Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4FF0E422F2411F086867FDDDAE4EC9C.roa
File: C4FF0E422F2411F086867FDDDAE4EC9C.roa (raw, json)
Hash identifier: Nqj52W0+aewjmQjFfMAz04nCr5XIFCe5fWwTucH61QM=
Subject key identifier: 39:21:5C:21:28:45:D7:DC:55:A5:90:FF:59:05:CD:CF:3C:7A:39:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015353
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4FF0E422F2411F086867FDDDAE4EC9C.roa
Signing time: Mon 12 May 2025 11:32:22 +0000
ROA not before: Mon 12 May 2025 11:32:17 +0000
ROA not after: Sat 14 Jun 2025 11:32:17 +0000
asID: 271916
IP address blocks: 45.207.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 15 May 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86867 (0x15353)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 12 11:32:17 2025 GMT
Not After : Jun 14 11:32:17 2025 GMT
Subject: CN=6821dc46-395d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:14:d8:d8:86:bc:b6:53:53:8d:0e:7e:a3:67:
69:be:37:db:8b:56:1e:a8:66:55:15:98:b9:4a:28:
a2:36:c4:2e:d4:10:8c:6a:05:45:de:f8:d7:98:d3:
28:ea:5f:ad:5d:69:01:00:5d:fd:1c:8a:f9:d9:28:
71:4f:d9:8b:e0:10:27:c5:fa:8b:99:a0:fb:ba:fc:
a2:f8:9f:d0:0d:a1:fb:e1:f7:72:7b:80:27:de:53:
72:ed:17:ba:00:57:e4:c0:0e:f0:f9:87:76:c8:41:
d4:bb:97:03:8c:28:8d:68:27:be:26:14:ec:cf:88:
cd:ad:90:95:f3:93:ac:a7:ef:fe:30:c5:89:e5:bd:
4c:64:70:5c:eb:a7:1a:33:5b:77:ef:6e:f2:dd:da:
98:ac:58:eb:5b:d8:de:75:a1:45:bf:bd:05:aa:e2:
bf:06:06:46:b5:7b:a9:f1:c5:81:36:94:72:6b:2f:
e8:c9:42:fa:a9:12:6c:35:12:02:e2:14:4b:53:b0:
ff:ea:a6:a8:23:c4:18:94:c8:f4:f1:28:34:79:62:
c1:7d:fc:e7:3e:84:cb:c7:4b:59:df:c7:24:10:6e:
46:77:8d:f1:8d:a2:92:87:78:ca:f0:6e:dd:89:70:
f1:04:ce:90:93:79:34:e5:5a:51:4c:06:5d:7b:76:
70:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:21:5C:21:28:45:D7:DC:55:A5:90:FF:59:05:CD:CF:3C:7A:39:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4FF0E422F2411F086867FDDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.16.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:ab:6c:28:66:53:3f:7f:f3:91:e1:c6:fa:17:cc:9f:b5:5a:
e4:b3:e2:bb:88:40:41:6d:99:3d:1a:55:2c:f2:9a:e3:f6:2b:
c3:dc:5d:c5:b6:3a:d9:86:d2:e1:a9:78:08:ba:8e:6c:6a:31:
3c:9c:4a:36:19:14:a1:5a:07:26:a0:87:cb:43:00:25:eb:51:
08:0b:e6:eb:ea:60:92:e8:f3:14:68:4e:72:91:58:08:02:f8:
80:00:7c:3d:76:43:fb:1a:3f:a2:b0:24:23:5c:83:78:8d:3b:
c1:6b:9a:89:bc:da:57:2e:9a:5e:0b:81:38:9b:b6:fc:d9:27:
55:31:4f:80:72:9a:37:69:02:d1:ef:0b:53:2e:d6:a1:ad:22:
1a:18:b8:03:b2:3a:87:da:66:ab:f1:03:09:ff:03:44:cb:57:
d9:1e:58:5a:84:ce:c8:18:e3:01:cf:d9:80:ca:d4:f4:7f:dc:
5c:25:f3:49:e9:3c:e8:35:d1:42:6f:e0:02:71:8c:eb:88:c7:
51:9f:f0:5b:9f:b2:89:3c:f3:17:be:fb:94:d8:f1:05:57:70:
6e:c7:92:bc:bb:8f:a3:62:69:dd:f5:90:e0:29:4d:5c:7b:d3:
96:83:df:15:b3:88:69:1d:fa:ba:94:52:05:9b:dc:e4:8c:64:
aa:ba:b8:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVNTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEyMTEzMjE3WhcNMjUwNjE0MTEzMjE3WjAYMRYw
FAYDVQQDEw02ODIxZGM0Ni0zOTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuRTY2Ia8tlNTjQ5+o2dpvjfbi1YeqGZVFZi5SiiiNsQu1BCMagVF3vjX
mNMo6l+tXWkBAF39HIr52ShxT9mL4BAnxfqLmaD7uvyi+J/QDaH74fdye4An3lNy
7Re6AFfkwA7w+Yd2yEHUu5cDjCiNaCe+JhTsz4jNrZCV85Osp+/+MMWJ5b1MZHBc
66caM1t3727y3dqYrFjrW9jedaFFv70FquK/BgZGtXup8cWBNpRyay/oyUL6qRJs
NRIC4hRLU7D/6qaoI8QYlMj08Sg0eWLBffznPoTLx0tZ38ckEG5Gd43xjaKSh3jK
8G7diXDxBM6Qk3k05VpRTAZde3ZwDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDkh
XCEoRdfcVaWQ/1kFzc88ejlJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNEZGMEU0MjJGMjQxMUYwODY4NjdGREREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLc8QMA0GCSqGSIb3DQEBCwUA
A4IBAQCdq2woZlM/f/OR4cb6F8yftVrks+K7iEBBbZk9GlUs8prj9ivD3F3FtjrZ
htLhqXgIuo5sajE8nEo2GRShWgcmoIfLQwAl61EIC+br6mCS6PMUaE5ykVgIAviA
AHw9dkP7Gj+isCQjXIN4jTvBa5qJvNpXLppeC4E4m7b82SdVMU+Acpo3aQLR7wtT
LtahrSIaGLgDsjqH2mar8QMJ/wNEy1fZHlhahM7IGOMBz9mAytT0f9xcJfNJ6Tzo
NdFCb+ACcYzriMdRn/Bbn7KJPPMXvvuU2PEFV3Bux5K8u4+jYmnd9ZDgKU1ce9OW
g98Vs4hpHfq6lFIFm9zkjGSqurjd
-----END CERTIFICATE-----
Generated at Tue May 13 13:41:34 2025 by rpki-client