Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F56993424D011F0A03A24C7DAE4EC9C.roa
File: 9F56993424D011F0A03A24C7DAE4EC9C.roa (raw, json)
Hash identifier: N220TcVTII9yR48ZWWtr5h2K2NUoTO8vlUZHjYCeQgw=
Subject key identifier: D1:6C:25:FD:00:07:0B:CA:EE:89:A6:32:25:86:1D:C6:7B:8B:8F:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01502B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F56993424D011F0A03A24C7DAE4EC9C.roa
Signing time: Tue 29 Apr 2025 08:04:50 +0000
ROA not before: Tue 29 Apr 2025 08:04:45 +0000
ROA not after: Wed 04 Jun 2025 08:04:45 +0000
asID: 398823
IP address blocks: 45.205.112.0/20 maxlen: 24
45.205.176.0/20 maxlen: 24
45.205.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86059 (0x1502b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 08:04:45 2025 GMT
Not After : Jun 4 08:04:45 2025 GMT
Subject: CN=68108822-24fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e8:8c:10:68:eb:6c:bd:74:3a:a6:52:c0:fd:
90:7e:eb:6b:00:6d:f3:36:cd:c1:1f:c4:49:56:12:
76:fa:1e:99:79:42:f0:87:5f:d0:bc:08:0c:65:09:
e0:cb:6f:3e:85:76:22:12:d0:b0:d0:72:2c:c2:82:
0b:1e:3b:fb:43:d0:55:d1:62:55:ea:a2:d7:45:ee:
32:89:d5:7e:35:79:b1:db:71:27:27:94:59:a4:8c:
d8:81:9d:ec:da:07:14:42:84:e5:e0:68:c0:66:96:
e9:85:b2:8c:8e:16:a5:6f:b1:90:88:73:1c:b3:d5:
94:13:b4:35:ab:48:f2:28:21:0a:2e:58:84:15:66:
94:bf:d2:af:12:52:a3:75:da:d3:fe:23:3e:0b:d7:
b7:58:6e:ad:8b:a7:cc:81:e5:f0:bd:b6:44:3c:ae:
d6:3d:dc:91:c5:8e:ec:00:98:ea:8a:a8:33:bc:75:
fc:2f:09:38:48:49:48:46:83:86:d8:d3:2b:b2:64:
c6:7b:40:16:f7:e4:7a:77:5b:3b:92:b2:3e:a4:21:
c2:ec:bd:fe:f4:b0:41:05:88:0a:4b:b3:c1:cd:f9:
0e:8a:5d:f7:8c:db:2e:3a:b5:d4:f0:a3:24:ab:2d:
5f:17:91:a6:e9:43:74:bb:a2:0b:b8:b0:23:8d:28:
48:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:6C:25:FD:00:07:0B:CA:EE:89:A6:32:25:86:1D:C6:7B:8B:8F:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F56993424D011F0A03A24C7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.112.0/20
45.205.176.0/20
45.205.240.0/20
Signature Algorithm: sha256WithRSAEncryption
66:18:fc:00:e1:6b:ae:5f:d7:5f:ee:aa:40:8d:a3:98:31:dd:
4c:6f:44:87:9c:b0:ed:a5:49:de:7a:67:2b:76:21:c9:ba:65:
32:58:ff:63:83:ce:87:47:c2:ac:d0:99:21:14:3f:e2:4a:1e:
0d:97:87:ca:f3:36:7f:e1:7a:59:a6:3d:a6:19:a8:ac:1f:2e:
6b:ac:af:e9:fc:3b:e9:6a:59:b4:f7:fe:c6:be:e9:48:58:21:
86:81:4e:c9:a0:93:d2:e3:cd:de:b8:f6:e0:57:80:f3:4b:d4:
fa:af:6c:28:cf:81:f0:1a:a8:57:84:c1:c1:da:0b:07:3b:a3:
b6:25:9c:9c:2d:b4:c4:16:cb:61:9e:4c:36:5e:05:93:42:61:
4a:50:95:a7:d2:dd:7a:64:d8:41:ce:98:be:ab:91:fb:4c:f0:
87:35:95:cf:1b:7f:7a:af:f6:73:3d:34:9d:12:ad:a0:23:ee:
6c:b0:b1:ba:a7:a2:5e:8b:b0:39:98:46:d8:63:16:c4:ba:4f:
57:f2:34:c9:a2:63:54:ef:b8:33:b7:75:64:2b:4f:fe:7c:06:
0a:b3:68:f1:08:41:70:75:46:87:62:40:b6:88:ea:a7:ee:61:
7c:a0:d2:f8:a9:3d:23:1c:ff:fd:cb:e9:58:9d:08:15:9a:39:
2b:b1:af:f8
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVArMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI5MDgwNDQ1WhcNMjUwNjA0MDgwNDQ1WjAYMRYw
FAYDVQQDEw02ODEwODgyMi0yNGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn+iMEGjrbL10OqZSwP2QfutrAG3zNs3BH8RJVhJ2+h6ZeULwh1/QvAgM
ZQngy28+hXYiEtCw0HIswoILHjv7Q9BV0WJV6qLXRe4yidV+NXmx23EnJ5RZpIzY
gZ3s2gcUQoTl4GjAZpbphbKMjhalb7GQiHMcs9WUE7Q1q0jyKCEKLliEFWaUv9Kv
ElKjddrT/iM+C9e3WG6ti6fMgeXwvbZEPK7WPdyRxY7sAJjqiqgzvHX8Lwk4SElI
RoOG2NMrsmTGe0AW9+R6d1s7krI+pCHC7L3+9LBBBYgKS7PBzfkOil33jNsuOrXU
8KMkqy1fF5Gm6UN0u6ILuLAjjShIJQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFNFs
Jf0ABwvK7ommMiWGHcZ7i4/hMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RjU2OTkzNDI0RDAxMUYwQTAzQTI0QzdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQELc1wAwQELc2wAwQELc3wMA0G
CSqGSIb3DQEBCwUAA4IBAQBmGPwA4WuuX9df7qpAjaOYMd1Mb0SHnLDtpUneemcr
diHJumUyWP9jg86HR8Ks0JkhFD/iSh4Nl4fK8zZ/4XpZpj2mGaisHy5rrK/p/Dvp
alm09/7GvulIWCGGgU7JoJPS483euPbgV4DzS9T6r2woz4HwGqhXhMHB2gsHO6O2
JZycLbTEFsthnkw2XgWTQmFKUJWn0t16ZNhBzpi+q5H7TPCHNZXPG396r/ZzPTSd
Eq2gI+5ssLG6p6Jei7A5mEbYYxbEuk9X8jTJomNU77gzt3VkK0/+fAYKs2jxCEFw
dUaHYkC2iOqn7mF8oNL4qT0jHP/9y+lYnQgVmjkrsa/4
-----END CERTIFICATE-----
Generated at Sun May 11 15:00:54 2025 by rpki-client