Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E1AF61C4E7311F0A425749ADAE4EC9C.roa
File: 2E1AF61C4E7311F0A425749ADAE4EC9C.roa (raw, json)
Hash identifier: ese2MoNK9JwD/HXjGnCJe9AdVGyKXTG7FmpYVGgyEfU=
Subject key identifier: 23:52:C0:AC:F4:5F:48:74:E2:64:96:F5:25:6A:FA:B5:39:24:32:C9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015D86
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E1AF61C4E7311F0A425749ADAE4EC9C.roa
Signing time: Sat 21 Jun 2025 07:41:45 +0000
ROA not before: Sat 21 Jun 2025 07:41:41 +0000
ROA not after: Sun 27 Jul 2025 07:41:41 +0000
asID: 214238
IP address blocks: 45.192.59.0/24 maxlen: 24
45.192.63.0/24 maxlen: 24
45.195.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Jul 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89478 (0x15d86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 21 07:41:41 2025 GMT
Not After : Jul 27 07:41:41 2025 GMT
Subject: CN=68566239-9ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a4:00:aa:e5:fd:53:24:46:17:c9:66:5a:31:
27:d3:7b:97:ec:23:02:63:d2:b5:7b:19:ef:9f:cb:
d8:03:97:1c:17:51:63:18:f5:12:a6:e1:6d:9b:7e:
05:cf:6b:ae:d5:49:7a:63:c6:5e:33:82:97:31:81:
bf:e4:9a:99:3e:fe:e4:88:ab:36:dd:61:b4:a5:d8:
79:31:d6:c4:c1:a4:72:95:ad:0e:61:b7:f3:e5:ee:
b1:c5:28:5e:91:e1:8a:69:cc:82:1b:74:f7:c7:60:
63:50:a7:69:a1:93:46:c1:5f:d4:48:b8:0a:e6:5b:
70:aa:58:2e:71:8d:5b:54:76:c6:37:59:1f:ff:cd:
3d:bb:8d:30:ee:94:ec:a8:8b:78:99:75:da:13:ef:
d1:9a:f5:34:4e:a3:02:cd:f5:93:8e:0c:64:c1:e6:
b6:20:50:7b:50:ac:60:83:76:07:6a:6e:d0:4d:15:
f0:5e:79:b3:05:d9:a6:cd:23:ff:eb:fa:cf:78:30:
6a:b3:8f:ed:5e:38:e7:a3:5b:e1:31:d1:e5:bd:2a:
87:84:8a:bb:73:27:11:57:de:44:ac:b9:b0:c8:e7:
96:6e:16:a1:a3:2b:f9:9c:f5:62:08:d9:be:4a:65:
ae:cd:c0:d6:c2:bf:2a:ad:e8:06:ff:45:b3:e1:4f:
6b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:52:C0:AC:F4:5F:48:74:E2:64:96:F5:25:6A:FA:B5:39:24:32:C9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E1AF61C4E7311F0A425749ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.59.0/24
45.192.63.0/24
45.195.161.0/24
Signature Algorithm: sha256WithRSAEncryption
20:04:23:04:37:a0:bc:89:81:67:85:94:d3:c8:0e:9f:6d:15:
97:f2:8f:d5:45:82:2d:a6:1e:ca:fb:89:d1:3a:f6:11:ae:77:
a1:97:35:56:2a:f9:cd:93:9f:41:0d:1f:7f:1b:76:68:3b:0d:
d7:1f:8e:4c:da:f1:2b:a9:42:f5:98:a1:0d:3f:69:64:2e:df:
d9:c3:22:f5:43:a3:81:cd:a7:fd:f0:da:55:28:15:6c:48:84:
0e:37:e6:33:2e:10:1c:1b:2c:b2:5d:97:ca:7b:47:42:35:a0:
90:8c:af:ff:84:c2:ba:e8:5a:d9:f4:6e:68:93:60:e3:07:d0:
43:21:17:19:a8:70:d4:21:32:67:15:f5:8a:63:38:97:fc:55:
6f:67:f8:63:c7:42:ad:3f:78:ab:fd:9d:ab:ce:9b:e7:21:44:
71:f0:ff:9f:b7:84:0b:29:63:fe:8d:b4:eb:b3:2b:21:9d:6e:
f2:3d:40:f5:ae:91:38:61:19:89:02:b7:be:f1:ed:a5:6d:05:
dc:57:af:5b:b9:f3:9e:3a:6a:13:3c:ea:52:d6:a6:f9:85:68:
c6:ee:24:f6:77:75:2a:75:1c:9a:6e:cf:03:3e:27:db:bd:63:
93:d6:33:45:25:1b:3e:1f:f6:07:3e:a4:c6:66:2b:10:b6:66:
61:d5:68:99
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAV2GMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjIxMDc0MTQxWhcNMjUwNzI3MDc0MTQxWjAYMRYw
FAYDVQQDEw02ODU2NjIzOS05ZWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv6QAquX9UyRGF8lmWjEn03uX7CMCY9K1exnvn8vYA5ccF1FjGPUSpuFt
m34Fz2uu1Ul6Y8ZeM4KXMYG/5JqZPv7kiKs23WG0pdh5MdbEwaRyla0OYbfz5e6x
xShekeGKacyCG3T3x2BjUKdpoZNGwV/USLgK5ltwqlgucY1bVHbGN1kf/809u40w
7pTsqIt4mXXaE+/RmvU0TqMCzfWTjgxkwea2IFB7UKxgg3YHam7QTRXwXnmzBdmm
zSP/6/rPeDBqs4/tXjjno1vhMdHlvSqHhIq7cycRV95ErLmwyOeWbhahoyv5nPVi
CNm+SmWuzcDWwr8qregG/0Wz4U9rUQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFCNS
wKz0X0h04mSW9SVq+rU5JDLJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRTFBRjYxQzRFNzMxMUYwQTQyNTc0OUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALcA7AwQALcA/AwQALcOhMA0G
CSqGSIb3DQEBCwUAA4IBAQAgBCMEN6C8iYFnhZTTyA6fbRWX8o/VRYItph7K+4nR
OvYRrnehlzVWKvnNk59BDR9/G3ZoOw3XH45M2vErqUL1mKENP2lkLt/ZwyL1Q6OB
zaf98NpVKBVsSIQON+YzLhAcGyyyXZfKe0dCNaCQjK//hMK66FrZ9G5ok2DjB9BD
IRcZqHDUITJnFfWKYziX/FVvZ/hjx0KtP3ir/Z2rzpvnIURx8P+ft4QLKWP+jbTr
syshnW7yPUD1rpE4YRmJAre+8e2lbQXcV69bufOeOmoTPOpS1qb5hWjG7iT2d3Uq
dRyabs8DPifbvWOT1jNFJRs+H/YHPqTGZisQtmZh1WiZ
-----END CERTIFICATE-----
Generated at Wed Jul 2 23:23:11 2025 by rpki-client