Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0108D7E224D511F099989AE4DAE4EC9C.roa
File: 0108D7E224D511F099989AE4DAE4EC9C.roa (raw, json)
Hash identifier: PncJkE0+454QW/Y8Mv4Abu571Iu1d9PCppx2GQHjTSA=
Subject key identifier: 9F:F4:70:72:77:D1:02:63:15:19:7B:EC:29:13:99:10:A8:CC:44:43
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015037
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0108D7E224D511F099989AE4DAE4EC9C.roa
Signing time: Tue 29 Apr 2025 08:36:12 +0000
ROA not before: Tue 29 Apr 2025 08:36:07 +0000
ROA not after: Thu 08 Jan 2026 08:36:07 +0000
asID: 140401
IP address blocks: 45.198.232.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 11 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86071 (0x15037)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 08:36:07 2025 GMT
Not After : Jan 8 08:36:07 2026 GMT
Subject: CN=68108f7b-3838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:80:00:67:76:5e:ca:3f:5a:6d:ab:40:80:a9:
cf:89:f9:d2:d7:70:ee:14:fb:45:a1:a3:77:b1:5f:
70:90:1c:3e:06:0e:e7:6d:0f:e9:92:24:f7:26:f8:
9c:00:56:99:39:00:07:4e:e6:82:e9:34:ff:98:d3:
f5:b7:0e:19:0d:81:2a:8c:ee:aa:64:be:21:94:22:
d0:1d:f4:60:1f:0c:4a:55:50:00:ca:d8:77:9b:02:
6d:c1:a9:57:9c:a3:a5:40:9f:cd:e9:21:1d:ee:3d:
45:57:cc:32:db:4a:17:d9:a0:1f:a1:d1:e8:0f:8d:
5b:90:ea:3e:fa:56:9d:9d:67:ca:a4:57:69:cb:1f:
38:fe:cb:a6:5d:f5:8d:b8:7c:81:fb:23:21:e7:85:
c1:73:8d:71:73:5a:88:2e:68:99:c3:c1:1a:20:47:
22:9d:54:94:63:c6:c1:dc:65:70:c4:da:4d:c5:c0:
c9:37:a1:42:a3:0f:5d:72:28:a3:22:d9:60:c7:b6:
6a:98:f3:9a:c0:05:e8:a1:a8:0f:e4:dc:cf:cd:87:
4d:ad:97:49:0e:78:e2:79:de:e9:81:d8:df:d1:22:
39:00:51:6a:d7:76:d4:a2:58:af:6f:1e:c8:24:ba:
82:bb:d3:a8:5b:4a:71:44:79:20:ec:b7:ae:cc:63:
a9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F4:70:72:77:D1:02:63:15:19:7B:EC:29:13:99:10:A8:CC:44:43
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0108D7E224D511F099989AE4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.232.0/23
Signature Algorithm: sha256WithRSAEncryption
67:d7:e3:ef:bc:ec:0c:99:a3:51:32:dd:83:26:44:cd:a9:4e:
1a:0a:7e:5c:05:cd:08:85:09:e2:4d:60:c8:38:3e:13:50:8c:
9f:ac:76:13:9d:a9:54:6d:fa:8a:e9:1d:a5:63:00:4c:a7:83:
36:f4:82:cb:19:af:fb:24:40:af:f5:9d:3b:25:b5:df:c3:26:
5c:cd:85:d9:d3:61:ac:ec:df:e9:dc:b7:c2:ec:b6:c1:5d:d0:
0e:71:f5:f9:83:d8:18:d1:fe:f8:81:39:bc:02:cc:71:b6:27:
0d:56:8e:c0:0c:55:a9:a0:b6:3f:0e:8c:61:48:5f:c5:0f:a8:
a5:5f:8b:56:cd:ab:4f:e6:9e:61:ee:0b:3f:ff:a0:f0:7a:71:
67:32:ac:40:26:8d:76:25:0c:70:e7:f7:c5:1c:43:70:59:b8:
5e:7e:cf:38:9b:71:f1:72:d6:eb:9b:81:8c:a4:93:e4:7d:ea:
bb:ac:8b:df:03:6b:2c:a3:15:d3:91:3d:4e:71:66:77:dc:d6:
a8:b8:43:eb:25:61:66:13:05:25:39:30:3f:3e:37:a9:e1:44:
b0:36:ea:6a:42:11:98:98:9d:b8:31:bf:a5:5a:8d:11:05:fd:
e5:b9:db:d7:17:37:2d:89:8e:74:22:81:2d:44:58:7a:9c:c1:
ff:96:19:3f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVA3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI5MDgzNjA3WhcNMjYwMTA4MDgzNjA3WjAYMRYw
FAYDVQQDEw02ODEwOGY3Yi0zODM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsoAAZ3Zeyj9abatAgKnPifnS13DuFPtFoaN3sV9wkBw+Bg7nbQ/pkiT3
JvicAFaZOQAHTuaC6TT/mNP1tw4ZDYEqjO6qZL4hlCLQHfRgHwxKVVAAyth3mwJt
walXnKOlQJ/N6SEd7j1FV8wy20oX2aAfodHoD41bkOo++ladnWfKpFdpyx84/sum
XfWNuHyB+yMh54XBc41xc1qILmiZw8EaIEcinVSUY8bB3GVwxNpNxcDJN6FCow9d
ciijItlgx7ZqmPOawAXooagP5NzPzYdNrZdJDnjied7pgdjf0SI5AFFq13bUoliv
bx7IJLqCu9OoW0pxRHkg7LeuzGOpmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ/0
cHJ30QJjFRl77CkTmRCozERDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMTA4RDdFMjI0RDUxMUYwOTk5ODlBRTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcboMA0GCSqGSIb3DQEBCwUA
A4IBAQBn1+PvvOwMmaNRMt2DJkTNqU4aCn5cBc0IhQniTWDIOD4TUIyfrHYTnalU
bfqK6R2lYwBMp4M29ILLGa/7JECv9Z07JbXfwyZczYXZ02Gs7N/p3LfC7LbBXdAO
cfX5g9gY0f74gTm8AsxxticNVo7ADFWpoLY/DoxhSF/FD6ilX4tWzatP5p5h7gs/
/6DwenFnMqxAJo12JQxw5/fFHENwWbhefs84m3Hxctbrm4GMpJPkfeq7rIvfA2ss
oxXTkT1OcWZ33NaouEPrJWFmEwUlOTA/Pjep4USwNupqQhGYmJ24Mb+lWo0RBf3l
udvXFzctiY50IoEtRFh6nMH/lhk/
-----END CERTIFICATE-----
Generated at Fri May 9 23:56:51 2025 by rpki-client