Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10DDB27E2A7911F084F633A0DAE4EC9C.roa
File: 10DDB27E2A7911F084F633A0DAE4EC9C.roa (raw, json)
Hash identifier: siRx1SXVWW68Nx9TTEbmef6+Ff4vikBMLjeRXEUaNCQ=
Subject key identifier: F6:DB:E8:03:E7:80:36:3B:45:FA:D1:64:DB:63:8A:AE:B7:A7:DB:92
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01525B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10DDB27E2A7911F084F633A0DAE4EC9C.roa
Signing time: Tue 06 May 2025 12:53:11 +0000
ROA not before: Tue 06 May 2025 12:53:07 +0000
ROA not after: Fri 05 Jun 2026 12:53:07 +0000
asID: 984
IP address blocks: 45.206.3.0/24 maxlen: 24
45.206.4.0/24 maxlen: 24
45.206.52.0/24 maxlen: 24
45.206.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86619 (0x1525b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 6 12:53:07 2025 GMT
Not After : Jun 5 12:53:07 2026 GMT
Subject: CN=681a0637-20a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b1:cb:9a:b8:a8:ec:8a:5c:71:1e:22:e2:1d:
46:a2:9e:51:25:6d:64:75:c3:d5:d5:e5:81:2c:4c:
02:cf:2e:28:e0:d2:70:63:4f:05:4d:97:ed:29:85:
4f:6d:a6:70:2a:fd:eb:3e:c7:fa:e4:5b:57:f2:62:
9b:3b:1b:b1:85:4f:bf:ea:42:7d:9b:c0:2a:5e:77:
51:df:bf:63:d0:e4:3c:2a:0d:c9:5f:e6:56:64:1f:
3a:19:14:8b:52:a7:85:d3:c7:1c:08:d0:0c:4a:f9:
ba:46:65:f8:b9:50:d9:c3:77:29:12:af:8a:80:c7:
a4:32:f8:8b:c6:ff:a9:6e:3d:bb:1c:62:01:1d:d6:
c2:ef:20:b4:6c:02:99:ba:2f:2e:26:ee:e7:42:63:
bc:3e:e5:22:92:70:58:38:1f:26:a1:50:56:83:c8:
20:0a:8c:76:6a:74:f6:49:29:9d:17:64:3c:91:82:
2b:07:6c:3e:e9:77:e2:c6:c0:48:89:36:90:a6:06:
f3:b3:19:35:71:7f:56:e2:42:1e:eb:3b:7c:d4:8f:
85:46:74:64:c1:9d:4d:73:f2:b8:83:9c:20:f1:48:
33:66:49:6f:50:1a:a9:1e:3a:f8:ca:ae:ab:d0:b8:
42:9b:f4:3e:a2:0a:8a:da:d4:5e:9a:fe:25:e3:cd:
88:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:DB:E8:03:E7:80:36:3B:45:FA:D1:64:DB:63:8A:AE:B7:A7:DB:92
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10DDB27E2A7911F084F633A0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.3.0-45.206.4.255
45.206.52.0/24
45.206.54.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:3b:af:05:08:fa:c2:a5:aa:a9:aa:04:20:a8:26:f3:1a:f3:
8c:3d:77:27:18:54:26:94:9c:1f:17:9d:62:47:47:57:22:50:
9d:24:ee:8f:2c:d1:21:41:71:14:7c:76:e9:cb:1b:78:99:3f:
c9:12:2f:25:2c:50:ff:c6:de:ec:51:2b:e2:31:77:fa:ff:60:
3c:85:71:eb:0b:b1:05:e8:68:16:d5:59:6b:aa:5f:eb:98:fe:
b3:0b:30:be:99:35:c6:d0:f9:70:f5:a4:59:7a:e4:da:56:bc:
b1:74:69:57:01:6d:9c:c4:4d:29:27:d4:0d:64:e6:f7:62:e3:
30:81:59:1a:20:ca:71:f0:db:6f:c9:24:fa:2f:c0:a9:57:4d:
41:3e:40:8a:29:4c:c7:38:00:00:64:7c:65:0b:eb:47:34:cf:
34:28:51:92:bf:05:58:06:7c:6b:08:98:43:1d:67:04:ad:9b:
ef:f4:6f:d5:9d:8a:89:1f:59:a2:30:10:2b:f6:36:d4:b1:62:
20:24:19:12:2f:de:96:4f:fb:be:43:57:2a:b3:ae:3f:25:1b:
12:86:46:a9:4e:21:95:39:e6:7e:49:d9:90:99:cb:9c:8c:d9:
df:1d:e8:03:aa:e1:8b:3a:8d:0d:29:93:90:8f:37:87:b4:70:
50:0a:b6:18
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAVJbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA2MTI1MzA3WhcNMjYwNjA1MTI1MzA3WjAYMRYw
FAYDVQQDEw02ODFhMDYzNy0yMGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwLHLmrio7IpccR4i4h1Gop5RJW1kdcPV1eWBLEwCzy4o4NJwY08FTZft
KYVPbaZwKv3rPsf65FtX8mKbOxuxhU+/6kJ9m8AqXndR379j0OQ8Kg3JX+ZWZB86
GRSLUqeF08ccCNAMSvm6RmX4uVDZw3cpEq+KgMekMviLxv+pbj27HGIBHdbC7yC0
bAKZui8uJu7nQmO8PuUiknBYOB8moVBWg8ggCox2anT2SSmdF2Q8kYIrB2w+6Xfi
xsBIiTaQpgbzsxk1cX9W4kIe6zt81I+FRnRkwZ1Nc/K4g5wg8UgzZklvUBqpHjr4
yq6r0LhCm/Q+ogqK2tRemv4l482IDwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFPbb
6APngDY7RfrRZNtjiq63p9uSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMEREQjI3RTJBNzkxMUYwODRGNjMzQTBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtzgMDBAAtzgQDBAAtzjQD
BAAtzjYwDQYJKoZIhvcNAQELBQADggEBAA07rwUI+sKlqqmqBCCoJvMa84w9dycY
VCaUnB8XnWJHR1ciUJ0k7o8s0SFBcRR8dunLG3iZP8kSLyUsUP/G3uxRK+Ixd/r/
YDyFcesLsQXoaBbVWWuqX+uY/rMLML6ZNcbQ+XD1pFl65NpWvLF0aVcBbZzETSkn
1A1k5vdi4zCBWRogynHw22/JJPovwKlXTUE+QIopTMc4AABkfGUL60c0zzQoUZK/
BVgGfGsImEMdZwStm+/0b9WdiokfWaIwECv2NtSxYiAkGRIv3pZP+75DVyqzrj8l
GxKGRqlOIZU55n5J2ZCZy5yM2d8d6AOq4Ys6jQ0pk5CPN4e0cFAKthg=
-----END CERTIFICATE-----
Generated at Sun May 11 13:36:59 2025 by rpki-client