Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA13A52466C811F0A833B8DEDAE4EC9C.roa
File: CA13A52466C811F0A833B8DEDAE4EC9C.roa (raw, json)
Hash identifier: 2MkknC79HVCVRO3MWTb71payfQ9Zj9Z9STpN26veAiw=
Subject key identifier: AD:2F:70:FD:2E:E5:46:32:D1:38:1B:B6:81:E7:73:E5:07:BD:92:3D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01667B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA13A52466C811F0A833B8DEDAE4EC9C.roa
Signing time: Tue 22 Jul 2025 06:55:02 +0000
ROA not before: Tue 22 Jul 2025 06:54:58 +0000
ROA not after: Wed 27 Aug 2025 06:54:58 +0000
asID: 6079
IP address blocks: 45.197.208.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91771 (0x1667b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 22 06:54:58 2025 GMT
Not After : Aug 27 06:54:58 2025 GMT
Subject: CN=687f35c6-43bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:aa:c4:3a:dc:2b:bd:38:39:76:64:96:bf:14:
dd:87:37:5b:98:8c:26:33:00:8b:bd:4a:23:39:56:
b8:9d:15:ae:61:0b:e4:c2:00:d2:bc:ee:f3:22:12:
80:2b:3b:86:7c:97:2d:b2:47:af:3b:3b:14:0e:1b:
a6:7f:85:2c:a0:bc:17:59:fd:e3:58:ac:45:89:23:
ff:64:1c:b2:f6:4d:23:f3:31:d3:d3:dd:8b:85:02:
bd:0f:34:9e:57:13:88:12:4f:b9:44:73:ac:ae:58:
85:37:f5:e4:2b:84:73:1e:c0:5e:d5:3b:32:f1:2c:
58:af:4f:f7:89:f1:c2:29:1e:2e:95:c2:9d:96:a7:
28:6c:3c:bf:73:7c:32:ce:66:c6:05:aa:53:78:a7:
61:da:d4:73:96:26:9d:f5:27:d9:f2:9c:52:9a:50:
a2:2a:d3:ea:ea:7a:c6:08:9f:3e:b4:71:49:e6:a8:
9a:2d:6a:42:7c:84:76:02:5a:49:2e:54:b5:e6:fb:
ed:30:4c:12:01:6b:79:8d:dd:d3:e2:4b:8b:93:e4:
9c:6c:8b:75:cc:20:ef:ad:33:97:83:89:40:18:a9:
3d:76:6b:8c:55:6c:a7:c7:62:ac:53:b8:08:7a:9c:
7e:76:7a:17:74:2e:a2:a6:c2:39:51:ac:12:19:ae:
19:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:2F:70:FD:2E:E5:46:32:D1:38:1B:B6:81:E7:73:E5:07:BD:92:3D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA13A52466C811F0A833B8DEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.208.0/20
Signature Algorithm: sha256WithRSAEncryption
83:b0:34:0e:88:f8:dd:5c:1b:8d:95:35:02:77:46:54:d3:e7:
11:aa:81:cf:ca:e1:95:5b:7e:e0:3d:62:8f:2d:16:34:25:7e:
09:77:3c:bd:69:58:73:ae:2a:1c:d5:bb:aa:92:6b:5b:9d:7d:
92:60:f6:7a:2b:79:b2:c0:23:62:18:11:0c:90:b3:87:78:2c:
73:2c:49:37:d2:17:04:72:aa:70:ba:9d:40:c7:fe:dd:e8:b4:
6f:22:d9:78:eb:7f:a2:9b:73:2c:12:99:36:43:4d:86:a1:d8:
2c:dd:6c:7c:86:fb:2c:f9:77:41:64:02:83:68:0e:66:11:b5:
80:3c:1d:f7:c4:71:9c:e1:be:19:33:ea:9f:80:99:6b:b3:08:
c0:19:be:8a:f8:16:7f:b1:0f:29:23:26:ad:b1:4b:61:32:d2:
82:37:a0:fe:2f:46:89:fe:92:76:71:4a:3c:5f:6c:d0:52:96:
8d:7b:84:c0:37:92:16:bf:63:89:4c:21:a6:1b:7f:d8:2e:c4:
89:a4:9e:d0:89:33:8f:f4:6b:bf:99:b8:b9:72:e9:05:f9:4a:
5f:7f:8f:b6:3b:72:5e:48:74:6a:27:97:2b:28:62:46:7c:c0:
43:1e:fa:60:49:fb:97:c5:af:00:0a:f0:d4:84:95:c5:67:cf:
e1:3b:49:ae
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWZ7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIyMDY1NDU4WhcNMjUwODI3MDY1NDU4WjAYMRYw
FAYDVQQDEw02ODdmMzVjNi00M2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA66rEOtwrvTg5dmSWvxTdhzdbmIwmMwCLvUojOVa4nRWuYQvkwgDSvO7z
IhKAKzuGfJctskevOzsUDhumf4UsoLwXWf3jWKxFiSP/ZByy9k0j8zHT092LhQK9
DzSeVxOIEk+5RHOsrliFN/XkK4RzHsBe1Tsy8SxYr0/3ifHCKR4ulcKdlqcobDy/
c3wyzmbGBapTeKdh2tRzliad9SfZ8pxSmlCiKtPq6nrGCJ8+tHFJ5qiaLWpCfIR2
AlpJLlS15vvtMEwSAWt5jd3T4kuLk+ScbIt1zCDvrTOXg4lAGKk9dmuMVWynx2Ks
U7gIepx+dnoXdC6ipsI5UawSGa4ZGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK0v
cP0u5UYy0TgbtoHnc+UHvZI9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQTEzQTUyNDY2QzgxMUYwQTgzM0I4REVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcXQMA0GCSqGSIb3DQEBCwUA
A4IBAQCDsDQOiPjdXBuNlTUCd0ZU0+cRqoHPyuGVW37gPWKPLRY0JX4Jdzy9aVhz
rioc1buqkmtbnX2SYPZ6K3mywCNiGBEMkLOHeCxzLEk30hcEcqpwup1Ax/7d6LRv
Itl463+im3MsEpk2Q02Godgs3Wx8hvss+XdBZAKDaA5mEbWAPB33xHGc4b4ZM+qf
gJlrswjAGb6K+BZ/sQ8pIyatsUthMtKCN6D+L0aJ/pJ2cUo8X2zQUpaNe4TAN5IW
v2OJTCGmG3/YLsSJpJ7QiTOP9Gu/mbi5cukF+Upff4+2O3JeSHRqJ5crKGJGfMBD
HvpgSfuXxa8ACvDUhJXFZ8/hO0mu
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:37:17 2025 by rpki-client