Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAD71FFE49DD11F0A242C6B2DAE4EC9C.roa
File: AAD71FFE49DD11F0A242C6B2DAE4EC9C.roa (raw, json)
Hash identifier: CsCL3jjd3Oe13gSsirxOExIcgPPR0OesBWMRSwKdVpQ=
Subject key identifier: 45:E4:33:51:0A:DB:F3:6A:8D:BF:B6:68:D9:C4:B4:88:24:7F:54:3E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015C66
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAD71FFE49DD11F0A242C6B2DAE4EC9C.roa
Signing time: Sun 15 Jun 2025 11:41:26 +0000
ROA not before: Sun 15 Jun 2025 11:41:21 +0000
ROA not after: Sat 12 Jul 2025 11:41:21 +0000
asID: 53808
IP address blocks: 45.207.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 06:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89190 (0x15c66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 15 11:41:21 2025 GMT
Not After : Jul 12 11:41:21 2025 GMT
Subject: CN=684eb165-12af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b6:47:d0:6d:70:3d:78:fe:92:ee:a0:e2:0e:
db:f2:a2:e8:27:22:d0:f8:80:52:96:8e:db:df:42:
e3:6e:19:61:27:a3:db:78:54:5a:17:59:90:b2:02:
2d:69:00:62:5f:6b:96:14:3c:d3:65:66:fb:14:e0:
9c:90:81:df:58:08:a9:e3:39:5a:6d:d6:65:f3:31:
a5:ad:cc:dc:44:bb:65:3a:e1:6d:b0:d8:bd:93:02:
e8:04:c6:b2:7e:4b:45:76:6e:26:c8:89:b1:07:f9:
12:39:1f:63:73:c5:18:f7:40:d0:3e:13:72:0e:d5:
bd:b6:55:2f:3b:c0:ff:71:2f:6f:0c:57:41:ba:bc:
54:91:0b:94:cb:73:3a:02:a4:eb:9d:08:c0:f6:d4:
64:63:24:9b:d3:ab:a2:0f:96:52:97:36:88:69:0a:
28:fb:ca:5b:93:9d:f2:13:fc:02:90:32:ea:cb:e3:
a5:9a:86:9e:f2:fb:ed:7f:3c:8e:a3:f1:98:ba:d8:
05:a3:9f:16:f6:b6:56:f3:90:76:99:fb:5b:d9:a8:
21:bd:54:47:bc:ba:31:00:ec:80:0f:8f:e7:af:f4:
7e:2b:77:d7:05:f9:a0:f8:20:5e:97:2f:ac:84:56:
af:7b:3c:20:7b:ac:3e:2a:7f:3a:4b:48:a7:1f:5a:
79:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E4:33:51:0A:DB:F3:6A:8D:BF:B6:68:D9:C4:B4:88:24:7F:54:3E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAD71FFE49DD11F0A242C6B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.217.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:e8:7c:f1:d9:80:28:f2:d0:f4:0b:e6:26:5e:d4:5a:c1:b5:
da:43:93:b5:fa:b7:a1:cf:41:32:94:27:22:b6:b6:8a:cf:f0:
af:44:37:1f:49:29:be:70:dc:05:a0:fa:f1:53:bc:be:a0:64:
da:27:20:02:f5:9b:44:e2:36:41:2a:e3:86:1e:8f:46:52:cf:
fe:aa:88:ba:3f:e2:43:6d:9c:4d:58:52:d9:31:59:5e:c5:f6:
a8:fd:39:28:5b:bb:22:48:aa:97:60:ae:22:3b:bb:70:88:7b:
22:44:73:ba:7a:c4:46:e7:93:b9:40:21:a3:de:79:ea:16:99:
67:46:47:00:cd:56:c0:6f:88:6e:69:37:ae:5d:36:b3:b0:18:
ea:ef:c2:f9:64:e1:59:08:cf:3a:75:bb:15:60:b0:be:d5:6e:
a2:ef:e0:07:e8:65:01:30:0f:2a:1d:91:ce:23:99:a5:c4:48:
1d:62:34:76:5e:14:2e:f0:dc:5a:53:59:02:5a:af:ab:00:31:
82:f3:88:b4:19:d4:4d:db:03:21:a8:23:8c:71:9c:c5:ea:77:
90:86:b5:62:aa:59:34:c3:2c:9d:46:d4:34:04:a6:d1:17:00:
3b:81:9b:5c:d5:49:db:00:29:48:24:fd:de:4f:e9:65:f1:f7:
89:03:b8:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVxmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE1MTE0MTIxWhcNMjUwNzEyMTE0MTIxWjAYMRYw
FAYDVQQDEw02ODRlYjE2NS0xMmFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0bZH0G1wPXj+ku6g4g7b8qLoJyLQ+IBSlo7b30LjbhlhJ6PbeFRaF1mQ
sgItaQBiX2uWFDzTZWb7FOCckIHfWAip4zlabdZl8zGlrczcRLtlOuFtsNi9kwLo
BMayfktFdm4myImxB/kSOR9jc8UY90DQPhNyDtW9tlUvO8D/cS9vDFdBurxUkQuU
y3M6AqTrnQjA9tRkYySb06uiD5ZSlzaIaQoo+8pbk53yE/wCkDLqy+Olmoae8vvt
fzyOo/GYutgFo58W9rZW85B2mftb2aghvVRHvLoxAOyAD4/nr/R+K3fXBfmg+CBe
ly+shFavezwge6w+Kn86S0inH1p5qQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEXk
M1EK2/Nqjb+2aNnEtIgkf1Q+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQUQ3MUZGRTQ5REQxMUYwQTI0MkM2QjJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc/ZMA0GCSqGSIb3DQEBCwUA
A4IBAQC16Hzx2YAo8tD0C+YmXtRawbXaQ5O1+rehz0EylCcitraKz/CvRDcfSSm+
cNwFoPrxU7y+oGTaJyAC9ZtE4jZBKuOGHo9GUs/+qoi6P+JDbZxNWFLZMVlexfao
/TkoW7siSKqXYK4iO7twiHsiRHO6esRG55O5QCGj3nnqFplnRkcAzVbAb4huaTeu
XTazsBjq78L5ZOFZCM86dbsVYLC+1W6i7+AH6GUBMA8qHZHOI5mlxEgdYjR2XhQu
8NxaU1kCWq+rADGC84i0GdRN2wMhqCOMcZzF6neQhrViqlk0wyydRtQ0BKbRFwA7
gZtc1UnbAClIJP3eT+ll8feJA7hV
-----END CERTIFICATE-----
Generated at Tue Jul 1 21:59:51 2025 by rpki-client