Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F53FE96333D11F08DB5A6C3DAE4EC9C.roa
File: 5F53FE96333D11F08DB5A6C3DAE4EC9C.roa (raw, json)
Hash identifier: 7c85YrJ798ziQ/pgVagLgYLx8bSS2sXa80uhKWqI3cg=
Subject key identifier: A5:20:D8:8B:63:53:93:EB:41:02:19:F3:15:50:6B:61:00:29:AB:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0155AB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F53FE96333D11F08DB5A6C3DAE4EC9C.roa
Signing time: Sat 17 May 2025 16:38:34 +0000
ROA not before: Sat 17 May 2025 16:38:29 +0000
ROA not after: Tue 16 Jun 2026 16:38:29 +0000
asID: 984
IP address blocks: 45.198.0.0/24 maxlen: 24
45.198.16.0/24 maxlen: 24
45.198.17.0/24 maxlen: 24
45.198.18.0/24 maxlen: 24
45.198.19.0/24 maxlen: 24
45.198.20.0/24 maxlen: 24
45.198.21.0/24 maxlen: 24
45.198.22.0/24 maxlen: 24
45.198.23.0/24 maxlen: 24
45.198.24.0/24 maxlen: 24
45.198.25.0/24 maxlen: 24
45.198.33.0/24 maxlen: 24
45.201.1.0/24 maxlen: 24
45.201.2.0/24 maxlen: 24
45.201.3.0/24 maxlen: 24
45.201.4.0/24 maxlen: 24
45.201.5.0/24 maxlen: 24
45.201.6.0/24 maxlen: 24
45.201.7.0/24 maxlen: 24
45.206.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87467 (0x155ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 17 16:38:29 2025 GMT
Not After : Jun 16 16:38:29 2026 GMT
Subject: CN=6828bb8a-0429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4e:11:50:48:d5:46:13:54:39:86:37:44:00:
de:57:19:12:98:29:18:6f:4e:43:a0:52:d8:df:05:
f6:84:0d:34:d6:13:6a:34:ab:4a:60:de:22:9f:23:
56:f9:ca:22:9b:d5:ed:89:45:70:84:a2:b6:a9:d5:
52:d0:a1:8d:9d:ad:a9:a7:6b:fb:9c:d0:15:c7:fc:
06:e0:e7:b4:67:5f:87:9a:c9:8e:8f:7f:bc:3b:18:
fa:59:d5:63:67:f3:a3:f8:ed:1f:ca:bb:de:04:92:
6c:95:b4:13:68:ba:c2:8c:7c:f7:4b:2e:09:86:4a:
4b:69:f4:0d:64:44:fd:62:18:a4:76:c2:a0:8a:14:
24:4b:f3:e6:13:65:be:65:d7:62:9a:ff:98:69:0c:
6f:9f:e2:7d:3a:00:bc:8c:72:98:29:2f:12:70:94:
e8:dc:4a:8a:a4:d9:d3:f7:de:95:13:b9:c6:db:ee:
ad:1e:6e:ef:d9:4d:a0:86:44:4b:d0:9f:79:28:00:
0e:a2:00:62:c7:da:f2:be:70:c0:6f:44:cb:41:d7:
1f:32:3d:23:fd:96:db:5c:8a:a5:02:b9:c3:f8:f1:
01:a0:24:3a:ae:a4:c0:df:fc:bc:3f:d9:b1:11:49:
27:84:55:91:42:09:9f:10:4f:1f:d2:a6:70:00:e4:
52:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:20:D8:8B:63:53:93:EB:41:02:19:F3:15:50:6B:61:00:29:AB:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F53FE96333D11F08DB5A6C3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.0.0/24
