Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C7DE036354F11F0B191FAA5DAE4EC9C.roa
File: 2C7DE036354F11F0B191FAA5DAE4EC9C.roa (raw, json)
Hash identifier: VzShJkkIlt71OK485AE+cvXZSPVVUtoqGbcIA739RfY=
Subject key identifier: 86:2D:BC:22:BC:F9:9D:0C:71:69:70:26:84:B3:3C:F0:3B:5F:A5:DF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0155FF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C7DE036354F11F0B191FAA5DAE4EC9C.roa
Signing time: Tue 20 May 2025 07:51:02 +0000
ROA not before: Tue 20 May 2025 07:50:57 +0000
ROA not after: Fri 20 Jun 2025 07:50:57 +0000
asID: 20326
IP address blocks: 45.198.87.0/24 maxlen: 24
45.198.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87551 (0x155ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 20 07:50:57 2025 GMT
Not After : Jun 20 07:50:57 2025 GMT
Subject: CN=682c3466-8ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:87:cf:b8:48:a2:ae:da:71:5b:39:13:82:04:
8e:5e:fb:74:10:1c:38:59:d3:3d:d9:2c:08:6c:d2:
67:7b:31:bd:02:f6:97:9e:50:36:52:76:f3:ff:83:
6f:1e:84:87:7e:c3:61:d0:17:66:c0:24:51:40:c4:
68:b5:39:20:f5:87:ab:e1:c3:b8:d5:f7:0c:29:89:
5e:ba:8a:36:41:28:8e:fd:df:58:75:cf:b7:52:ae:
dd:80:c8:8c:27:b7:64:9f:03:06:c2:e1:35:25:ec:
5c:62:22:e8:7f:1f:00:94:cb:20:61:d5:8c:6c:5b:
1b:7e:61:96:d8:91:2a:ff:69:19:66:a5:35:d7:ad:
5b:33:74:46:c6:f7:83:2d:63:b7:74:d3:d3:e0:9f:
46:01:c4:0e:43:fa:fa:08:a8:d5:91:5f:6b:6d:6d:
fd:21:00:83:91:a8:bc:14:7a:0b:b7:4b:67:39:10:
19:31:7a:04:4f:f3:d3:67:09:03:fe:67:9f:94:0f:
41:e1:21:71:58:e6:3a:d5:25:ca:3d:66:f2:02:d2:
be:26:09:33:df:e4:03:d1:75:22:45:c6:e9:5c:f8:
73:c8:25:eb:08:a4:9b:5a:be:13:9c:34:c2:62:2d:
55:9a:16:65:47:19:ff:2c:b5:d4:63:68:b3:7e:f3:
df:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2D:BC:22:BC:F9:9D:0C:71:69:70:26:84:B3:3C:F0:3B:5F:A5:DF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C7DE036354F11F0B191FAA5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.87.0/24
45.198.117.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:13:2f:0f:1e:ed:0a:63:33:1d:06:ae:69:55:e4:72:e2:ed:
a4:79:58:e0:d0:d1:4a:a0:7b:bb:b9:07:08:3d:ff:58:66:81:
84:52:f3:d8:87:3e:a1:a0:25:5c:6b:b1:d7:f5:97:2a:01:aa:
38:06:b4:06:58:94:72:42:2b:55:d9:59:9e:54:5a:0d:a3:99:
f1:9c:ce:a5:9c:c0:54:8a:84:e6:b0:2a:15:30:ea:62:5f:2c:
f5:82:83:6d:cd:b4:a7:4d:30:db:64:4a:88:8c:9b:0c:e9:db:
c1:21:35:a3:62:6b:f2:d5:91:54:22:b8:4c:45:36:f2:5a:0e:
2c:9c:61:94:cd:95:cc:c6:4f:9a:f6:a9:23:51:97:e7:63:a4:
79:c7:4d:ca:c0:bc:19:23:5c:87:10:68:cd:53:aa:d3:90:23:
8b:c7:dc:bb:07:39:52:96:40:fb:ce:01:a3:0c:2d:e2:26:87:
f5:cb:40:6b:ab:87:12:18:16:50:b4:a6:53:bb:6a:01:28:be:
0d:9a:f5:bd:3f:fc:b0:7d:92:99:34:4e:72:8c:74:0a:06:50:
0a:be:dc:47:f3:b6:7b:ac:6c:bc:5d:cc:6d:0d:44:e7:5a:e8:
c9:3c:c9:09:4c:6c:d8:79:cf:3e:1b:66:1e:6d:fd:fb:52:40:
60:94:af:07
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVX/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIwMDc1MDU3WhcNMjUwNjIwMDc1MDU3WjAYMRYw
FAYDVQQDEw02ODJjMzQ2Ni04YmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvYfPuEiirtpxWzkTggSOXvt0EBw4WdM92SwIbNJnezG9AvaXnlA2Unbz
/4NvHoSHfsNh0BdmwCRRQMRotTkg9Yer4cO41fcMKYleuoo2QSiO/d9Ydc+3Uq7d
gMiMJ7dknwMGwuE1JexcYiLofx8AlMsgYdWMbFsbfmGW2JEq/2kZZqU1161bM3RG
xveDLWO3dNPT4J9GAcQOQ/r6CKjVkV9rbW39IQCDkai8FHoLt0tnORAZMXoET/PT
ZwkD/meflA9B4SFxWOY61SXKPWbyAtK+Jgkz3+QD0XUiRcbpXPhzyCXrCKSbWr4T
nDTCYi1VmhZlRxn/LLXUY2izfvPfqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIYt
vCK8+Z0McWlwJoSzPPA7X6XfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQzdERTAzNjM1NEYxMUYwQjE5MUZBQTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcZXAwQALcZ1MA0GCSqGSIb3
DQEBCwUAA4IBAQB8Ey8PHu0KYzMdBq5pVeRy4u2keVjg0NFKoHu7uQcIPf9YZoGE
UvPYhz6hoCVca7HX9ZcqAao4BrQGWJRyQitV2VmeVFoNo5nxnM6lnMBUioTmsCoV
MOpiXyz1goNtzbSnTTDbZEqIjJsM6dvBITWjYmvy1ZFUIrhMRTbyWg4snGGUzZXM
xk+a9qkjUZfnY6R5x03KwLwZI1yHEGjNU6rTkCOLx9y7BzlSlkD7zgGjDC3iJof1
y0Brq4cSGBZQtKZTu2oBKL4NmvW9P/ywfZKZNE5yjHQKBlAKvtxH87Z7rGy8Xcxt
DUTnWujJPMkJTGzYec8+G2Yebf37UkBglK8H
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:58:29 2025 by rpki-client