Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C71D13A428C111F0B609F8A8DAE4EC9C.roa
File: C71D13A428C111F0B609F8A8DAE4EC9C.roa (raw, json)
Hash identifier: w6y1Htpe5WOVCPtHT9VlXV+QRYky6O8ahRBwW8BRqCI=
Subject key identifier: FF:2E:62:0E:7A:FB:5C:39:B4:61:62:58:FF:87:C7:01:A1:BD:8C:28
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0151D2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C71D13A428C111F0B609F8A8DAE4EC9C.roa
Signing time: Sun 04 May 2025 08:28:39 +0000
ROA not before: Sun 04 May 2025 08:28:34 +0000
ROA not after: Tue 10 Jun 2025 08:28:34 +0000
asID: 271907
IP address blocks: 45.195.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86482 (0x151d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 4 08:28:34 2025 GMT
Not After : Jun 10 08:28:34 2025 GMT
Subject: CN=68172537-aa6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c9:6a:9b:f1:fb:67:6d:9b:f4:3b:42:ab:49:
d8:7a:18:f7:2c:83:13:4e:c1:b7:18:f8:5b:60:9c:
6c:f1:e9:d5:9d:93:4d:1c:1d:31:72:d2:33:af:48:
90:40:20:d3:d4:cd:9f:bb:27:8b:0c:98:49:0b:e6:
b2:6b:a4:dd:1f:a2:ed:03:2b:01:7c:c5:9b:d4:ce:
05:72:f0:e3:5a:f2:cb:07:76:78:2e:0a:c4:38:3b:
53:f8:e8:07:b7:1e:ac:d3:8a:56:e5:96:d6:0d:34:
6b:8f:68:54:66:99:c4:ce:e2:28:7a:f8:b5:85:3d:
c2:69:4d:a4:48:96:30:6d:94:45:4c:01:32:15:61:
04:14:10:4e:ee:0a:1a:90:e4:56:ac:04:24:cc:65:
41:57:01:09:7e:b1:76:5a:77:8b:a5:36:8d:55:3e:
55:14:1c:6e:ca:15:c4:e4:5b:00:6c:eb:5f:a6:0a:
03:83:cb:0f:d8:2d:33:e8:fd:72:7b:75:16:c7:79:
d7:c3:31:a2:b5:f1:d0:ec:13:20:62:4f:8d:e7:30:
a8:a9:52:36:cd:bb:da:ce:d8:8b:20:42:f5:81:0d:
9b:b1:e4:f9:ac:1f:eb:72:df:75:64:0f:f0:f1:17:
52:e8:28:aa:f2:32:60:5b:bc:db:3d:73:26:da:97:
35:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2E:62:0E:7A:FB:5C:39:B4:61:62:58:FF:87:C7:01:A1:BD:8C:28
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C71D13A428C111F0B609F8A8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.228.0/22
Signature Algorithm: sha256WithRSAEncryption
23:d4:0c:a4:dc:3a:53:ab:5f:bc:b2:58:37:af:19:3e:5a:b5:
2b:a7:ef:45:3e:28:8b:77:e5:90:85:de:7a:f2:8c:ac:a3:ad:
e1:ef:e0:e0:ac:cd:bd:13:8a:eb:11:54:f4:95:93:27:14:b3:
29:3d:d8:8e:9e:31:8a:4b:dd:5a:87:44:d7:13:44:c8:40:c4:
87:db:b5:0a:e2:70:61:ac:ae:24:49:06:6d:74:a9:7f:6d:07:
c0:15:bf:00:10:26:34:9f:6f:42:27:90:75:46:fd:aa:8a:30:
73:2d:02:45:b6:fb:3f:1f:34:77:06:5b:4f:cc:31:4d:d6:26:
3c:4a:6b:e3:4c:10:17:69:5d:70:88:eb:fd:a5:89:b7:b9:a7:
54:e2:5d:cf:86:9a:89:cb:78:38:b0:2a:12:cd:8a:9d:8f:9d:
ed:30:3c:8b:21:dd:34:5d:05:96:af:88:8e:19:71:20:67:8d:
7a:ef:8f:23:a4:c8:b3:ea:37:1f:f5:87:0f:55:36:e7:ff:f6:
e2:48:a1:20:82:f0:ef:c6:16:fb:03:03:0d:7b:2e:e1:a5:89:
d0:12:eb:08:2e:5f:39:a3:bd:a8:a6:f1:ad:8e:ed:02:82:9e:
c1:53:ee:f2:5e:bd:34:e8:e8:b1:35:38:8c:2d:c2:3c:31:c6:
31:7b:fb:10
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVHSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA0MDgyODM0WhcNMjUwNjEwMDgyODM0WjAYMRYw
FAYDVQQDEw02ODE3MjUzNy1hYTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1clqm/H7Z22b9DtCq0nYehj3LIMTTsG3GPhbYJxs8enVnZNNHB0xctIz
r0iQQCDT1M2fuyeLDJhJC+aya6TdH6LtAysBfMWb1M4FcvDjWvLLB3Z4LgrEODtT
+OgHtx6s04pW5ZbWDTRrj2hUZpnEzuIoevi1hT3CaU2kSJYwbZRFTAEyFWEEFBBO
7goakORWrAQkzGVBVwEJfrF2WneLpTaNVT5VFBxuyhXE5FsAbOtfpgoDg8sP2C0z
6P1ye3UWx3nXwzGitfHQ7BMgYk+N5zCoqVI2zbvaztiLIEL1gQ2bseT5rB/rct91
ZA/w8RdS6Ciq8jJgW7zbPXMm2pc1zQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP8u
Yg56+1w5tGFiWP+HxwGhvYwoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNzFEMTNBNDI4QzExMUYwQjYwOUY4QThEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcPkMA0GCSqGSIb3DQEBCwUA
A4IBAQAj1Ayk3DpTq1+8slg3rxk+WrUrp+9FPiiLd+WQhd568oyso63h7+DgrM29
E4rrEVT0lZMnFLMpPdiOnjGKS91ah0TXE0TIQMSH27UK4nBhrK4kSQZtdKl/bQfA
Fb8AECY0n29CJ5B1Rv2qijBzLQJFtvs/HzR3BltPzDFN1iY8SmvjTBAXaV1wiOv9
pYm3uadU4l3PhpqJy3g4sCoSzYqdj53tMDyLId00XQWWr4iOGXEgZ416748jpMiz
6jcf9YcPVTbn//biSKEggvDvxhb7AwMNey7hpYnQEusILl85o72opvGtju0Cgp7B
U+7yXr006OixNTiMLcI8McYxe/sQ
-----END CERTIFICATE-----
Generated at Sat May 10 16:39:06 2025 by rpki-client