Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/120AC6E22FD211F09E18E4E9DAE4EC9C.roa
File: 120AC6E22FD211F09E18E4E9DAE4EC9C.roa (raw, json)
Hash identifier: uddNHAEYLYHLmM2Aghyo/MCruW/FuQNXnvcLDxpj72I=
Subject key identifier: 48:E8:5E:FA:03:AD:F5:1F:70:DD:99:CA:CC:FB:94:79:04:D2:B3:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0153D0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/120AC6E22FD211F09E18E4E9DAE4EC9C.roa
Signing time: Tue 13 May 2025 08:12:55 +0000
ROA not before: Tue 13 May 2025 08:12:50 +0000
ROA not after: Wed 13 May 2026 08:12:50 +0000
asID: 140951
IP address blocks: 45.198.2.0/24 maxlen: 24
45.206.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86992 (0x153d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 13 08:12:50 2025 GMT
Not After : May 13 08:12:50 2026 GMT
Subject: CN=6822ff06-1923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a3:69:bf:2e:4d:8d:62:bc:32:46:22:13:0e:
d4:9e:82:70:78:48:91:71:aa:50:32:fc:99:63:25:
e9:c2:a2:7d:d7:48:d3:a4:50:65:7f:72:8b:de:d3:
44:12:2d:8e:ae:81:f4:37:47:32:de:46:52:6f:3a:
ae:dd:29:4d:0d:e8:8a:82:cb:96:1c:ea:c7:73:6f:
6c:c2:b3:ba:8a:65:bd:96:8c:30:5f:50:63:8d:63:
a9:14:68:4c:eb:72:81:6f:bf:0b:0f:75:1d:65:eb:
ec:01:58:7f:2a:81:c6:dd:b8:45:ab:c0:f5:8a:98:
f4:19:53:8d:99:fd:ed:66:50:7b:8a:fe:0d:3d:4b:
4c:5a:1a:4e:df:72:ea:c5:fa:9a:ce:0f:db:c9:5c:
c0:b5:18:3a:ab:44:d1:17:6f:52:53:d4:a1:34:a6:
03:51:a8:a7:8e:09:6b:37:37:98:70:38:00:ef:66:
bf:b7:53:2b:5a:fa:e5:0f:4b:3e:47:aa:83:c0:54:
16:ba:92:5c:f5:a6:73:08:23:2c:25:59:1f:91:2f:
c6:44:05:77:c0:07:6a:d7:bf:5d:91:41:ae:0a:cd:
f4:fd:11:c7:77:d2:d9:5e:67:ca:ff:63:ac:88:25:
92:7d:df:0d:91:69:93:f2:26:e6:e3:da:82:27:18:
33:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E8:5E:FA:03:AD:F5:1F:70:DD:99:CA:CC:FB:94:79:04:D2:B3:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/120AC6E22FD211F09E18E4E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.2.0/24
45.206.3.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:6c:e7:8b:b2:80:8a:4b:0b:d0:6d:c6:7d:f1:97:7c:f0:8b:
fa:3b:d7:cb:eb:82:c4:42:ef:fd:6b:af:5b:2d:ea:79:c9:8c:
0c:ee:fe:45:59:18:60:15:ec:89:94:80:78:3c:f1:f2:4c:9e:
78:75:2f:ea:b3:93:36:f0:f1:b0:06:dc:55:45:e6:68:c4:d8:
68:90:ac:08:fd:d6:ec:03:70:d2:cb:2e:df:75:51:ea:23:71:
dc:52:27:75:d0:b1:a0:bc:55:fc:92:26:c5:2e:94:1b:37:ea:
67:7e:6c:11:c3:46:22:52:81:b3:49:83:ae:3e:d5:17:48:0a:
8f:07:bd:45:c8:27:04:f4:ae:c6:6e:ef:e0:b7:d3:3d:36:e7:
54:58:8c:94:0b:bb:9f:d6:8f:db:3c:7b:4f:d5:27:a4:bb:15:
c2:d8:95:59:c4:92:4b:c8:e1:15:78:21:3f:53:e8:06:e5:da:
39:13:c7:d4:69:74:9d:9c:8a:52:dc:39:53:22:dc:f4:c0:35:
ee:87:c0:ad:46:2c:5b:f4:aa:e9:59:cd:75:46:8e:8d:88:a6:
fb:f6:4d:45:7a:22:dc:85:0a:eb:e2:ae:ce:75:5d:ca:7f:ff:
54:18:0e:00:d3:53:c5:ff:d0:e4:de:6d:97:a9:bd:d6:45:64:
a8:3d:a6:34
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVPQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEzMDgxMjUwWhcNMjYwNTEzMDgxMjUwWjAYMRYw
FAYDVQQDEw02ODIyZmYwNi0xOTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0qNpvy5NjWK8MkYiEw7UnoJweEiRcapQMvyZYyXpwqJ910jTpFBlf3KL
3tNEEi2OroH0N0cy3kZSbzqu3SlNDeiKgsuWHOrHc29swrO6imW9lowwX1BjjWOp
FGhM63KBb78LD3UdZevsAVh/KoHG3bhFq8D1ipj0GVONmf3tZlB7iv4NPUtMWhpO
33Lqxfqazg/byVzAtRg6q0TRF29SU9ShNKYDUainjglrNzeYcDgA72a/t1MrWvrl
D0s+R6qDwFQWupJc9aZzCCMsJVkfkS/GRAV3wAdq179dkUGuCs30/RHHd9LZXmfK
/2OsiCWSfd8NkWmT8ibm49qCJxgzrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEjo
XvoDrfUfcN2Zysz7lHkE0rPyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMjBBQzZFMjJGRDIxMUYwOUUxOEU0RTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcYCAwQALc4DMA0GCSqGSIb3
DQEBCwUAA4IBAQCybOeLsoCKSwvQbcZ98Zd88Iv6O9fL64LEQu/9a69bLep5yYwM
7v5FWRhgFeyJlIB4PPHyTJ54dS/qs5M28PGwBtxVReZoxNhokKwI/dbsA3DSyy7f
dVHqI3HcUid10LGgvFX8kibFLpQbN+pnfmwRw0YiUoGzSYOuPtUXSAqPB71FyCcE
9K7Gbu/gt9M9NudUWIyUC7uf1o/bPHtP1SekuxXC2JVZxJJLyOEVeCE/U+gG5do5
E8fUaXSdnIpS3DlTItz0wDXuh8CtRixb9KrpWc11Ro6NiKb79k1FeiLchQrr4q7O
dV3Kf/9UGA4A01PF/9Dk3m2Xqb3WRWSoPaY0
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:30:40 2025 by rpki-client