Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C5383A0406511F0BA081A8FDAE4EC9C.roa
File: 3C5383A0406511F0BA081A8FDAE4EC9C.roa (raw, json)
Hash identifier: EHBufsunDWvHGQSjDbsSPn7HfZZDf6DTLiyzpe9nD/0=
Subject key identifier: 7F:98:B4:F9:F0:23:54:9A:B8:A2:0B:2E:55:DA:ED:E9:09:AC:96:30
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015976
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C5383A0406511F0BA081A8FDAE4EC9C.roa
Signing time: Tue 03 Jun 2025 10:26:40 +0000
ROA not before: Tue 03 Jun 2025 10:26:35 +0000
ROA not after: Fri 03 Jul 2026 10:26:35 +0000
asID: 984
IP address blocks: 45.201.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88438 (0x15976)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 3 10:26:35 2025 GMT
Not After : Jul 3 10:26:35 2026 GMT
Subject: CN=683ecde0-af99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:22:7d:16:f6:dd:95:9e:46:4d:e8:33:37:b2:
92:6c:f9:3a:29:a1:74:76:d0:df:08:20:4b:53:dc:
2b:39:ec:e9:85:62:36:37:fb:bf:4d:73:11:23:3d:
73:f7:0e:53:26:e1:d2:61:44:9a:02:0e:46:29:a2:
c7:1c:d7:ed:b9:91:d0:47:12:67:a0:de:f4:c4:9d:
ca:95:c5:db:e5:c6:4b:1d:89:f6:0e:8b:e9:31:cf:
1b:10:b0:6d:a6:31:f6:79:fa:81:57:40:00:f5:05:
ec:d9:97:f0:24:62:50:77:9e:21:d6:02:aa:de:4f:
cd:eb:8d:cd:56:67:cf:99:26:7a:4b:05:06:2d:99:
ce:af:25:c6:46:0f:cb:67:9c:95:ba:e4:f3:4d:3c:
e5:1d:d8:3a:4a:0d:76:ac:3c:48:f7:e4:1b:23:0c:
d9:f6:c5:ba:38:21:d2:30:47:bd:7a:aa:1a:2b:d0:
4b:d2:79:3d:79:3b:ac:7a:0a:80:b7:e6:7f:c0:b5:
44:df:2b:c5:39:ff:72:f9:d9:29:c0:a3:0c:b6:14:
92:e6:e6:2c:7c:71:1c:c0:d5:ab:ea:4f:8a:86:4a:
a1:e7:8c:c9:3c:0d:83:54:41:80:ad:09:57:73:80:
ef:ef:b0:98:c8:84:50:3b:05:cb:b9:23:bc:17:6f:
12:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:98:B4:F9:F0:23:54:9A:B8:A2:0B:2E:55:DA:ED:E9:09:AC:96:30
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C5383A0406511F0BA081A8FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.63.0/24
Signature Algorithm: sha256WithRSAEncryption
49:52:ef:8e:a2:89:a3:1d:0e:d1:21:a5:19:a8:ec:b4:9a:68:
ed:7b:73:a8:45:97:76:54:f1:50:28:2a:8e:3d:fa:b6:cf:42:
f3:e6:e5:bc:93:44:6b:51:d7:28:68:98:83:80:1f:dc:7e:88:
bd:b4:0b:7c:cb:cc:46:b4:b7:95:09:17:70:18:76:e9:f3:b7:
6f:85:04:7a:37:7e:25:80:f7:c9:e3:04:1c:f4:13:72:00:50:
d5:63:a7:00:79:16:cc:34:90:d8:ba:14:d0:cf:bf:03:06:0d:
cc:e4:74:bd:31:1f:e7:72:34:ef:88:8e:cd:52:e0:e7:92:c6:
e5:e3:e7:f6:7c:0b:5c:3c:73:9d:77:e4:e9:60:52:0a:43:eb:
f1:49:23:b2:4f:65:0f:1c:d4:c3:12:d3:ea:f6:f0:95:5f:1c:
96:90:3c:e6:7e:4a:8f:1b:05:4c:e5:ea:a7:05:22:85:fa:17:
12:e6:ab:bc:6a:7f:24:93:01:dd:11:63:62:2c:ea:8b:94:b0:
5b:3a:bd:2e:e1:68:b0:1c:ec:44:a1:65:07:ac:8f:ed:bd:19:
83:9c:d2:77:62:9d:5c:b6:d2:bf:0e:3d:60:e7:97:db:e4:20:
85:0f:e2:45:ad:62:7b:c2:19:57:fa:2e:b6:40:46:80:5d:17:
a9:58:2f:f9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVl2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjAzMTAyNjM1WhcNMjYwNzAzMTAyNjM1WjAYMRYw
FAYDVQQDEw02ODNlY2RlMC1hZjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnSJ9FvbdlZ5GTegzN7KSbPk6KaF0dtDfCCBLU9wrOezphWI2N/u/TXMR
Iz1z9w5TJuHSYUSaAg5GKaLHHNftuZHQRxJnoN70xJ3KlcXb5cZLHYn2DovpMc8b
ELBtpjH2efqBV0AA9QXs2ZfwJGJQd54h1gKq3k/N643NVmfPmSZ6SwUGLZnOryXG
Rg/LZ5yVuuTzTTzlHdg6Sg12rDxI9+QbIwzZ9sW6OCHSMEe9eqoaK9BL0nk9eTus
egqAt+Z/wLVE3yvFOf9y+dkpwKMMthSS5uYsfHEcwNWr6k+Khkqh54zJPA2DVEGA
rQlXc4Dv77CYyIRQOwXLuSO8F28SSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH+Y
tPnwI1SauKILLlXa7ekJrJYwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQzUzODNBMDQwNjUxMUYwQkEwODFBOEZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALck/MA0GCSqGSIb3DQEBCwUA
A4IBAQBJUu+OoomjHQ7RIaUZqOy0mmjte3OoRZd2VPFQKCqOPfq2z0Lz5uW8k0Rr
UdcoaJiDgB/cfoi9tAt8y8xGtLeVCRdwGHbp87dvhQR6N34lgPfJ4wQc9BNyAFDV
Y6cAeRbMNJDYuhTQz78DBg3M5HS9MR/ncjTviI7NUuDnksbl4+f2fAtcPHOdd+Tp
YFIKQ+vxSSOyT2UPHNTDEtPq9vCVXxyWkDzmfkqPGwVM5eqnBSKF+hcS5qu8an8k
kwHdEWNiLOqLlLBbOr0u4WiwHOxEoWUHrI/tvRmDnNJ3Yp1cttK/Dj1g55fb5CCF
D+JFrWJ7whlX+i62QEaAXRepWC/5
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:33:27 2025 by rpki-client