Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/041634722F1911F094840891DAE4EC9C.roa
File: 041634722F1911F094840891DAE4EC9C.roa (raw, json)
Hash identifier: j7sqlnVSQYhayURBj/24vIEdHDZzqhAkTCMuM/mCCpc=
Subject key identifier: 62:23:2B:A8:4E:10:F0:CF:CB:D6:EA:19:90:D5:65:F8:F6:CA:52:64
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01533C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/041634722F1911F094840891DAE4EC9C.roa
Signing time: Mon 12 May 2025 10:08:14 +0000
ROA not before: Mon 12 May 2025 10:08:09 +0000
ROA not after: Wed 18 Jun 2025 10:08:09 +0000
asID: 57043
IP address blocks: 45.198.66.0/24 maxlen: 24
45.198.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86844 (0x1533c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 12 10:08:09 2025 GMT
Not After : Jun 18 10:08:09 2025 GMT
Subject: CN=6821c88e-ac0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:99:3b:e6:59:4c:42:f1:c9:a6:d7:ca:c1:50:
53:4f:1b:41:2f:b7:a9:fd:c8:d4:81:09:f4:12:81:
f5:87:7c:6d:d4:3b:f5:5c:52:f9:72:9d:71:c9:68:
0d:77:1c:ac:85:7f:8c:9c:8c:f4:ea:fb:b7:6f:de:
23:d1:6b:02:56:9f:63:43:ac:ba:44:a2:bf:26:42:
3d:9f:5f:a1:2d:36:d6:00:32:c0:e2:60:c2:49:5a:
e5:db:df:79:db:3f:38:fa:8f:dd:9f:a2:9c:ef:7d:
09:c1:9f:14:06:47:4e:44:dc:4e:48:10:61:79:12:
fd:b0:73:b6:f5:56:f5:25:3f:e3:e8:2b:a3:55:34:
7a:6d:a5:db:93:28:1f:7d:df:5c:7d:6a:0d:9b:e3:
38:c3:09:26:7c:87:7c:15:58:f9:2f:18:d6:3d:8d:
74:aa:9d:1a:c8:3a:aa:1d:fa:17:a6:fc:cb:e0:ee:
88:77:6e:3f:48:93:a2:0e:e8:2f:9d:ec:3e:b6:5f:
14:ba:2b:48:54:2c:46:0c:b1:a4:c8:7a:68:ce:44:
3a:26:1c:53:a2:95:77:61:ff:84:1c:e4:7b:03:92:
28:86:69:11:d4:3d:76:ea:46:6d:c0:8f:8c:d5:51:
63:55:db:2c:a9:53:10:d0:a1:83:3e:86:86:7d:35:
63:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:23:2B:A8:4E:10:F0:CF:CB:D6:EA:19:90:D5:65:F8:F6:CA:52:64
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/041634722F1911F094840891DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.66.0/24
45.198.74.0/24
Signature Algorithm: sha256WithRSAEncryption
40:f9:ce:15:61:06:08:eb:48:17:fd:d0:34:02:34:fc:a9:12:
c4:8a:dd:9e:b2:63:ca:b4:0c:44:35:84:98:ec:84:f0:93:ac:
a7:35:5d:5c:31:be:cf:9b:9d:aa:06:58:d5:b1:2c:96:06:2f:
33:1d:30:38:57:0a:cb:d6:c9:8c:91:de:ff:14:35:3e:49:25:
74:2b:da:30:e2:6a:f2:74:29:7d:39:ec:b7:de:46:a0:7f:76:
5f:fe:00:9b:96:b9:00:7f:94:03:c1:f6:e8:d4:ac:3c:84:7e:
44:0e:19:04:6f:f6:14:f5:41:74:40:45:86:e7:67:08:53:a5:
cf:e5:aa:fb:5a:4e:81:1f:73:ed:01:cb:f1:6b:09:f7:72:4b:
6d:62:a6:82:05:38:89:a2:f9:72:d4:ec:5b:d0:da:86:69:91:
47:cc:81:61:d4:a2:54:66:c4:28:cd:2b:28:bb:3b:9c:e9:90:
2c:26:f8:9b:76:e9:f4:38:52:6d:83:eb:d0:ab:ce:1e:80:9c:
e7:66:59:7f:f7:e4:6b:ca:aa:28:93:fc:fa:ec:40:21:ea:99:
e9:25:c9:11:ba:a0:27:6c:04:3f:d2:50:6f:1a:fa:6a:fa:3c:
6e:e5:56:6a:64:0b:37:fa:26:87:56:14:5e:e0:5b:2d:c5:1c:
da:f3:0d:47
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVM8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEyMTAwODA5WhcNMjUwNjE4MTAwODA5WjAYMRYw
FAYDVQQDEw02ODIxYzg4ZS1hYzBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2pk75llMQvHJptfKwVBTTxtBL7ep/cjUgQn0EoH1h3xt1Dv1XFL5cp1x
yWgNdxyshX+MnIz06vu3b94j0WsCVp9jQ6y6RKK/JkI9n1+hLTbWADLA4mDCSVrl
29952z84+o/dn6Kc730JwZ8UBkdORNxOSBBheRL9sHO29Vb1JT/j6CujVTR6baXb
kygffd9cfWoNm+M4wwkmfId8FVj5LxjWPY10qp0ayDqqHfoXpvzL4O6Id24/SJOi
Dugvnew+tl8UuitIVCxGDLGkyHpozkQ6JhxTopV3Yf+EHOR7A5IohmkR1D126kZt
wI+M1VFjVdssqVMQ0KGDPoaGfTVjUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGIj
K6hOEPDPy9bqGZDVZfj2ylJkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNDE2MzQ3MjJGMTkxMUYwOTQ4NDA4OTFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcZCAwQALcZKMA0GCSqGSIb3
DQEBCwUAA4IBAQBA+c4VYQYI60gX/dA0AjT8qRLEit2esmPKtAxENYSY7ITwk6yn
NV1cMb7Pm52qBljVsSyWBi8zHTA4VwrL1smMkd7/FDU+SSV0K9ow4mrydCl9Oey3
3kagf3Zf/gCblrkAf5QDwfbo1Kw8hH5EDhkEb/YU9UF0QEWG52cIU6XP5ar7Wk6B
H3PtAcvxawn3ckttYqaCBTiJovly1Oxb0NqGaZFHzIFh1KJUZsQozSsouzuc6ZAs
Jvibdun0OFJtg+vQq84egJznZll/9+Rryqook/z67EAh6pnpJckRuqAnbAQ/0lBv
Gvpq+jxu5VZqZAs3+iaHVhRe4FstxRza8w1H
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:30:53 2025 by rpki-client