45.198.16.0-45.198.25.255
45.198.33.0/24
45.201.1.0-45.201.7.255
45.206.34.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:6b:84:b8:54:6b:c8:0d:06:31:65:98:ae:55:b4:43:8b:b0:
a9:cf:43:62:86:b0:71:73:9d:db:07:ec:68:72:b0:c0:05:21:
79:fc:96:ca:50:d0:0d:94:43:a9:51:65:63:90:d5:04:57:34:
c4:30:d2:68:26:68:f9:a9:c4:15:5c:7c:54:79:12:78:35:3f:
fe:76:52:a8:1e:a5:b8:a3:e8:15:3a:45:41:f8:75:da:3d:68:
8d:c4:b9:b5:b8:cf:bf:d3:6f:2b:a4:ee:39:3f:06:2d:5c:c0:
02:54:7b:42:f5:c5:91:4c:ad:5b:a9:47:8f:c7:90:d9:5d:8d:
68:24:77:49:24:fa:3d:df:ea:c0:1e:e0:bc:0d:e9:68:e7:e6:
4b:d0:b7:9e:45:e2:5b:b0:90:a5:8d:ad:04:82:3b:27:a8:bc:
3f:6b:b8:c8:6c:16:87:46:66:7a:c7:19:ea:fb:13:4a:30:d9:
f3:2b:d1:56:f0:88:8d:52:f0:03:e3:f8:2b:1e:7a:89:91:b1:
30:4f:e4:33:20:ba:a9:81:92:7e:75:c5:c0:51:af:f1:63:1b:
58:3d:59:c7:85:90:05:2f:71:c3:7f:85:5f:a5:e0:5a:26:50:
aa:f9:4f:0b:8e:df:61:3f:8d:7c:e5:ad:03:5c:15:60:9b:24:
31:b4:25:15
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIDAVWrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE3MTYzODI5WhcNMjYwNjE2MTYzODI5WjAYMRYw
FAYDVQQDEw02ODI4YmI4YS0wNDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo04RUEjVRhNUOYY3RADeVxkSmCkYb05DoFLY3wX2hA001hNqNKtKYN4i
nyNW+coim9XtiUVwhKK2qdVS0KGNna2pp2v7nNAVx/wG4Oe0Z1+HmsmOj3+8Oxj6
WdVjZ/Oj+O0fyrveBJJslbQTaLrCjHz3Sy4JhkpLafQNZET9YhikdsKgihQkS/Pm
E2W+Zddimv+YaQxvn+J9OgC8jHKYKS8ScJTo3EqKpNnT996VE7nG2+6tHm7v2U2g
hkRL0J95KAAOogBix9ryvnDAb0TLQdcfMj0j/ZbbXIqlArnD+PEBoCQ6rqTA3/y8
P9mxEUknhFWRQgmfEE8f0qZwAORS4wIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFKUg
2ItjU5PrQQIZ8xVQa2EAKaveMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RjUzRkU5NjMzM0QxMUYwOERCNUE2QzNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQALcYAMAwDBAQtxhADBAEtxhgD
BAAtxiEwDAMEAC3JAQMEAy3JAAMEAC3OIjANBgkqhkiG9w0BAQsFAAOCAQEApmuE
uFRryA0GMWWYrlW0Q4uwqc9DYoawcXOd2wfsaHKwwAUhefyWylDQDZRDqVFlY5DV
BFc0xDDSaCZo+anEFVx8VHkSeDU//nZSqB6luKPoFTpFQfh12j1ojcS5tbjPv9Nv
K6TuOT8GLVzAAlR7QvXFkUytW6lHj8eQ2V2NaCR3SST6Pd/qwB7gvA3paOfmS9C3
nkXiW7CQpY2tBII7J6i8P2u4yGwWh0ZmescZ6vsTSjDZ8yvRVvCIjVLwA+P4Kx56
iZGxME/kMyC6qYGSfnXFwFGv8WMbWD1Zx4WQBS9xw3+FX6XgWiZQqvlPC47fYT+N
fOWtA1wVYJskMbQlFQ==
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:46:15 2025 by rpki-client