Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43DBB55024D811F0A82F0B7ADAE4EC9C.roa
File: 43DBB55024D811F0A82F0B7ADAE4EC9C.roa (raw, json)
Hash identifier: CB4XnGn5O4eHYE6NHO7AfQL4DVoytS3GWDsNtfeI9wY=
Subject key identifier: C6:DF:94:5E:02:02:4F:BB:5E:8C:CD:20:6D:B0:CA:81:A0:DD:7C:AE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015039
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43DBB55024D811F0A82F0B7ADAE4EC9C.roa
Signing time: Tue 29 Apr 2025 08:59:32 +0000
ROA not before: Tue 29 Apr 2025 08:59:28 +0000
ROA not after: Fri 30 May 2025 08:59:28 +0000
asID: 62468
IP address blocks: 45.204.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86073 (0x15039)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 08:59:28 2025 GMT
Not After : May 30 08:59:28 2025 GMT
Subject: CN=681094f4-89b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fd:88:29:b3:da:76:cb:21:c9:c7:70:31:91:
24:18:95:7f:76:42:1c:32:9c:c6:c3:cd:85:6f:79:
84:d1:5d:2b:c5:7d:22:a2:8a:48:d4:8f:d2:07:70:
cd:42:06:7a:13:ce:21:ff:01:9a:63:68:e4:ca:1a:
0c:46:a4:be:e5:e7:4d:b0:44:83:f3:e1:db:8f:d8:
ab:06:c6:99:8e:94:e3:d9:80:ab:6c:a7:de:18:51:
35:ed:82:2d:ae:36:77:dd:9f:96:bf:f7:75:0a:bc:
1d:34:9a:28:29:35:90:0b:86:3f:a9:96:93:21:62:
e4:87:33:d5:72:7c:08:26:26:02:53:9c:89:d9:72:
5b:dd:e4:ac:02:2d:83:db:e0:ac:e1:fc:2a:b7:6d:
02:c1:00:a1:71:c0:71:80:72:07:c0:06:75:47:d9:
17:ae:78:94:7c:67:10:f2:a3:80:0f:67:37:2d:1f:
62:ef:82:bc:8f:33:2b:9e:5a:33:03:a9:ff:86:91:
f7:bc:ea:89:e1:77:00:a1:a1:11:6c:cc:3f:13:28:
67:51:c0:c6:53:14:b9:ed:34:94:bc:f4:be:9e:85:
66:85:ce:2c:4e:8b:d0:b4:24:b7:88:a0:62:e3:5b:
df:c3:3b:93:e4:25:c5:ef:1c:d5:8c:e9:8f:78:6d:
4e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DF:94:5E:02:02:4F:BB:5E:8C:CD:20:6D:B0:CA:81:A0:DD:7C:AE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43DBB55024D811F0A82F0B7ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.192.0/19
Signature Algorithm: sha256WithRSAEncryption
79:02:f3:72:37:74:2d:7a:4c:08:2d:62:2a:30:ae:c5:37:f7:
c0:a3:5f:51:6b:23:e0:cf:66:ce:80:9c:60:4e:71:19:20:80:
9b:6b:fb:f7:0f:8f:8e:09:30:a6:db:25:ce:e8:63:83:b7:ce:
9e:eb:70:d1:a9:f1:e8:8b:1e:2a:63:df:cd:5a:7e:64:4e:f3:
52:91:f2:57:e7:61:32:96:a0:60:f6:b0:ed:db:33:2a:05:5c:
11:83:8a:55:72:80:7f:04:4a:4e:9d:6f:65:36:0b:00:39:78:
47:ed:65:dc:8b:f2:2b:91:09:02:63:8d:cc:9f:6e:6f:a2:03:
8f:4c:db:ad:c8:8f:b7:10:a8:98:48:38:87:e0:bf:df:d7:9a:
97:df:51:e3:34:13:c2:65:f8:89:cb:0d:00:2f:cf:64:ed:11:
e3:cb:7d:c4:98:98:ea:8a:92:07:94:fd:f2:dd:93:86:05:83:
83:ff:25:bf:f2:64:c0:e0:be:43:6e:f7:3c:9e:ff:c6:72:96:
d3:50:9d:3b:de:01:fa:93:d9:4c:89:92:be:f0:29:8c:78:af:
9e:8f:17:09:cc:ce:2d:64:f0:13:7f:c7:47:74:9c:52:4c:6f:
37:e0:ff:68:a9:5b:a7:f9:d2:e7:38:8c:3c:21:72:0d:38:da:
ac:63:a0:36
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVA5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI5MDg1OTI4WhcNMjUwNTMwMDg1OTI4WjAYMRYw
FAYDVQQDEw02ODEwOTRmNC04OWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxf2IKbPadsshycdwMZEkGJV/dkIcMpzGw82Fb3mE0V0rxX0ioopI1I/S
B3DNQgZ6E84h/wGaY2jkyhoMRqS+5edNsESD8+Hbj9irBsaZjpTj2YCrbKfeGFE1
7YItrjZ33Z+Wv/d1CrwdNJooKTWQC4Y/qZaTIWLkhzPVcnwIJiYCU5yJ2XJb3eSs
Ai2D2+Cs4fwqt20CwQChccBxgHIHwAZ1R9kXrniUfGcQ8qOAD2c3LR9i74K8jzMr
nlozA6n/hpH3vOqJ4XcAoaERbMw/EyhnUcDGUxS57TSUvPS+noVmhc4sTovQtCS3
iKBi41vfwzuT5CXF7xzVjOmPeG1ORwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMbf
lF4CAk+7XozNIG2wyoGg3XyuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80M0RCQjU1MDI0RDgxMUYwQTgyRjBCN0FEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLczAMA0GCSqGSIb3DQEBCwUA
A4IBAQB5AvNyN3QtekwILWIqMK7FN/fAo19RayPgz2bOgJxgTnEZIICba/v3D4+O
CTCm2yXO6GODt86e63DRqfHoix4qY9/NWn5kTvNSkfJX52EylqBg9rDt2zMqBVwR
g4pVcoB/BEpOnW9lNgsAOXhH7WXci/IrkQkCY43Mn25vogOPTNutyI+3EKiYSDiH
4L/f15qX31HjNBPCZfiJyw0AL89k7RHjy33EmJjqipIHlP3y3ZOGBYOD/yW/8mTA
4L5Dbvc8nv/GcpbTUJ073gH6k9lMiZK+8CmMeK+ejxcJzM4tZPATf8dHdJxSTG83
4P9oqVun+dLnOIw8IXINONqsY6A2
-----END CERTIFICATE-----
Generated at Mon May 12 04:28:02 2025 by rpki-client