Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D1D4452297F11F0A2C8529FDAE4EC9C.roa
File: 4D1D4452297F11F0A2C8529FDAE4EC9C.roa (raw, json)
Hash identifier: CrkCIZd4AfHgW/1GFMVJfdMJXFQy1kyUFNPLoS+SUoE=
Subject key identifier: 66:27:80:1D:6C:92:75:40:A4:22:CB:88:E8:24:8D:81:A2:61:56:5A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0151F5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D1D4452297F11F0A2C8529FDAE4EC9C.roa
Signing time: Mon 05 May 2025 07:05:18 +0000
ROA not before: Mon 05 May 2025 07:05:13 +0000
ROA not after: Mon 09 Jun 2025 07:05:13 +0000
asID: 54801
IP address blocks: 45.200.14.0/23 maxlen: 24
45.200.16.0/23 maxlen: 24
45.200.18.0/23 maxlen: 24
45.200.20.0/22 maxlen: 24
45.200.24.0/21 maxlen: 24
45.200.32.0/19 maxlen: 24
45.201.214.0/23 maxlen: 24
45.201.216.0/21 maxlen: 24
45.201.224.0/21 maxlen: 24
45.201.240.0/20 maxlen: 24
45.204.0.0/24 maxlen: 24
45.207.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86517 (0x151f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 5 07:05:13 2025 GMT
Not After : Jun 9 07:05:13 2025 GMT
Subject: CN=6818632e-85f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:23:87:85:11:0a:2b:43:93:8a:7c:54:4f:9a:
56:5d:4a:5d:a8:b1:8e:76:24:2b:a3:15:a7:5c:1f:
62:08:2f:cc:05:49:a0:63:dd:22:58:cf:2e:a4:d5:
68:0d:86:b9:72:70:c7:d9:f4:89:7e:59:76:30:af:
ce:14:bb:12:84:c4:d1:17:ce:ca:be:61:35:46:6f:
27:dd:52:f9:56:48:01:d2:38:d2:c1:5a:fd:14:5e:
3f:50:3d:cc:f9:84:58:51:64:b0:b3:a7:4c:ef:91:
7b:bf:91:cf:81:6c:94:b0:ad:bc:61:9a:9a:1d:65:
4b:2c:70:f0:e1:06:0e:a5:21:a2:ab:b2:8b:57:f9:
d8:20:23:97:bf:27:c7:42:b3:85:a0:cc:08:15:9c:
22:94:f7:96:33:2a:a4:26:d5:b0:fa:04:a1:0c:37:
54:17:67:64:14:3e:61:e4:a8:b7:f9:3f:3e:15:06:
a4:a6:80:37:0c:0b:be:b6:81:9c:a7:d1:31:6a:b5:
30:56:03:75:5b:a6:c2:d1:4c:d2:3d:86:e7:dc:db:
9a:99:4d:c5:7e:46:4c:af:75:57:59:f4:91:83:0f:
f5:c3:6a:d7:23:08:fc:01:60:97:3a:9a:2b:45:c8:
29:0d:3a:08:b3:32:05:df:36:3d:16:17:f2:08:ac:
87:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:27:80:1D:6C:92:75:40:A4:22:CB:88:E8:24:8D:81:A2:61:56:5A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D1D4452297F11F0A2C8529FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.14.0-45.200.63.255
45.201.214.0-45.201.231.255
45.201.240.0/20
45.204.0.0/24
45.207.224.0/19
Signature Algorithm: sha256WithRSAEncryption
88:30:4c:45:c7:2b:48:40:40:17:9e:29:23:4a:a9:fe:bf:1b:
f7:a0:c5:80:2a:0c:55:7b:36:7e:40:5b:ed:54:c7:ce:3d:2f:
01:b2:fc:fd:f5:a6:89:50:0c:d0:82:ef:02:10:b8:10:8f:ab:
2d:25:56:00:c1:df:3d:62:94:32:2c:4f:3e:df:d9:77:12:b4:
47:36:09:96:b5:d1:82:62:39:27:b5:0b:3b:98:51:a5:41:5a:
f9:f9:51:00:64:bc:c5:30:63:d6:e1:35:1b:46:56:db:93:21:
7e:66:e6:fa:68:da:5d:32:22:35:0d:b8:95:65:c1:2e:0c:65:
d7:1c:8f:12:74:f1:a3:92:17:cf:f8:86:91:37:e7:03:7f:0e:
ee:65:78:c4:74:03:3c:0f:82:c6:33:a3:42:88:da:67:69:2f:
98:e5:b7:e6:7e:e4:59:0f:d3:56:eb:17:dc:6f:bc:44:28:bb:
4c:0b:82:b9:db:65:f1:f9:4d:fb:c1:1d:d0:d8:d6:d0:68:ec:
08:e7:98:29:07:39:39:9d:7f:e5:ad:21:90:8f:48:d2:05:46:
b8:e6:86:ab:a6:90:bd:88:78:92:8c:78:c1:d3:53:48:a0:70:
94:30:0c:5f:ba:ef:aa:60:36:9d:cc:f4:74:2d:79:f2:c9:2c:
8e:db:13:37
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIDAVH1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA1MDcwNTEzWhcNMjUwNjA5MDcwNTEzWjAYMRYw
FAYDVQQDEw02ODE4NjMyZS04NWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtSOHhREKK0OTinxUT5pWXUpdqLGOdiQroxWnXB9iCC/MBUmgY90iWM8u
pNVoDYa5cnDH2fSJfll2MK/OFLsShMTRF87KvmE1Rm8n3VL5VkgB0jjSwVr9FF4/
UD3M+YRYUWSws6dM75F7v5HPgWyUsK28YZqaHWVLLHDw4QYOpSGiq7KLV/nYICOX
vyfHQrOFoMwIFZwilPeWMyqkJtWw+gShDDdUF2dkFD5h5Ki3+T8+FQakpoA3DAu+
toGcp9ExarUwVgN1W6bC0UzSPYbn3NuamU3FfkZMr3VXWfSRgw/1w2rXIwj8AWCX
OporRcgpDToIszIF3zY9FhfyCKyHBQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFGYn
gB1sknVApCLLiOgkjYGiYVZaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RDFENDQ1MjI5N0YxMUYwQTJDODUyOUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAEtyA4DBAYtyAAwDAMEAS3J
1gMEAy3J4AMEBC3J8AMEAC3MAAMEBS3P4DANBgkqhkiG9w0BAQsFAAOCAQEAiDBM
RccrSEBAF54pI0qp/r8b96DFgCoMVXs2fkBb7VTHzj0vAbL8/fWmiVAM0ILvAhC4
EI+rLSVWAMHfPWKUMixPPt/ZdxK0RzYJlrXRgmI5J7ULO5hRpUFa+flRAGS8xTBj
1uE1G0ZW25Mhfmbm+mjaXTIiNQ24lWXBLgxl1xyPEnTxo5IXz/iGkTfnA38O7mV4
xHQDPA+CxjOjQojaZ2kvmOW35n7kWQ/TVusX3G+8RCi7TAuCudtl8flN+8Ed0NjW
0GjsCOeYKQc5OZ1/5a0hkI9I0gVGuOaGq6aQvYh4kox4wdNTSKBwlDAMX7rvqmA2
ncz0dC158sksjtsTNw==
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:35:29 2025 by rpki-client