Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9A1888A62BF111F08092E679DAE4EC9C.roa
File: 9A1888A62BF111F08092E679DAE4EC9C.roa (raw, json)
Hash identifier: yVpe6HaEfjPoTTwdb3eCho0z9o8EiO06tLh7s4AUzCk=
Subject key identifier: C3:08:6A:BC:A9:EA:37:19:AC:C0:49:61:DD:B2:C7:75:F9:CA:B9:CE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0152D7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9A1888A62BF111F08092E679DAE4EC9C.roa
Signing time: Thu 08 May 2025 09:48:32 +0000
ROA not before: Thu 08 May 2025 09:48:28 +0000
ROA not after: Mon 19 May 2025 09:48:28 +0000
asID: 26617
IP address blocks: 45.195.146.0/24 maxlen: 24
45.195.206.0/24 maxlen: 24
45.195.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86743 (0x152d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 8 09:48:28 2025 GMT
Not After : May 19 09:48:28 2025 GMT
Subject: CN=681c7df0-f96b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:43:92:3c:dd:a0:58:d4:ad:ce:32:22:5d:45:
e9:73:d5:e6:34:1b:39:2a:a5:5d:48:e0:c1:73:4d:
12:50:be:11:52:63:b1:2f:ac:eb:58:b0:1b:e9:b3:
31:20:75:d4:27:39:76:66:d0:2f:f5:76:fa:1a:4f:
80:31:9b:0d:7e:35:88:9e:99:be:bb:27:6d:c2:cc:
85:6f:59:2f:3d:d3:0a:67:67:df:6e:d4:ee:d6:47:
7c:4c:63:49:55:e1:8e:cc:42:07:db:9c:a8:fc:6d:
8b:64:cc:40:41:d0:5d:be:92:9d:94:cc:23:77:6f:
66:bd:6a:81:ff:f1:70:f1:20:da:69:f1:30:8c:d0:
8f:b5:ce:9f:ec:56:ad:fa:4c:b3:08:34:b8:a1:9a:
54:98:a7:59:32:59:fb:1d:4d:1d:ae:93:bd:b5:36:
98:ed:94:1f:6f:71:19:12:92:0e:d9:52:1d:14:15:
07:67:dc:f7:46:9a:38:ba:1a:6f:49:09:fb:3e:8f:
18:69:c6:eb:f8:a2:3f:7c:2d:fd:db:6b:8e:eb:ae:
5a:6a:aa:60:5d:e7:4b:1b:a4:63:1a:a4:b9:61:43:
b0:07:90:33:8a:82:53:e2:75:63:33:92:25:98:a8:
f9:4a:ae:50:3f:2d:cd:10:a2:94:bf:9c:ab:91:cc:
c4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:08:6A:BC:A9:EA:37:19:AC:C0:49:61:DD:B2:C7:75:F9:CA:B9:CE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9A1888A62BF111F08092E679DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.146.0/24
45.195.206.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:57:15:bf:9d:08:a1:6e:c1:8e:90:2b:72:cf:50:c3:77:19:
56:8e:22:e2:5e:2e:94:2b:3d:53:a8:8b:25:b1:aa:f6:d4:17:
c9:09:52:24:b2:e2:1e:44:6f:c3:45:a0:2b:30:ff:95:f9:e4:
cf:6e:ea:c1:7f:ca:3f:d5:83:dc:fc:12:7d:da:a8:38:a5:85:
ec:9e:f0:3d:55:b6:0c:ff:d6:88:a1:56:e8:2b:c2:28:49:ec:
ab:6a:d9:23:2d:4f:03:63:1e:b0:1a:f3:ad:47:3b:0e:e2:91:
bb:bd:2a:c9:6e:10:85:cc:66:94:d9:02:7f:3c:6b:b8:46:16:
29:f4:d1:6e:20:c5:70:c6:2b:7d:c6:04:f4:b1:1c:79:b7:22:
70:2f:92:bf:16:bd:ff:49:fb:b0:c1:cc:4b:ec:09:3b:ac:ab:
41:e5:92:8e:cb:b1:f7:8a:93:90:45:c8:d8:60:f7:c8:a4:98:
cb:55:c0:2a:9e:27:c9:59:be:1d:f6:56:8a:2f:fa:2c:84:f2:
4e:e4:0f:fe:cd:20:6f:e4:cf:e7:50:90:a5:b1:f6:ad:ec:b7:
71:2b:2a:1e:49:3e:71:0a:2a:1d:0b:8c:e5:3d:11:6a:4a:c7:
7b:97:e6:8f:d6:cf:fd:57:12:ac:ca:f4:a5:6a:ce:79:70:24:
68:44:20:6e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVLXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA4MDk0ODI4WhcNMjUwNTE5MDk0ODI4WjAYMRYw
FAYDVQQDEw02ODFjN2RmMC1mOTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4EOSPN2gWNStzjIiXUXpc9XmNBs5KqVdSODBc00SUL4RUmOxL6zrWLAb
6bMxIHXUJzl2ZtAv9Xb6Gk+AMZsNfjWInpm+uydtwsyFb1kvPdMKZ2ffbtTu1kd8
TGNJVeGOzEIH25yo/G2LZMxAQdBdvpKdlMwjd29mvWqB//Fw8SDaafEwjNCPtc6f
7Fat+kyzCDS4oZpUmKdZMln7HU0drpO9tTaY7ZQfb3EZEpIO2VIdFBUHZ9z3Rpo4
uhpvSQn7Po8Yacbr+KI/fC3922uO665aaqpgXedLG6RjGqS5YUOwB5AzioJT4nVj
M5IlmKj5Sq5QPy3NEKKUv5yrkczE0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMMI
aryp6jcZrMBJYd2yx3X5yrnOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QTE4ODhBNjJCRjExMUYwODA5MkU2NzlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcOSAwQBLcPOMA0GCSqGSIb3
DQEBCwUAA4IBAQAcVxW/nQihbsGOkCtyz1DDdxlWjiLiXi6UKz1TqIslsar21BfJ
CVIksuIeRG/DRaArMP+V+eTPburBf8o/1YPc/BJ92qg4pYXsnvA9VbYM/9aIoVbo
K8IoSeyratkjLU8DYx6wGvOtRzsO4pG7vSrJbhCFzGaU2QJ/PGu4RhYp9NFuIMVw
xit9xgT0sRx5tyJwL5K/Fr3/SfuwwcxL7Ak7rKtB5ZKOy7H3ipOQRcjYYPfIpJjL
VcAqnifJWb4d9laKL/oshPJO5A/+zSBv5M/nUJClsfat7LdxKyoeST5xCiodC4zl
PRFqSsd7l+aP1s/9VxKsyvSlas55cCRoRCBu
-----END CERTIFICATE-----
Generated at Mon May 12 11:25:36 2025 by rpki-client