Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/608C287A4B6011F09589C785DAE4EC9C.roa
File: 608C287A4B6011F09589C785DAE4EC9C.roa (raw, json)
Hash identifier: e6XcGsoO2LbYmRQvfOhHQ0k1ZSJaCjVGBhvZTAuSoYs=
Subject key identifier: CE:5E:B5:85:CA:C9:BA:53:8C:7C:66:48:8B:0E:78:EB:EF:50:10:A0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015C8E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/608C287A4B6011F09589C785DAE4EC9C.roa
Signing time: Tue 17 Jun 2025 09:49:37 +0000
ROA not before: Tue 17 Jun 2025 09:49:30 +0000
ROA not after: Tue 23 Jun 2026 09:49:30 +0000
asID: 13335
IP address blocks: 45.196.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Jul 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89230 (0x15c8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 17 09:49:30 2025 GMT
Not After : Jun 23 09:49:30 2026 GMT
Subject: CN=68513a31-d932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cb:96:59:5d:f9:d6:7a:a4:d6:b6:ce:fe:06:
b8:75:e2:37:60:c4:30:90:cd:23:e7:f5:27:b3:73:
a6:25:06:d5:f1:35:36:0a:9a:42:dd:48:f1:21:9b:
a9:b5:c5:85:54:91:18:09:b8:d4:cc:41:69:8f:34:
08:52:53:ce:d3:be:87:94:ed:5c:fc:e8:68:67:ae:
11:7b:54:8f:f1:28:9d:02:b8:37:22:42:26:4d:50:
a1:c6:d8:e2:ed:a3:7c:60:30:fc:97:dc:39:76:c4:
4f:2f:27:c0:bb:da:f4:9d:e2:68:9b:49:e4:f2:15:
22:6d:ac:25:b5:9c:76:8a:89:07:93:f1:27:b6:a3:
60:5f:1e:18:ca:bc:ee:9e:22:65:43:d2:bd:40:ae:
c1:22:7e:44:bb:3c:3f:f4:4c:2f:df:2e:05:17:cc:
5f:9c:01:7e:fc:b7:74:a9:56:4d:f0:84:87:f7:55:
e7:ab:67:aa:c6:1d:79:21:3f:f8:f2:da:46:05:4b:
b6:6a:d5:2d:c2:2c:3e:08:bd:03:a6:b0:ac:de:92:
43:3b:53:7e:11:0c:37:7f:c9:a5:4c:dd:b9:a0:fa:
a9:9d:f7:f7:60:55:56:aa:dd:c4:e2:1c:a1:ee:2e:
f5:33:89:54:b4:86:cf:7b:b2:4c:83:54:10:ee:c6:
2c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5E:B5:85:CA:C9:BA:53:8C:7C:66:48:8B:0E:78:EB:EF:50:10:A0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/608C287A4B6011F09589C785DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.29.0/24
Signature Algorithm: sha256WithRSAEncryption
99:4e:95:82:6a:b6:e0:a6:31:79:2a:ce:c0:85:95:77:88:c1:
8c:67:61:8f:72:a4:b6:12:cf:dc:d5:fb:a8:01:ab:75:a9:8c:
4c:96:7d:d4:00:a4:3d:c9:d8:2e:19:32:18:42:5b:02:a0:ea:
ab:c2:ae:5a:e9:f7:07:38:01:b1:db:2a:db:99:f4:e6:a1:c3:
40:df:d8:52:c1:38:ac:73:37:f3:9b:45:2f:d4:44:38:b3:86:
6f:a8:9c:5a:eb:aa:5c:82:ef:12:f7:15:c3:b3:ec:9f:27:1b:
91:60:12:cf:e7:db:4f:f8:5b:53:4e:9e:dd:fc:98:81:43:ab:
89:1f:8b:7f:72:f9:19:a5:f1:58:f0:78:50:db:a5:40:7f:80:
b1:d8:f0:41:76:e9:2a:9c:2d:70:64:1f:b7:f7:8d:ad:0e:43:
24:bb:04:fb:b2:cf:11:51:5e:a3:2d:8d:77:1b:25:88:2d:4e:
58:5d:4d:ed:1f:55:91:b3:77:d3:cc:f6:29:75:b9:b3:06:89:
92:09:22:8d:55:97:f1:2e:14:c3:7e:a7:ac:d9:60:f7:5b:d7:
29:96:f9:da:85:b0:05:86:60:92:27:7c:06:0a:ab:e8:8b:c6:
41:47:69:2f:02:f6:43:3c:d4:f5:1f:47:81:db:d0:c9:46:5b:
90:07:82:21
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVyOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE3MDk0OTMwWhcNMjYwNjIzMDk0OTMwWjAYMRYw
FAYDVQQDEw02ODUxM2EzMS1kOTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuMuWWV351nqk1rbO/ga4deI3YMQwkM0j5/Uns3OmJQbV8TU2CppC3Ujx
IZuptcWFVJEYCbjUzEFpjzQIUlPO076HlO1c/OhoZ64Re1SP8SidArg3IkImTVCh
xtji7aN8YDD8l9w5dsRPLyfAu9r0neJom0nk8hUibawltZx2iokHk/EntqNgXx4Y
yrzuniJlQ9K9QK7BIn5Euzw/9Ewv3y4FF8xfnAF+/Ld0qVZN8ISH91Xnq2eqxh15
IT/48tpGBUu2atUtwiw+CL0DprCs3pJDO1N+EQw3f8mlTN25oPqpnff3YFVWqt3E
4hyh7i71M4lUtIbPe7JMg1QQ7sYstwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM5e
tYXKybpTjHxmSIsOeOvvUBCgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MDhDMjg3QTRCNjAxMUYwOTU4OUM3ODVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcQdMA0GCSqGSIb3DQEBCwUA
A4IBAQCZTpWCarbgpjF5Ks7AhZV3iMGMZ2GPcqS2Es/c1fuoAat1qYxMln3UAKQ9
ydguGTIYQlsCoOqrwq5a6fcHOAGx2yrbmfTmocNA39hSwTisczfzm0Uv1EQ4s4Zv
qJxa66pcgu8S9xXDs+yfJxuRYBLP59tP+FtTTp7d/JiBQ6uJH4t/cvkZpfFY8HhQ
26VAf4Cx2PBBdukqnC1wZB+3942tDkMkuwT7ss8RUV6jLY13GyWILU5YXU3tH1WR
s3fTzPYpdbmzBomSCSKNVZfxLhTDfqes2WD3W9cplvnahbAFhmCSJ3wGCqvoi8ZB
R2kvAvZDPNT1H0eB29DJRluQB4Ih
-----END CERTIFICATE-----
Generated at Thu Jul 3 00:22:37 2025 by rpki-client