Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/491161E03A5A11F0982A82BCDAE4EC9C.roa
File: 491161E03A5A11F0982A82BCDAE4EC9C.roa (raw, json)
Hash identifier: FEby2yNyc9wUoveBoDkWRR5fbzFQhfGMRZwL4Ss8MyA=
Subject key identifier: 5E:9D:49:21:A8:79:AD:36:28:4D:DD:92:48:17:00:4C:3C:29:09:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0157A8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/491161E03A5A11F0982A82BCDAE4EC9C.roa
Signing time: Mon 26 May 2025 17:53:10 +0000
ROA not before: Mon 26 May 2025 17:53:05 +0000
ROA not after: Tue 26 Aug 2025 17:53:05 +0000
asID: 328608
IP address blocks: 45.197.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87976 (0x157a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 26 17:53:05 2025 GMT
Not After : Aug 26 17:53:05 2025 GMT
Subject: CN=6834aa86-6f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d8:e8:6e:5a:e8:38:59:88:ce:60:48:4a:66:
2e:21:a5:7d:d9:50:c0:7d:20:44:7c:2b:e5:cc:d9:
aa:5e:ea:ef:93:0a:7e:48:ec:da:9e:1f:ac:45:bc:
31:11:38:c9:a6:a6:30:77:95:58:13:fa:e6:ab:50:
ae:8d:00:46:c7:0c:c3:8a:5b:fc:2c:75:e6:44:09:
38:79:68:50:ce:f9:4b:d1:76:90:7f:5d:bf:00:12:
69:ec:d2:9c:ea:84:49:93:6e:48:2a:a1:42:fb:f6:
8c:b6:42:1f:97:79:f0:19:96:dd:1a:05:7c:5d:15:
10:a0:33:8f:97:ca:8c:2d:fd:ed:d1:7d:21:e7:8d:
a9:ea:42:4b:0b:4e:29:5b:6b:f4:07:0b:1e:2f:c2:
93:d9:6e:47:42:84:6f:09:66:96:44:ec:93:30:0e:
7f:35:3a:52:81:48:1b:1d:ee:63:5e:c6:d1:49:56:
f1:a0:a3:8f:f9:47:9c:36:33:56:42:e1:7b:e3:bb:
5b:4b:45:5d:3e:76:d2:16:59:b9:42:6c:3b:10:38:
2f:1e:be:ee:d0:c3:73:bf:7e:c5:50:06:09:71:10:
1f:94:0e:ce:86:2d:a7:bf:96:19:96:09:e0:36:1a:
c9:9c:e2:c6:b0:05:cc:60:5d:62:7f:75:0a:76:cc:
97:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:9D:49:21:A8:79:AD:36:28:4D:DD:92:48:17:00:4C:3C:29:09:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/491161E03A5A11F0982A82BCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.164.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:62:fb:7c:95:f6:20:76:c1:69:3f:1b:88:5c:b1:31:cf:d2:
da:dd:87:db:34:7c:0a:c5:d1:41:02:c7:b6:0c:d2:cf:51:8f:
4f:06:80:e4:63:7a:2b:bc:60:aa:fe:12:71:2f:98:9d:46:db:
2a:05:c0:4b:1b:e3:6d:9f:54:52:96:b8:db:f5:ea:fe:7e:9c:
1a:cd:0b:c9:e0:2f:ac:35:80:fc:46:4c:2f:36:3b:5c:91:48:
30:18:85:ab:e8:3a:bb:29:d3:3b:80:69:75:35:9c:64:c1:cb:
16:1b:a3:28:64:30:b0:8e:9a:42:10:46:78:50:80:95:00:c7:
3a:60:f6:2b:1f:ce:4c:1c:7d:36:24:d4:b6:3b:9c:f9:01:7f:
6f:a9:b1:95:aa:c1:d6:c7:85:9c:e2:be:19:23:64:e9:da:d5:
39:f2:e4:e8:f0:f3:5e:79:03:5b:fa:bf:fb:c1:d7:5e:7c:f1:
5f:be:65:25:61:85:57:75:5c:4c:d9:6a:60:f7:7a:ad:da:49:
56:b6:16:bd:bc:47:f2:50:1d:ef:43:d8:f6:46:1e:14:bd:70:
86:8d:ff:0d:df:f4:f5:9e:eb:62:53:22:88:01:5f:28:03:0e:
ac:0c:1b:96:72:b9:00:08:64:9b:83:54:48:9f:44:c4:e8:ac:
f1:b9:80:84
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVeoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI2MTc1MzA1WhcNMjUwODI2MTc1MzA1WjAYMRYw
FAYDVQQDEw02ODM0YWE4Ni02ZjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5NjoblroOFmIzmBISmYuIaV92VDAfSBEfCvlzNmqXurvkwp+SOzanh+s
RbwxETjJpqYwd5VYE/rmq1CujQBGxwzDilv8LHXmRAk4eWhQzvlL0XaQf12/ABJp
7NKc6oRJk25IKqFC+/aMtkIfl3nwGZbdGgV8XRUQoDOPl8qMLf3t0X0h542p6kJL
C04pW2v0BwseL8KT2W5HQoRvCWaWROyTMA5/NTpSgUgbHe5jXsbRSVbxoKOP+Uec
NjNWQuF747tbS0VdPnbSFlm5Qmw7EDgvHr7u0MNzv37FUAYJcRAflA7Ohi2nv5YZ
lgngNhrJnOLGsAXMYF1if3UKdsyX3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF6d
SSGoea02KE3dkkgXAEw8KQn7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OTExNjFFMDNBNUExMUYwOTgyQTgyQkNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcWkMA0GCSqGSIb3DQEBCwUA
A4IBAQBbYvt8lfYgdsFpPxuIXLExz9La3YfbNHwKxdFBAse2DNLPUY9PBoDkY3or
vGCq/hJxL5idRtsqBcBLG+Ntn1RSlrjb9er+fpwazQvJ4C+sNYD8RkwvNjtckUgw
GIWr6Dq7KdM7gGl1NZxkwcsWG6MoZDCwjppCEEZ4UICVAMc6YPYrH85MHH02JNS2
O5z5AX9vqbGVqsHWx4Wc4r4ZI2Tp2tU58uTo8PNeeQNb+r/7wddefPFfvmUlYYVX
dVxM2Wpg93qt2klWtha9vEfyUB3vQ9j2Rh4UvXCGjf8N3/T1nutiUyKIAV8oAw6s
DBuWcrkACGSbg1RIn0TE6KzxuYCE
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:41:18 2025 by rpki-client