Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/295859FE3E1E11F0BED7E0BEDAE4EC9C.roa
File: 295859FE3E1E11F0BED7E0BEDAE4EC9C.roa (raw, json)
Hash identifier: cZD+KY3oui9C72eimeWCj3zro4vB82l1KC1YQAkVgs0=
Subject key identifier: 02:95:B1:3E:58:F2:A5:A2:F2:CD:54:DF:85:D2:C6:86:7A:2F:C3:00
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015906
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/295859FE3E1E11F0BED7E0BEDAE4EC9C.roa
Signing time: Sat 31 May 2025 12:52:52 +0000
ROA not before: Sat 31 May 2025 12:52:47 +0000
ROA not after: Thu 12 Jun 2025 12:52:47 +0000
asID: 401696
IP address blocks: 45.192.96.0/20 maxlen: 24
45.205.16.0/20 maxlen: 24
45.207.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88326 (0x15906)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 31 12:52:47 2025 GMT
Not After : Jun 12 12:52:47 2025 GMT
Subject: CN=683afba3-5338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9f:9b:52:9f:59:e5:44:2a:90:c9:e0:c5:dd:
27:50:f9:25:79:f4:f4:14:75:9a:42:ae:d5:75:5f:
83:be:ff:38:f0:f8:53:e6:d8:6b:fe:42:74:30:8f:
a7:bc:b1:24:97:3d:ee:6b:76:da:57:ca:2c:c2:8b:
87:01:97:ee:ba:79:77:50:f1:b4:90:52:62:41:bc:
8f:ac:bb:fd:1c:5b:fb:d8:93:39:40:7a:7f:8d:60:
8b:8a:4b:9a:e0:bc:3f:14:5c:2a:b1:7f:62:4d:05:
da:7e:9f:10:1d:d7:fe:2d:26:a9:6f:3f:00:da:74:
bf:9f:5a:d6:b4:ed:08:70:c1:ca:2c:9f:97:75:97:
1c:5b:a7:e8:ef:c0:08:6a:ed:74:5a:df:56:f0:dd:
88:2d:24:8a:06:22:61:c5:21:72:ec:1e:2b:3c:17:
30:a8:ff:08:63:18:ed:71:72:6d:63:3d:8b:aa:11:
30:ca:58:58:88:97:8f:cc:87:0a:88:6d:eb:e2:0d:
50:55:af:80:ca:83:ab:e9:10:ab:8c:3f:47:fb:06:
7e:17:f4:47:dd:96:17:41:06:ec:29:e9:ee:7b:30:
75:d1:ee:03:75:71:34:7c:b3:98:34:c9:ac:32:16:
8f:51:27:e7:78:43:77:1f:27:b4:5f:a4:ea:e7:ba:
f4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:95:B1:3E:58:F2:A5:A2:F2:CD:54:DF:85:D2:C6:86:7A:2F:C3:00
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/295859FE3E1E11F0BED7E0BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/20
45.205.16.0/20
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
86:1c:37:73:9e:bc:e2:23:4b:be:8c:f1:a5:b3:83:3f:9b:6f:
00:98:45:6e:2f:b2:0e:42:84:50:cf:5d:84:a2:e0:dc:58:28:
77:d6:df:f9:a8:f9:7b:a9:6f:29:d1:c9:5c:3d:7d:ee:69:32:
c1:e4:8e:1f:58:95:08:0f:43:26:7d:72:1b:d2:82:1e:ce:08:
04:5f:8d:8b:b4:f9:78:c5:c7:5a:0b:91:2b:7f:a8:e9:f9:3d:
42:4e:e3:e6:8d:80:3f:51:46:26:42:98:4e:bf:84:2c:03:1a:
ef:4d:f6:63:65:21:8f:9b:2d:a0:e2:8d:0e:3b:09:5a:73:63:
c2:02:0a:97:6a:8f:c7:45:48:83:cb:36:6b:cb:a1:11:07:ba:
5b:46:83:87:7a:62:1b:56:2f:aa:12:06:f0:04:44:8f:44:51:
a4:0a:b9:86:60:66:e1:b1:dc:b5:ca:0f:fe:f2:93:79:58:83:
bf:d6:6f:60:9c:23:12:68:d2:d8:5e:ed:87:b0:5d:09:71:19:
fe:68:5f:93:c9:74:99:5a:0b:c0:22:6a:10:be:ea:c1:f2:4c:
a8:1f:c4:0c:8d:79:1c:21:15:f0:af:8b:25:9b:67:92:34:14:
49:98:62:c6:ed:aa:05:f4:57:30:fb:3e:94:5b:7e:fc:ad:d3:
58:21:a5:3d
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVkGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTMxMTI1MjQ3WhcNMjUwNjEyMTI1MjQ3WjAYMRYw
FAYDVQQDEw02ODNhZmJhMy01MzM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx5+bUp9Z5UQqkMngxd0nUPklefT0FHWaQq7VdV+Dvv848PhT5thr/kJ0
MI+nvLEklz3ua3baV8oswouHAZfuunl3UPG0kFJiQbyPrLv9HFv72JM5QHp/jWCL
ikua4Lw/FFwqsX9iTQXafp8QHdf+LSapbz8A2nS/n1rWtO0IcMHKLJ+XdZccW6fo
78AIau10Wt9W8N2ILSSKBiJhxSFy7B4rPBcwqP8IYxjtcXJtYz2LqhEwylhYiJeP
zIcKiG3r4g1QVa+AyoOr6RCrjD9H+wZ+F/RH3ZYXQQbsKenuezB10e4DdXE0fLOY
NMmsMhaPUSfneEN3Hye0X6Tq57r0fQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFAKV
sT5Y8qWi8s1U34XSxoZ6L8MAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOTU4NTlGRTNFMUUxMUYwQkVEN0UwQkVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQELcBgAwQELc0QAwQFLc/AMA0G
CSqGSIb3DQEBCwUAA4IBAQCGHDdznrziI0u+jPGls4M/m28AmEVuL7IOQoRQz12E
ouDcWCh31t/5qPl7qW8p0clcPX3uaTLB5I4fWJUID0MmfXIb0oIezggEX42LtPl4
xcdaC5Erf6jp+T1CTuPmjYA/UUYmQphOv4QsAxrvTfZjZSGPmy2g4o0OOwlac2PC
AgqXao/HRUiDyzZry6ERB7pbRoOHemIbVi+qEgbwBESPRFGkCrmGYGbhsdy1yg/+
8pN5WIO/1m9gnCMSaNLYXu2HsF0JcRn+aF+TyXSZWgvAImoQvurB8kyoH8QMjXkc
IRXwr4slm2eSNBRJmGLG7aoF9Fcw+z6UW378rdNYIaU9
-----END CERTIFICATE-----
Generated at Tue Jun 3 09:04:43 2025 by rpki-client