Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38D0A78C2B2311F0B5693596DAE4EC9C.roa
File: 38D0A78C2B2311F0B5693596DAE4EC9C.roa (raw, json)
Hash identifier: Q7rzVGaoR4iuQhZjO8MeuQggRbIadCBaf72fv2hH7/8=
Subject key identifier: EE:D0:6F:E1:DB:8D:DA:47:44:11:24:D5:11:54:22:A3:C4:82:10:21
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01527C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38D0A78C2B2311F0B5693596DAE4EC9C.roa
Signing time: Wed 07 May 2025 09:11:13 +0000
ROA not before: Wed 07 May 2025 09:11:08 +0000
ROA not after: Thu 12 Jun 2025 09:11:08 +0000
asID: 48266
IP address blocks: 45.207.218.0/23 maxlen: 24
45.207.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86652 (0x1527c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 7 09:11:08 2025 GMT
Not After : Jun 12 09:11:08 2025 GMT
Subject: CN=681b23b1-684a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:27:fc:d6:88:ae:e2:bb:ee:28:a1:7d:eb:db:
9e:5e:00:bb:d3:14:14:6f:17:66:2f:9c:34:ef:6b:
5c:e8:eb:27:bf:17:97:18:3f:74:d8:50:7f:94:1f:
57:98:3f:f5:4c:ff:50:7c:a8:4c:53:d8:4a:6e:e7:
15:d0:11:4e:1c:82:f9:04:c8:42:fe:f3:4d:43:61:
66:e5:9e:41:51:71:d8:b3:67:c9:07:2b:c9:21:4f:
5e:d9:81:d4:8b:56:8d:01:58:ac:78:98:71:f8:9b:
86:50:f5:5a:01:90:35:fa:6c:92:54:c1:28:87:52:
bb:97:1e:92:d1:68:1b:87:ff:be:2a:21:8c:2e:3a:
ad:7e:f3:f0:d8:13:41:5d:ab:ba:00:59:cf:db:3c:
bb:95:bb:a4:85:af:38:f3:cd:b2:4d:02:f8:95:0c:
90:4e:a8:32:0e:ec:d9:e7:c9:fa:e8:d7:04:38:79:
89:73:08:ad:8a:a0:72:58:cb:3f:bb:27:78:38:57:
e8:99:64:c1:85:4a:ae:fe:2e:85:be:4f:69:fa:ae:
d3:1a:66:58:56:40:c3:2a:2c:29:23:21:30:31:63:
55:4a:e0:2e:65:fc:5f:c0:ab:d6:70:86:ae:71:29:
de:d8:d7:6d:60:87:bd:98:21:0e:c0:3d:c2:7f:c6:
0b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D0:6F:E1:DB:8D:DA:47:44:11:24:D5:11:54:22:A3:C4:82:10:21
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38D0A78C2B2311F0B5693596DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.218.0-45.207.223.255
Signature Algorithm: sha256WithRSAEncryption
05:a8:f4:3a:a6:8f:22:49:73:3f:9b:10:a4:b2:f9:53:5a:21:
b2:9c:1e:ee:d4:4a:95:8e:ef:e0:f9:f2:48:90:7f:73:90:23:
db:9d:ff:1b:0a:36:d8:1a:c3:5e:11:b0:a9:17:fb:3c:53:16:
b5:ff:b9:5e:69:f9:ab:45:88:98:f1:bd:79:cf:9c:77:70:49:
19:f5:1d:ee:89:66:29:e7:b9:53:6c:73:3c:d5:fc:50:9b:5c:
d1:04:1a:d3:55:c3:a0:24:7d:7a:9e:0b:02:1d:d4:45:7e:18:
df:2f:55:02:45:ca:1e:4d:9c:83:bb:83:e7:ad:73:40:54:5c:
7d:3c:9a:d4:ab:37:87:0e:41:4f:8e:3e:35:61:48:d5:ca:4f:
a2:d6:41:b9:01:0b:61:73:de:b0:e5:d6:7c:b7:46:13:b2:de:
f3:b8:8a:6f:52:cd:74:7a:88:48:1f:bc:ae:bb:72:58:b2:6a:
ce:58:13:33:ca:d2:7c:71:3b:ab:00:72:4b:7f:c4:a7:14:f6:
3d:8c:8f:28:05:67:2b:94:25:ba:e1:4f:2d:7b:77:e3:aa:4e:
16:16:35:cc:4f:97:42:b4:49:ac:dc:40:81:38:49:8f:da:f6:
e8:a1:2f:fe:4a:75:0e:48:6e:aa:9f:c3:e0:be:24:fe:95:bb:
ff:6c:2f:bc
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVJ8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA3MDkxMTA4WhcNMjUwNjEyMDkxMTA4WjAYMRYw
FAYDVQQDEw02ODFiMjNiMS02ODRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvif81oiu4rvuKKF969ueXgC70xQUbxdmL5w072tc6OsnvxeXGD902FB/
lB9XmD/1TP9QfKhMU9hKbucV0BFOHIL5BMhC/vNNQ2Fm5Z5BUXHYs2fJByvJIU9e
2YHUi1aNAViseJhx+JuGUPVaAZA1+mySVMEoh1K7lx6S0Wgbh/++KiGMLjqtfvPw
2BNBXau6AFnP2zy7lbukha84882yTQL4lQyQTqgyDuzZ58n66NcEOHmJcwitiqBy
WMs/uyd4OFfomWTBhUqu/i6Fvk9p+q7TGmZYVkDDKiwpIyEwMWNVSuAuZfxfwKvW
cIaucSne2NdtYIe9mCEOwD3Cf8YLOwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFO7Q
b+HbjdpHRBEk1RFUIqPEghAhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zOEQwQTc4QzJCMjMxMUYwQjU2OTM1OTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEtz9oDBAUtz8AwDQYJKoZI
hvcNAQELBQADggEBAAWo9DqmjyJJcz+bEKSy+VNaIbKcHu7USpWO7+D58kiQf3OQ
I9ud/xsKNtgaw14RsKkX+zxTFrX/uV5p+atFiJjxvXnPnHdwSRn1He6JZinnuVNs
czzV/FCbXNEEGtNVw6AkfXqeCwId1EV+GN8vVQJFyh5NnIO7g+etc0BUXH08mtSr
N4cOQU+OPjVhSNXKT6LWQbkBC2Fz3rDl1ny3RhOy3vO4im9SzXR6iEgfvK67cliy
as5YEzPK0nxxO6sAckt/xKcU9j2MjygFZyuUJbrhTy17d+OqThYWNcxPl0K0Sazc
QIE4SY/a9uihL/5KdQ5Ibqqfw+C+JP6Vu/9sL7w=
-----END CERTIFICATE-----
Generated at Sun May 11 04:19:02 2025 by rpki-client