48:48:30:9D:5E:BF:B0:11:9A:14:5E:82:93:38:14:1E:F0:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B52F1976AFEE11F0860EA0AADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.21.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:17:94:6b:52:c4:81:c9:6c:1f:d4:1a:c2:cb:48:e5:d0:b9:
08:17:ef:bd:3a:a8:82:f0:ec:ca:42:b5:09:0f:e0:d1:ff:76:
d5:7c:d6:c8:a6:c7:23:68:22:91:34:66:31:21:a1:f9:00:7c:
37:bf:fc:c6:43:3f:42:34:67:34:7f:9c:e2:54:ba:54:37:1e:
17:2a:28:c7:da:cc:67:74:ed:52:d2:30:9b:7d:cc:10:e8:54:
fd:f3:7c:0f:af:e3:50:6e:dc:72:4b:7b:0d:33:9e:a2:27:e8:
3e:d9:40:87:7d:bc:16:ba:fb:8a:56:f3:71:2c:98:71:46:46:
02:37:ac:71:5c:3c:5b:94:a0:02:3a:a8:ff:58:34:f5:e9:e1:
52:62:dd:9b:14:96:c1:ef:6d:0f:c5:e0:a5:0a:4f:73:47:81:
35:1a:ba:02:b3:3c:a0:e5:6d:d6:13:1d:ae:96:b4:57:04:4f:
ed:50:db:39:34:2b:9a:49:44:0d:13:69:82:5c:33:26:09:00:
3f:12:d2:f7:93:eb:f9:4d:2c:53:27:e3:72:ed:9a:43:3f:8d:
ac:bb:e2:4f:c4:b9:2b:75:a8:5f:fa:0b:cb:8c:a1:d4:ab:5c:
a4:d6:d7:8e:0b:58:20:07:17:fe:18:d3:22:d3:c5:99:9d:90:
5a:f4:22:b7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYIjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDIzMDkwMDE4WhcNMjUxMTIzMDkwMDE4WjAYMRYw
FAYDVQQDEw02OGY5ZWVhNy04NmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvWNWatJsmsN5nDj86vJK98Kdb/EzK7hqnE5o+9MuS9pHJSoZ4W32vKiz
TC1L+dy+SnacRnijwDL/Mp3kpAG6YXjORVyZzDTregD8R6202H3XVAQOROKq7BMd
u1UFch9S3nFzZFRViSZ04me3ZGpG+Qa1ScCSZXSG1oTp82q387Kx5gmYiUA+zUvG
dW/8SjVfWd4jICUIBkpsu0bp0mLdjrSlqw59468Y94ZW4f+QCDUZiVW+zmRQDR3f
YQwUfQJiP63CwMcCbnA1IdZiEDSqpUPYVquE756AI+Bo8MXeFPqHGJS21+1JnA+c
d4LqsrBiBLRu346feYfzj823NOI4WQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNNu
SEgwnV6/sBGaFF6CkzgUHvB0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNTJGMTk3NkFGRUUxMUYwODYwRUEwQUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8VMA0GCSqGSIb3DQEBCwUA
A4IBAQC8F5RrUsSByWwf1BrCy0jl0LkIF++9OqiC8OzKQrUJD+DR/3bVfNbIpscj
aCKRNGYxIaH5AHw3v/zGQz9CNGc0f5ziVLpUNx4XKijH2sxndO1S0jCbfcwQ6FT9
83wPr+NQbtxyS3sNM56iJ+g+2UCHfbwWuvuKVvNxLJhxRkYCN6xxXDxblKACOqj/
WDT16eFSYt2bFJbB720PxeClCk9zR4E1GroCszyg5W3WEx2ulrRXBE/tUNs5NCua
SUQNE2mCXDMmCQA/EtL3k+v5TSxTJ+Ny7ZpDP42su+JPxLkrdahf+gvLjKHUq1yk
1teOC1ggBxf+GNMi08WZnZBa9CK3
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:58:48 2025 by rpki-client