Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BF986BA406511F099B5E190DAE4EC9C.roa
File: 4BF986BA406511F099B5E190DAE4EC9C.roa (raw, json)
Hash identifier: nxUKSy/z6fHQUQ4WwQXQXGjXJ/qPi+fWVpdVH9o6vTo=
Subject key identifier: 80:41:1B:02:C4:61:E7:1A:75:28:75:D0:70:20:19:7D:9C:9B:52:63
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015978
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BF986BA406511F099B5E190DAE4EC9C.roa
Signing time: Tue 03 Jun 2025 10:27:06 +0000
ROA not before: Tue 03 Jun 2025 10:27:01 +0000
ROA not after: Fri 25 Jul 2025 10:27:01 +0000
asID: 150000
IP address blocks: 45.197.141.0/24 maxlen: 24
45.197.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88440 (0x15978)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 3 10:27:01 2025 GMT
Not After : Jul 25 10:27:01 2025 GMT
Subject: CN=683ecdfa-631a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:90:30:56:2e:c2:0c:06:b5:56:cb:65:5a:b5:
14:ac:81:9a:0a:48:7e:1d:c2:44:da:2a:8e:d9:4f:
74:8d:b7:34:7c:80:30:ce:6f:c4:37:0e:ea:ef:ca:
95:53:e2:bf:bb:16:26:44:0f:e4:10:d2:7a:23:13:
0b:42:28:ee:b3:ba:55:7d:7f:7d:3a:2e:50:13:d9:
e0:d2:7b:6a:9c:e8:93:c0:2e:ab:3e:b3:ef:d6:c6:
d1:42:ce:b6:f7:53:6a:41:82:03:8d:d5:67:a4:00:
c0:56:75:5e:bf:15:28:a1:5a:ec:df:f9:ef:6a:f6:
9c:9a:ca:50:1b:b2:59:85:0a:fe:0d:fa:c4:79:69:
8f:d4:c8:26:a9:a9:2a:cf:e5:42:2e:59:d3:4c:1f:
d1:d2:97:dd:17:d0:13:cc:7a:39:8d:e5:00:0a:9f:
4f:8e:f1:53:5f:87:05:e2:df:a5:d4:a8:93:d5:ae:
90:7a:28:ab:f2:56:a9:36:2d:b0:8b:b8:7c:df:4c:
f9:92:7b:6c:08:e5:a9:19:83:37:ce:4c:f1:08:1f:
47:1d:ce:0d:c7:80:3a:85:94:4a:2a:20:16:5e:3c:
6b:fb:e6:e3:58:39:0f:09:6a:0d:62:6a:02:21:cf:
ad:ba:dd:01:74:d3:bb:63:5c:2d:77:4c:cc:c0:ef:
bc:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:41:1B:02:C4:61:E7:1A:75:28:75:D0:70:20:19:7D:9C:9B:52:63
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BF986BA406511F099B5E190DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.141.0-45.197.142.255
Signature Algorithm: sha256WithRSAEncryption
35:89:3f:6c:ed:22:b4:1b:78:0a:bc:79:a5:a4:2b:94:b4:31:
19:b1:3e:5a:0d:81:78:19:83:45:57:b6:4a:94:32:ea:b0:48:
99:6f:11:7d:db:6d:c8:22:57:b5:8c:43:86:ca:e2:c8:50:ce:
1f:12:f2:bc:d0:e4:67:3a:ba:f8:d6:17:7e:db:f2:84:cf:2f:
ad:7e:a7:39:9c:31:0f:da:18:ab:c1:3a:33:e8:d1:b1:d3:7a:
5a:4e:be:63:48:58:99:b2:8f:df:9d:ee:3c:d5:c1:7b:c7:70:
91:40:c3:f7:b0:50:c0:ba:d6:33:bf:c4:ab:14:d3:ab:c9:b4:
23:84:b0:ee:c2:e2:fa:d5:7e:e2:60:c6:e0:e7:33:48:3d:98:
43:1e:aa:a1:7c:1e:84:98:c4:06:f1:2c:dd:92:b9:79:29:e3:
3a:b1:e1:fd:cb:db:f0:8b:cf:d5:a0:76:ec:df:7a:f5:ee:2c:
39:a0:45:88:db:76:65:7f:73:84:e7:d9:be:27:a0:e5:2d:af:
d4:cc:8a:40:42:7b:92:1c:eb:7d:2c:c7:57:c4:1c:9c:f7:3b:
e8:bc:7e:02:c6:c6:66:57:ed:7a:1a:76:48:ea:01:55:35:a6:
2c:28:17:27:04:79:cb:00:d1:11:e2:d9:e2:df:27:ec:09:41:
49:dd:3f:1b
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVl4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjAzMTAyNzAxWhcNMjUwNzI1MTAyNzAxWjAYMRYw
FAYDVQQDEw02ODNlY2RmYS02MzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA15AwVi7CDAa1VstlWrUUrIGaCkh+HcJE2iqO2U90jbc0fIAwzm/ENw7q
78qVU+K/uxYmRA/kENJ6IxMLQijus7pVfX99Oi5QE9ng0ntqnOiTwC6rPrPv1sbR
Qs6291NqQYIDjdVnpADAVnVevxUooVrs3/nvavacmspQG7JZhQr+DfrEeWmP1Mgm
qakqz+VCLlnTTB/R0pfdF9ATzHo5jeUACp9PjvFTX4cF4t+l1KiT1a6Qeiir8lap
Ni2wi7h830z5kntsCOWpGYM3zkzxCB9HHc4Nx4A6hZRKKiAWXjxr++bjWDkPCWoN
YmoCIc+tut0BdNO7Y1wtd0zMwO+8/wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIBB
GwLEYecadSh10HAgGX2cm1JjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QkY5ODZCQTQwNjUxMUYwOTlCNUUxOTBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtxY0DBAAtxY4wDQYJKoZI
hvcNAQELBQADggEBADWJP2ztIrQbeAq8eaWkK5S0MRmxPloNgXgZg0VXtkqUMuqw
SJlvEX3bbcgiV7WMQ4bK4shQzh8S8rzQ5Gc6uvjWF37b8oTPL61+pzmcMQ/aGKvB
OjPo0bHTelpOvmNIWJmyj9+d7jzVwXvHcJFAw/ewUMC61jO/xKsU06vJtCOEsO7C
4vrVfuJgxuDnM0g9mEMeqqF8HoSYxAbxLN2SuXkp4zqx4f3L2/CLz9WgduzfevXu
LDmgRYjbdmV/c4Tn2b4noOUtr9TMikBCe5Ic630sx1fEHJz3O+i8fgLGxmZX7Xoa
dkjqAVU1piwoFycEecsA0RHi2eLfJ+wJQUndPxs=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:22:28 2025 by rpki-client