Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A647CA0380A11F0BAAEFDAADAE4EC9C.roa
File: 4A647CA0380A11F0BAAEFDAADAE4EC9C.roa (raw, json)
Hash identifier: PHHAJSJYektEe8DYu1aJbNhJ9lwJ17sS26TJFSKKA60=
Subject key identifier: 7B:7E:7C:A3:61:2E:96:C0:29:4C:64:6B:70:DF:61:4A:6B:BD:3F:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015713
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A647CA0380A11F0BAAEFDAADAE4EC9C.roa
Signing time: Fri 23 May 2025 19:15:30 +0000
ROA not before: Fri 23 May 2025 19:15:25 +0000
ROA not after: Wed 17 Jun 2026 19:15:25 +0000
asID: 55020
IP address blocks: 45.204.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87827 (0x15713)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 19:15:25 2025 GMT
Not After : Jun 17 19:15:25 2026 GMT
Subject: CN=6830c952-9b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:98:18:6f:4b:43:65:09:65:af:1c:59:ba:71:
fc:4d:13:4e:a2:db:e8:c8:e7:b8:d9:09:36:72:84:
bc:74:6c:49:7f:98:f5:69:85:4c:30:21:78:7d:4b:
1d:4a:f7:12:67:90:d7:d1:05:23:85:77:3f:2b:5f:
d3:aa:21:ff:3f:53:7e:c1:f0:81:30:eb:1d:29:d8:
f1:35:b9:d4:af:fa:44:0d:5e:a7:12:06:97:5b:30:
d9:b2:8a:aa:fa:b1:b7:7b:57:f8:ea:75:48:a5:b1:
21:b9:1a:5c:b8:0c:12:9e:f9:1d:bb:33:03:97:7d:
da:c7:8a:fd:3a:8a:85:b0:84:a4:86:df:2a:40:fd:
37:2b:78:34:a8:05:c0:f4:f7:70:36:ff:80:ca:a0:
a6:d7:75:b4:5c:ff:ec:08:d0:ea:6c:48:e5:80:e9:
d6:81:a7:c7:f2:63:64:6e:6b:2d:21:98:d6:9a:c1:
bc:e8:5a:b3:83:84:cf:e9:40:74:b5:be:5e:03:99:
45:53:47:d9:7f:f4:90:79:4f:71:e5:98:cf:f6:dd:
9f:ef:5e:34:d7:cb:09:fb:2c:c0:d9:5d:0e:ad:81:
a8:67:c8:21:6e:53:8c:71:a0:42:79:dd:98:73:d4:
ea:d7:82:bb:db:df:f7:3d:1e:c1:b1:55:4c:73:bf:
b6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:7E:7C:A3:61:2E:96:C0:29:4C:64:6B:70:DF:61:4A:6B:BD:3F:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A647CA0380A11F0BAAEFDAADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.4.0/22
Signature Algorithm: sha256WithRSAEncryption
24:08:84:87:df:1a:be:a3:40:da:0d:62:55:35:c8:be:9b:e6:
8c:56:8b:e0:dd:11:fa:ea:74:7e:27:b4:44:aa:10:e4:55:52:
ca:7e:97:8e:93:af:76:67:73:bb:5b:b9:c0:8e:4a:c0:1b:50:
3c:f2:b6:36:45:4a:28:79:49:69:df:0a:67:ed:76:53:44:bd:
21:3a:d1:30:c8:4a:8f:dd:fc:02:13:09:3d:36:f8:fc:d8:97:
aa:3f:0d:52:c2:d4:db:89:99:c8:f3:6d:b8:52:7c:07:8c:74:
30:31:3b:c0:e6:5a:15:ea:38:28:7b:39:9f:52:0f:e3:df:7e:
3a:4a:33:bf:a7:8a:32:15:c8:32:d1:5b:86:8d:28:8e:85:83:
f8:16:eb:95:2c:ce:0f:14:ba:a5:a5:8d:a0:51:c4:2d:56:d0:
b0:72:cd:35:0a:62:e3:aa:45:da:6d:ea:7e:ec:0d:6b:85:b0:
fe:82:c7:75:86:c0:a8:34:e7:da:cb:97:6f:f1:a9:27:e3:b7:
0a:72:37:be:a3:99:ad:ac:49:85:0b:e4:ca:d5:cc:71:6f:ee:
26:6e:77:9a:3a:25:8d:dd:2c:bd:6e:a7:84:62:d5:2c:bd:0b:
fc:8e:cb:f7:cd:3a:2f:4d:b1:df:75:25:a4:d6:de:e4:d6:2b:
3a:a4:c4:84
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVcTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIzMTkxNTI1WhcNMjYwNjE3MTkxNTI1WjAYMRYw
FAYDVQQDEw02ODMwYzk1Mi05YjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu5gYb0tDZQllrxxZunH8TRNOotvoyOe42Qk2coS8dGxJf5j1aYVMMCF4
fUsdSvcSZ5DX0QUjhXc/K1/TqiH/P1N+wfCBMOsdKdjxNbnUr/pEDV6nEgaXWzDZ
soqq+rG3e1f46nVIpbEhuRpcuAwSnvkduzMDl33ax4r9OoqFsISkht8qQP03K3g0
qAXA9PdwNv+AyqCm13W0XP/sCNDqbEjlgOnWgafH8mNkbmstIZjWmsG86Fqzg4TP
6UB0tb5eA5lFU0fZf/SQeU9x5ZjP9t2f714018sJ+yzA2V0OrYGoZ8ghblOMcaBC
ed2Yc9Tq14K729/3PR7BsVVMc7+21QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHt+
fKNhLpbAKUxka3DfYUprvT+8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QTY0N0NBMDM4MEExMUYwQkFBRUZEQUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcwEMA0GCSqGSIb3DQEBCwUA
A4IBAQAkCISH3xq+o0DaDWJVNci+m+aMVovg3RH66nR+J7REqhDkVVLKfpeOk692
Z3O7W7nAjkrAG1A88rY2RUooeUlp3wpn7XZTRL0hOtEwyEqP3fwCEwk9Nvj82Jeq
Pw1SwtTbiZnI8224UnwHjHQwMTvA5loV6jgoezmfUg/j3346SjO/p4oyFcgy0VuG
jSiOhYP4FuuVLM4PFLqlpY2gUcQtVtCwcs01CmLjqkXabep+7A1rhbD+gsd1hsCo
NOfay5dv8akn47cKcje+o5mtrEmFC+TK1cxxb+4mbneaOiWN3Sy9bqeEYtUsvQv8
jsv3zTovTbHfdSWk1t7k1is6pMSE
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:37:48 2025 by rpki-client