Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53E1F36C2B2F11F09F9FB1E4DAE4EC9C.roa
File: 53E1F36C2B2F11F09F9FB1E4DAE4EC9C.roa (raw, json)
Hash identifier: MINzvx6dPlIx9sOGXNyYQ+xHDodfms7xZ/dZufqhM9E=
Subject key identifier: 6F:90:1D:6C:5B:FD:61:0D:BE:50:1A:04:AF:38:DE:FE:A9:F4:50:47
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0152A2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53E1F36C2B2F11F09F9FB1E4DAE4EC9C.roa
Signing time: Wed 07 May 2025 10:37:52 +0000
ROA not before: Wed 07 May 2025 10:37:48 +0000
ROA not after: Mon 16 Jun 2025 10:37:48 +0000
asID: 142032
IP address blocks: 45.192.96.0/20 maxlen: 24
45.207.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86690 (0x152a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 7 10:37:48 2025 GMT
Not After : Jun 16 10:37:48 2025 GMT
Subject: CN=681b3800-ac90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:71:55:29:c6:e7:13:5b:78:95:ea:3b:b2:a9:
56:83:ec:44:fc:58:db:91:65:66:56:97:4b:e5:5a:
61:97:07:9e:41:01:44:8d:fe:18:8a:ca:21:aa:a3:
27:d4:eb:3e:ae:b1:87:8c:52:42:9c:ab:57:61:ba:
05:a2:a4:3d:95:e3:ce:79:62:52:14:fe:64:b3:c9:
9e:c1:fd:12:d0:ed:ee:a1:af:1a:40:32:8c:5e:06:
b8:1d:bb:fc:6a:4e:ff:7d:1d:8a:88:7c:fc:1e:4c:
62:4d:80:14:0e:cc:e0:7e:b4:f2:48:4a:a9:af:77:
8b:68:ca:d0:c3:64:a2:7c:0c:be:99:44:7f:cb:e9:
b4:54:30:24:35:e2:5d:07:29:1d:5e:21:cd:df:63:
a8:54:94:97:d6:e3:eb:37:1f:aa:35:5f:38:c5:6c:
66:45:c0:77:1a:8f:ab:fd:a0:79:e5:96:69:11:0a:
a2:dc:75:51:33:23:2c:db:01:b5:ab:2b:93:97:d6:
7a:c0:ad:8f:d5:70:b9:d3:b1:44:68:da:80:71:a0:
dc:dc:5b:8a:7e:93:7d:45:bd:52:91:c1:7b:16:36:
4f:de:b2:9d:c8:bd:92:46:a8:94:45:02:3d:91:fb:
ff:b7:50:b9:cf:1f:73:5d:e9:b6:7e:fa:33:77:34:
66:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:90:1D:6C:5B:FD:61:0D:BE:50:1A:04:AF:38:DE:FE:A9:F4:50:47
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53E1F36C2B2F11F09F9FB1E4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/20
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
75:1f:cd:4b:4a:ef:82:d9:df:b6:30:49:bb:73:7d:28:50:19:
73:d4:f6:a9:dd:71:84:aa:dc:5f:db:5c:f3:6d:46:21:d6:f5:
96:c6:16:26:12:04:ad:72:2b:68:03:24:79:95:4f:ef:71:ec:
70:33:63:82:c6:58:5d:f4:19:49:38:e9:66:d7:fb:1f:6e:3e:
2e:11:e0:f5:11:85:02:1a:47:86:da:79:e5:86:8d:f7:64:9e:
3d:68:b3:90:97:ca:e5:58:30:0e:fb:01:04:ac:9d:a4:1b:20:
d8:81:4e:79:c6:43:7a:53:f9:87:61:b4:f4:26:1c:4c:f1:09:
c4:f6:d7:42:fe:be:54:d6:27:74:bb:2c:54:7d:90:06:58:3b:
7f:19:87:eb:51:81:72:5c:ed:4f:10:d2:eb:43:04:db:6e:46:
db:fe:bd:5f:86:40:70:5a:e6:e6:78:32:c7:2e:13:de:b3:1d:
f7:12:58:90:78:32:b4:1f:c0:d8:f1:1e:4d:96:ab:92:f3:b7:
e9:a0:08:2d:0f:20:f9:0e:f4:8b:5d:3e:c3:bb:d2:09:a9:3d:
5b:c9:1a:e7:1b:bc:d9:89:57:af:4f:8a:09:56:a6:60:a6:93:
ef:a0:c7:2e:1f:df:19:73:23:b1:ad:2c:05:36:10:30:3e:74:
3c:68:19:e2
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVKiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA3MTAzNzQ4WhcNMjUwNjE2MTAzNzQ4WjAYMRYw
FAYDVQQDEw02ODFiMzgwMC1hYzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnHFVKcbnE1t4leo7sqlWg+xE/FjbkWVmVpdL5VphlweeQQFEjf4Yisoh
qqMn1Os+rrGHjFJCnKtXYboFoqQ9lePOeWJSFP5ks8mewf0S0O3uoa8aQDKMXga4
Hbv8ak7/fR2KiHz8HkxiTYAUDszgfrTySEqpr3eLaMrQw2SifAy+mUR/y+m0VDAk
NeJdBykdXiHN32OoVJSX1uPrNx+qNV84xWxmRcB3Go+r/aB55ZZpEQqi3HVRMyMs
2wG1qyuTl9Z6wK2P1XC507FEaNqAcaDc3FuKfpN9Rb1SkcF7FjZP3rKdyL2SRqiU
RQI9kfv/t1C5zx9zXem2fvozdzRm3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG+Q
HWxb/WENvlAaBK843v6p9FBHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81M0UxRjM2QzJCMkYxMUYwOUY5RkIxRTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQELcBgAwQFLc/AMA0GCSqGSIb3
DQEBCwUAA4IBAQB1H81LSu+C2d+2MEm7c30oUBlz1Pap3XGEqtxf21zzbUYh1vWW
xhYmEgStcitoAyR5lU/vcexwM2OCxlhd9BlJOOlm1/sfbj4uEeD1EYUCGkeG2nnl
ho33ZJ49aLOQl8rlWDAO+wEErJ2kGyDYgU55xkN6U/mHYbT0JhxM8QnE9tdC/r5U
1id0uyxUfZAGWDt/GYfrUYFyXO1PENLrQwTbbkbb/r1fhkBwWubmeDLHLhPesx33
EliQeDK0H8DY8R5NlquS87fpoAgtDyD5DvSLXT7Du9IJqT1byRrnG7zZiVevT4oJ
VqZgppPvoMcuH98ZcyOxrSwFNhAwPnQ8aBni
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:34:49 2025 by rpki-client