Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/34B4FE2C3BAF11F0B14BFBECDAE4EC9C.roa
File: 34B4FE2C3BAF11F0B14BFBECDAE4EC9C.roa (raw, json)
Hash identifier: 24TtMEscW25lvBNPAmIcDEX2Dd+b9OCawOVMoNNsanw=
Subject key identifier: C7:76:94:DB:BC:44:71:A3:6E:99:D2:14:EE:2C:72:82:DE:77:50:F1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01583F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/34B4FE2C3BAF11F0B14BFBECDAE4EC9C.roa
Signing time: Wed 28 May 2025 10:33:34 +0000
ROA not before: Wed 28 May 2025 10:33:29 +0000
ROA not after: Thu 03 Jul 2025 10:33:29 +0000
asID: 151407
IP address blocks: 45.196.220.0/23 maxlen: 24
45.207.152.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88127 (0x1583f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 10:33:29 2025 GMT
Not After : Jul 3 10:33:29 2025 GMT
Subject: CN=6836e67e-c561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:61:d7:7e:ea:ff:e2:50:7b:b1:81:9a:47:5e:
52:18:b4:bb:4d:38:f1:64:fe:73:fc:80:a3:0c:00:
ab:73:db:ed:c9:22:0b:be:94:85:52:7c:8b:b9:fb:
5a:51:63:a6:40:09:93:6c:06:cc:45:81:96:d5:aa:
80:8a:8a:61:62:a8:d1:d7:03:10:9a:a2:04:11:63:
f2:4c:29:4e:ad:59:65:7f:8c:0c:6a:5c:df:cf:99:
07:be:f7:89:54:9e:5d:79:78:13:6f:0c:57:eb:a6:
06:9e:ea:51:05:6b:c4:14:d8:5b:7e:23:0a:da:2b:
42:6c:98:f8:12:f3:9a:d8:ed:59:37:a5:69:59:ba:
09:89:d3:81:90:8e:bc:4b:90:47:71:84:f4:a6:f6:
28:a2:0a:76:43:5d:9d:bc:7d:db:83:27:4e:95:a1:
4a:d1:6d:8c:88:66:7d:c1:c8:eb:bd:f8:e0:c0:05:
4c:d4:15:66:42:e3:1b:c8:11:de:c9:1b:53:6a:18:
e2:b3:6d:91:c6:2b:7c:91:96:93:8f:e7:fe:e5:03:
b4:e5:69:e5:cb:aa:b1:8d:f1:38:bf:3d:73:96:80:
7e:58:8e:21:23:fc:3f:4f:0f:7e:f4:cc:d9:a1:32:
20:d7:bd:d7:f4:11:b1:1e:c7:1f:6f:c7:e8:66:a8:
f7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:76:94:DB:BC:44:71:A3:6E:99:D2:14:EE:2C:72:82:DE:77:50:F1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/34B4FE2C3BAF11F0B14BFBECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.220.0/23
45.207.152.0/23
Signature Algorithm: sha256WithRSAEncryption
91:e9:9a:9a:61:83:b8:a9:81:59:c1:0f:39:0d:73:ad:05:c4:
fe:e1:cc:34:9f:d3:de:76:f8:67:01:37:21:7b:6a:11:a2:90:
b6:6c:61:e9:cb:6e:2a:bb:02:9d:ee:de:fd:55:11:ea:92:56:
fc:a8:c6:4d:03:30:09:2d:e8:46:25:76:34:43:7d:73:59:6b:
b3:43:c0:cc:13:9a:ba:e7:38:ae:ea:cc:fe:7e:81:3c:a1:6d:
43:1b:6d:cd:9d:fa:db:46:b1:18:b0:1c:72:3f:da:01:92:d7:
0a:01:5a:52:f2:72:a3:6c:45:36:f1:51:33:21:cd:e9:82:a6:
a0:1f:7a:42:63:c6:d0:3d:fb:39:96:c1:08:d3:35:25:41:60:
1a:ea:03:15:42:1b:d4:14:68:f2:8d:95:b9:00:0d:80:78:e4:
64:bd:43:38:31:fd:06:4c:66:4c:cd:6d:e5:63:e0:42:1e:6e:
38:3b:ff:f2:97:71:be:e0:04:1b:8c:c9:c8:47:9f:8f:b0:e6:
17:53:12:df:70:fe:a3:b1:4c:87:60:9e:a9:b2:2c:dd:58:a7:
59:7f:15:93:c9:77:b6:46:2f:f6:50:be:03:d9:19:d6:3c:4d:
a7:65:f9:50:0a:7e:0a:da:ba:49:28:22:db:46:03:15:0a:3f:
30:2d:ec:c5
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVg/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MTAzMzI5WhcNMjUwNzAzMTAzMzI5WjAYMRYw
FAYDVQQDEw02ODM2ZTY3ZS1jNTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4GHXfur/4lB7sYGaR15SGLS7TTjxZP5z/ICjDACrc9vtySILvpSFUnyL
uftaUWOmQAmTbAbMRYGW1aqAiophYqjR1wMQmqIEEWPyTClOrVllf4wMalzfz5kH
vveJVJ5deXgTbwxX66YGnupRBWvEFNhbfiMK2itCbJj4EvOa2O1ZN6VpWboJidOB
kI68S5BHcYT0pvYoogp2Q12dvH3bgydOlaFK0W2MiGZ9wcjrvfjgwAVM1BVmQuMb
yBHeyRtTahjis22Rxit8kZaTj+f+5QO05Wnly6qxjfE4vz1zloB+WI4hI/w/Tw9+
9MzZoTIg173X9BGxHscfb8foZqj39wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMd2
lNu8RHGjbpnSFO4scoLed1DxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNEI0RkUyQzNCQUYxMUYwQjE0QkZCRUNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLcTcAwQBLc+YMA0GCSqGSIb3
DQEBCwUAA4IBAQCR6ZqaYYO4qYFZwQ85DXOtBcT+4cw0n9PedvhnATche2oRopC2
bGHpy24quwKd7t79VRHqklb8qMZNAzAJLehGJXY0Q31zWWuzQ8DME5q65ziu6sz+
foE8oW1DG23NnfrbRrEYsBxyP9oBktcKAVpS8nKjbEU28VEzIc3pgqagH3pCY8bQ
Pfs5lsEI0zUlQWAa6gMVQhvUFGjyjZW5AA2AeORkvUM4Mf0GTGZMzW3lY+BCHm44
O//yl3G+4AQbjMnIR5+PsOYXUxLfcP6jsUyHYJ6psizdWKdZfxWTyXe2Ri/2UL4D
2RnWPE2nZflQCn4K2rpJKCLbRgMVCj8wLezF
-----END CERTIFICATE-----
Generated at Tue Jun 3 09:07:42 2025 by rpki-client