Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72746AE63BC711F0B7E8DD8BDAE4EC9C.roa
File: 72746AE63BC711F0B7E8DD8BDAE4EC9C.roa (raw, json)
Hash identifier: FNedOi9WwniehXV1qqrysElndHQ8J+0JKU5PPJICGb4=
Subject key identifier: 49:9C:29:AD:05:7F:98:B0:A5:5A:ED:5C:E2:C7:11:DF:D5:22:7C:3B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015877
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72746AE63BC711F0B7E8DD8BDAE4EC9C.roa
Signing time: Wed 28 May 2025 13:27:06 +0000
ROA not before: Wed 28 May 2025 13:27:01 +0000
ROA not after: Fri 27 Jun 2025 13:27:01 +0000
asID: 138456
IP address blocks: 45.202.194.0/23 maxlen: 24
45.202.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88183 (0x15877)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 13:27:01 2025 GMT
Not After : Jun 27 13:27:01 2025 GMT
Subject: CN=68370f2a-ef61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:5c:0b:c2:33:9a:6b:17:64:6b:3e:17:9b:34:
f5:17:9f:2f:00:c2:d4:c0:ce:14:53:d0:9e:4d:f0:
21:e1:fd:d6:dc:2d:1c:d4:a8:a1:5c:51:b2:55:ac:
96:82:80:f6:74:0e:be:5a:1e:d1:3d:d8:c6:de:2a:
d0:54:20:cb:b9:8f:a0:ea:36:ea:65:de:88:cf:9a:
75:82:96:2e:bc:c6:79:82:94:03:9a:97:13:39:33:
38:61:6f:31:b6:62:89:25:7c:56:52:1a:fb:5a:31:
49:28:8b:ae:79:c9:e2:ed:b6:ee:65:9c:74:1c:4a:
19:e7:04:ad:55:b9:90:2c:34:4f:45:e0:a8:67:5b:
02:5f:bd:c1:81:cf:b5:fa:f2:bc:30:03:1d:97:6c:
ab:df:d7:4d:98:14:33:5f:bd:a6:b8:6f:f3:47:7b:
43:76:23:43:42:33:05:29:90:bf:44:a0:2d:6d:a0:
13:ae:7f:db:97:cb:8c:6b:f5:5e:e6:af:f1:0a:27:
d0:51:e5:bc:8c:dc:6e:88:24:59:45:39:07:5f:c7:
b2:9e:76:8c:3b:55:f3:77:c6:67:1d:6a:e1:f2:18:
28:79:30:ea:53:b3:06:a5:c5:ca:2d:a2:ca:6d:af:
4d:66:d6:9d:0b:61:10:9e:4e:29:ce:6a:05:52:91:
e0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:9C:29:AD:05:7F:98:B0:A5:5A:ED:5C:E2:C7:11:DF:D5:22:7C:3B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72746AE63BC711F0B7E8DD8BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.194.0-45.202.196.255
Signature Algorithm: sha256WithRSAEncryption
4d:3c:3b:8a:4f:e1:54:f4:08:5b:90:0e:5a:74:4d:cc:e5:a2:
ae:dd:c8:0c:9b:1b:29:c9:c0:39:fc:f3:4c:01:8e:9d:55:fb:
6b:ef:21:e7:c7:e2:37:cd:b2:76:79:20:ad:8f:e0:01:20:83:
0b:10:d6:8e:27:3d:b1:6c:ff:55:4a:17:e6:43:21:c6:cc:70:
57:17:da:9e:a5:fa:87:8f:5e:77:e4:39:2f:b5:2a:be:18:65:
6a:b9:5c:6f:8d:b8:74:76:4a:be:83:be:32:9c:11:c8:ee:e5:
6a:57:bd:79:31:55:c1:71:3c:8c:4d:ef:da:49:33:9f:9c:33:
99:03:14:d9:87:3f:d8:de:6d:7f:6a:52:a3:14:d3:66:4a:63:
73:de:5c:6f:3d:5e:9b:c7:11:23:4e:41:8a:f8:4b:ae:ab:fc:
ec:48:2f:f8:36:76:80:75:5f:9e:26:d2:7f:e0:97:e3:90:11:
dc:63:f5:02:0e:63:f0:8a:a9:bd:b3:06:c0:6e:41:31:82:56:
24:ea:1e:83:41:7b:ab:a0:bb:07:73:62:40:40:89:24:bb:34:
ab:51:95:7a:69:32:0a:38:29:a6:cb:fe:17:4b:07:f5:44:da:
84:08:c1:db:1e:07:85:f6:93:cf:13:ab:0c:62:d4:d6:d5:9e:
c3:a6:b6:16
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVh3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MTMyNzAxWhcNMjUwNjI3MTMyNzAxWjAYMRYw
FAYDVQQDEw02ODM3MGYyYS1lZjYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9lwLwjOaaxdkaz4XmzT1F58vAMLUwM4UU9CeTfAh4f3W3C0c1KihXFGy
VayWgoD2dA6+Wh7RPdjG3irQVCDLuY+g6jbqZd6Iz5p1gpYuvMZ5gpQDmpcTOTM4
YW8xtmKJJXxWUhr7WjFJKIuuecni7bbuZZx0HEoZ5wStVbmQLDRPReCoZ1sCX73B
gc+1+vK8MAMdl2yr39dNmBQzX72muG/zR3tDdiNDQjMFKZC/RKAtbaATrn/bl8uM
a/Ve5q/xCifQUeW8jNxuiCRZRTkHX8eynnaMO1Xzd8ZnHWrh8hgoeTDqU7MGpcXK
LaLKba9NZtadC2EQnk4pzmoFUpHgpQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEmc
Ka0Ff5iwpVrtXOLHEd/VInw7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83Mjc0NkFFNjNCQzcxMUYwQjdFOEREOEJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEtysIDBAAtysQwDQYJKoZI
hvcNAQELBQADggEBAE08O4pP4VT0CFuQDlp0Tczloq7dyAybGynJwDn880wBjp1V
+2vvIefH4jfNsnZ5IK2P4AEggwsQ1o4nPbFs/1VKF+ZDIcbMcFcX2p6l+oePXnfk
OS+1Kr4YZWq5XG+NuHR2Sr6DvjKcEcju5WpXvXkxVcFxPIxN79pJM5+cM5kDFNmH
P9jebX9qUqMU02ZKY3PeXG89XpvHESNOQYr4S66r/OxIL/g2doB1X54m0n/gl+OQ
Edxj9QIOY/CKqb2zBsBuQTGCViTqHoNBe6uguwdzYkBAiSS7NKtRlXppMgo4KabL
/hdLB/VE2oQIwdseB4X2k88Tqwxi1NbVnsOmthY=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:43:48 2025 by rpki-client