Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B8D10400479211F088B609B8DAE4EC9C.roa
File: B8D10400479211F088B609B8DAE4EC9C.roa (raw, json)
Hash identifier: DG9gUXWOO3kV2uGoFSXX6BIV2xwdhbUuZqYWvwllcqI=
Subject key identifier: DC:87:DC:F5:A3:D0:14:72:DB:E8:DC:B1:2B:9F:79:8D:20:D9:6B:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015B93
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B8D10400479211F088B609B8DAE4EC9C.roa
Signing time: Thu 12 Jun 2025 13:39:54 +0000
ROA not before: Thu 12 Jun 2025 13:39:50 +0000
ROA not after: Sat 21 Jun 2025 13:39:50 +0000
asID: 21859
IP address blocks: 45.207.168.0/24 maxlen: 24
45.207.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88979 (0x15b93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 12 13:39:50 2025 GMT
Not After : Jun 21 13:39:50 2025 GMT
Subject: CN=684ad8aa-60c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3d:d7:15:ef:de:2e:5a:34:67:50:00:9b:7a:
20:06:ae:79:af:a9:cb:38:08:5e:45:cf:5c:f3:38:
2e:e3:d5:7e:b6:79:c3:c1:a2:03:67:8e:ad:48:37:
21:36:3d:dd:b7:3b:67:cb:02:3e:e7:a1:9a:8e:73:
65:04:ed:8e:bc:cd:a6:8e:d8:6f:ab:4b:b0:99:e1:
ca:2b:3e:4f:79:52:5e:ab:c3:2c:5e:98:f9:f4:fb:
b6:af:d2:62:fd:01:1f:4b:a1:3a:ea:0c:af:03:0e:
24:22:2b:a1:6c:06:fe:7b:37:d5:ae:92:31:31:c9:
27:b0:51:98:d0:6d:25:2b:37:10:af:c6:67:c3:4a:
10:58:3f:bc:f9:48:e9:03:40:00:ff:ea:77:23:d7:
a0:60:63:47:c9:55:f6:99:75:49:4b:49:2c:80:63:
5f:a6:b4:73:29:73:e9:5f:7f:b2:46:02:27:73:f3:
91:e1:94:9f:4d:d2:79:f7:62:81:be:55:3d:79:a3:
10:2b:4e:9d:25:0f:b2:fe:3d:2a:70:ce:55:80:df:
76:4c:9e:59:ff:37:99:a0:35:ce:14:c1:f0:d5:d9:
65:7c:80:d3:27:db:3f:01:4e:76:a6:bb:d0:3b:b6:
52:b6:57:b6:38:a5:d4:0c:c6:bf:a1:21:0e:d4:1a:
24:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:87:DC:F5:A3:D0:14:72:DB:E8:DC:B1:2B:9F:79:8D:20:D9:6B:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B8D10400479211F088B609B8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.168.0/24
45.207.172.0/24
Signature Algorithm: sha256WithRSAEncryption
74:77:24:44:7f:a3:0d:0d:87:cb:b3:0f:00:91:d3:1a:74:99:
72:08:1b:61:62:a4:c2:f1:c9:7f:11:44:44:c8:16:69:73:59:
2e:f4:24:59:73:07:c3:89:7a:ff:08:e0:42:63:36:8f:da:3a:
aa:d2:35:de:c1:7f:85:16:d0:3c:c8:45:4c:05:d7:29:96:90:
ac:74:93:e2:47:35:d1:5d:1d:3e:a5:15:f7:37:ef:3f:2a:7e:
e7:9b:fd:e2:70:bc:d2:6d:15:78:18:aa:7a:5c:1e:bb:30:89:
a1:bb:30:0a:cd:bb:48:b8:6e:1c:6d:3b:16:a9:ec:f6:10:2b:
6e:0f:ad:50:d0:7a:e3:a5:b5:dd:01:77:61:2f:92:86:9b:e5:
8b:f2:4e:03:0c:c1:6a:91:c2:d9:d4:d2:4a:6f:17:8c:72:15:
26:00:10:5c:52:8f:29:87:9b:58:80:8c:aa:85:64:e0:ab:f2:
90:39:75:1f:26:d0:0f:53:57:76:a4:81:1a:01:a1:7a:61:89:
d8:a1:09:3d:4f:da:3b:a3:50:ae:88:4d:e5:74:f5:76:ae:be:
0f:5f:86:57:75:15:fd:d8:08:6c:b0:64:e7:74:43:27:e6:92:
9b:ea:68:4b:8c:1e:51:6d:46:45:ee:02:37:31:40:ed:d9:4d:
b7:c0:97:28
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVuTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjEyMTMzOTUwWhcNMjUwNjIxMTMzOTUwWjAYMRYw
FAYDVQQDEw02ODRhZDhhYS02MGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsj3XFe/eLlo0Z1AAm3ogBq55r6nLOAheRc9c8zgu49V+tnnDwaIDZ46t
SDchNj3dtztnywI+56GajnNlBO2OvM2mjthvq0uwmeHKKz5PeVJeq8MsXpj59Pu2
r9Ji/QEfS6E66gyvAw4kIiuhbAb+ezfVrpIxMcknsFGY0G0lKzcQr8Znw0oQWD+8
+UjpA0AA/+p3I9egYGNHyVX2mXVJS0ksgGNfprRzKXPpX3+yRgInc/OR4ZSfTdJ5
92KBvlU9eaMQK06dJQ+y/j0qcM5VgN92TJ5Z/zeZoDXOFMHw1dllfIDTJ9s/AU52
prvQO7ZStle2OKXUDMa/oSEO1Bok4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNyH
3PWj0BRy2+jcsSufeY0g2WvTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9COEQxMDQwMDQ3OTIxMUYwODhCNjA5QjhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALc+oAwQALc+sMA0GCSqGSIb3
DQEBCwUAA4IBAQB0dyREf6MNDYfLsw8AkdMadJlyCBthYqTC8cl/EUREyBZpc1ku
9CRZcwfDiXr/COBCYzaP2jqq0jXewX+FFtA8yEVMBdcplpCsdJPiRzXRXR0+pRX3
N+8/Kn7nm/3icLzSbRV4GKp6XB67MImhuzAKzbtIuG4cbTsWqez2ECtuD61Q0Hrj
pbXdAXdhL5KGm+WL8k4DDMFqkcLZ1NJKbxeMchUmABBcUo8ph5tYgIyqhWTgq/KQ
OXUfJtAPU1d2pIEaAaF6YYnYoQk9T9o7o1CuiE3ldPV2rr4PX4ZXdRX92AhssGTn
dEMn5pKb6mhLjB5RbUZF7gI3MUDt2U23wJco
-----END CERTIFICATE-----
Generated at Sun Jun 15 22:02:35 2025 by rpki-client