Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14E0D7283AFC11F0BF7239DDDAE4EC9C.roa
File: 14E0D7283AFC11F0BF7239DDDAE4EC9C.roa (raw, json)
Hash identifier: v19GUwl2XChJu6Md38CzcvIiK/PcM5Yv0wlJnrNCHQw=
Subject key identifier: 59:0C:7D:ED:94:D5:C9:D1:98:8F:07:F2:FC:AD:65:42:85:D3:A3:E0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0157FB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14E0D7283AFC11F0BF7239DDDAE4EC9C.roa
Signing time: Tue 27 May 2025 13:11:21 +0000
ROA not before: Tue 27 May 2025 13:11:16 +0000
ROA not after: Wed 27 May 2026 13:11:16 +0000
asID: 395793
IP address blocks: 45.195.157.0/24 maxlen: 24
45.195.158.0/24 maxlen: 24
45.196.136.0/24 maxlen: 24
45.196.137.0/24 maxlen: 24
45.203.60.0/24 maxlen: 24
45.203.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88059 (0x157fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 27 13:11:16 2025 GMT
Not After : May 27 13:11:16 2026 GMT
Subject: CN=6835b9f9-d4cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3d:9f:16:11:bf:d1:a3:f4:4d:fd:7e:9a:41:
0d:eb:ca:7e:5e:01:9c:b1:c8:40:ce:61:cb:f1:0b:
ef:8d:23:33:f5:9b:f6:75:17:ed:3f:13:c7:8e:02:
02:9e:9a:ca:df:87:60:43:3b:ba:68:9f:bf:8c:44:
6c:a2:66:ee:52:f8:fc:43:84:14:6a:6b:48:e5:19:
7b:d2:63:92:39:a7:fb:67:dd:40:81:9d:21:cc:36:
d5:f4:1d:aa:77:97:32:b8:81:ee:07:f4:b6:ac:bf:
94:4b:5d:b0:57:26:60:31:49:94:e2:88:60:11:7d:
35:fb:66:1f:66:11:6f:97:db:92:5e:f6:63:bf:f5:
00:9c:59:9c:3d:ba:dd:ae:d6:b0:ee:2b:fa:5c:6d:
4a:59:b8:86:75:c7:c9:39:47:24:3b:db:ec:6b:d3:
08:ae:5d:6d:76:60:04:ef:18:0e:b9:f4:55:db:a5:
69:01:e5:f3:08:05:65:8f:c8:91:bb:96:35:d2:af:
76:fb:49:77:45:79:2d:8a:58:49:6a:ac:b5:6d:9a:
64:15:d2:45:41:06:91:e7:91:87:1d:57:15:da:0a:
80:e4:12:a1:8f:e7:b6:4f:a1:9b:fd:74:23:69:e8:
eb:64:5b:53:5d:d2:4a:68:d8:80:d0:d4:17:21:9f:
1b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:0C:7D:ED:94:D5:C9:D1:98:8F:07:F2:FC:AD:65:42:85:D3:A3:E0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14E0D7283AFC11F0BF7239DDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.157.0-45.195.158.255
45.196.136.0/23
45.203.60.0/23
Signature Algorithm: sha256WithRSAEncryption
82:ea:4e:b2:62:f4:df:0c:39:f7:ee:75:80:4c:50:0a:b2:59:
79:cb:18:bd:aa:0d:f6:96:c7:75:18:09:cc:21:66:83:13:27:
2f:54:00:55:01:67:a1:88:b1:c4:f8:f4:af:66:7b:d8:ee:ea:
fd:b6:d0:13:c8:a3:3c:07:9b:62:f7:24:8b:e2:81:3f:ce:2e:
7c:70:ae:6f:ce:13:25:59:87:04:b2:19:90:55:e3:24:68:69:
6c:12:77:54:3d:b0:a7:8c:fd:c4:8b:66:fd:75:44:26:25:f0:
c5:4c:31:cb:11:3c:fd:3b:72:1b:58:5a:82:fa:d8:c4:4b:8f:
07:33:71:b3:2c:a1:b6:3f:25:c5:d1:8b:0b:94:b6:84:34:f3:
ae:c2:50:1c:2e:11:5c:82:9b:52:28:51:d9:6a:81:3d:fe:6f:
b4:ed:d9:12:30:4a:b4:ce:87:70:16:f8:00:f9:cd:ec:76:2f:
95:c9:33:b8:d6:67:30:24:25:ba:39:c1:9a:71:c6:41:67:54:
1b:40:de:69:91:6a:5a:eb:3a:a9:63:51:10:6b:5a:c2:0c:0f:
de:c0:25:db:86:bf:d8:95:72:b2:32:ae:10:19:d1:62:a1:1b:
11:36:c9:c5:02:92:af:66:9f:e4:eb:99:b0:05:ce:39:1f:34:
54:bf:06:6e
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAVf7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI3MTMxMTE2WhcNMjYwNTI3MTMxMTE2WjAYMRYw
FAYDVQQDEw02ODM1YjlmOS1kNGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0T2fFhG/0aP0Tf1+mkEN68p+XgGcschAzmHL8QvvjSMz9Zv2dRftPxPH
jgICnprK34dgQzu6aJ+/jERsombuUvj8Q4QUamtI5Rl70mOSOaf7Z91AgZ0hzDbV
9B2qd5cyuIHuB/S2rL+US12wVyZgMUmU4ohgEX01+2YfZhFvl9uSXvZjv/UAnFmc
Pbrdrtaw7iv6XG1KWbiGdcfJOUckO9vsa9MIrl1tdmAE7xgOufRV26VpAeXzCAVl
j8iRu5Y10q92+0l3RXktilhJaqy1bZpkFdJFQQaR55GHHVcV2gqA5BKhj+e2T6Gb
/XQjaejrZFtTXdJKaNiA0NQXIZ8buwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFFkM
fe2U1cnRmI8H8vytZUKF06PgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNEUwRDcyODNBRkMxMUYwQkY3MjM5REREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtw50DBAAtw54DBAEtxIgD
BAEtyzwwDQYJKoZIhvcNAQELBQADggEBAILqTrJi9N8MOffudYBMUAqyWXnLGL2q
DfaWx3UYCcwhZoMTJy9UAFUBZ6GIscT49K9me9ju6v220BPIozwHm2L3JIvigT/O
Lnxwrm/OEyVZhwSyGZBV4yRoaWwSd1Q9sKeM/cSLZv11RCYl8MVMMcsRPP07chtY
WoL62MRLjwczcbMsobY/JcXRiwuUtoQ0867CUBwuEVyCm1IoUdlqgT3+b7Tt2RIw
SrTOh3AW+AD5zex2L5XJM7jWZzAkJbo5wZpxxkFnVBtA3mmRalrrOqljURBrWsIM
D97AJduGv9iVcrIyrhAZ0WKhGxE2ycUCkq9mn+TrmbAFzjkfNFS/Bm4=
-----END CERTIFICATE-----
Generated at Tue Jun 3 09:32:53 2025 by rpki-client