Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/899EC6EE37D011F09C3E1CBADAE4EC9C.roa
File: 899EC6EE37D011F09C3E1CBADAE4EC9C.roa (raw, json)
Hash identifier: gZ8VOFfaUcY8uB6bOFbmMD/IM7fbwSEr0FmMZDW1THo=
Subject key identifier: F2:04:20:F6:70:DA:1D:51:CB:E8:25:B5:08:59:F0:4C:31:32:AB:FE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0156D5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/899EC6EE37D011F09C3E1CBADAE4EC9C.roa
Signing time: Fri 23 May 2025 12:22:06 +0000
ROA not before: Fri 23 May 2025 12:22:00 +0000
ROA not after: Thu 26 Jun 2025 12:22:00 +0000
asID: 174
IP address blocks: 45.202.111.0/24 maxlen: 24
45.202.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87765 (0x156d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 12:22:00 2025 GMT
Not After : Jun 26 12:22:00 2025 GMT
Subject: CN=6830686d-465a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c9:af:4d:22:f6:e6:9f:01:56:93:98:00:f5:
36:b6:ad:0f:ca:2f:10:50:de:c1:c5:fe:8f:74:d0:
58:6f:83:89:dc:bd:ec:ab:a4:2d:2e:18:21:22:11:
09:b4:3f:0b:82:c9:6c:e1:7b:03:30:ab:fa:84:13:
2c:b3:58:e8:68:88:36:e2:e2:6b:ac:b3:95:95:23:
cf:ee:05:01:d8:89:5d:b4:03:4a:fb:c0:53:4c:4f:
41:d8:77:1e:58:e7:47:19:b1:a4:0e:95:59:88:15:
2b:d8:bb:b0:5b:61:13:c4:17:b9:ad:05:dc:c4:77:
05:e5:6d:99:a5:70:c3:b8:1e:97:e9:ee:74:5b:b8:
60:c5:75:8a:68:82:ba:d8:ff:e4:c3:e5:15:8a:2c:
73:16:3a:2b:3f:22:db:76:8d:9e:a6:fb:0a:f3:12:
e8:0b:55:1f:30:5a:32:d9:3d:2e:3d:58:e2:0f:9b:
84:5e:a7:d5:05:5e:1c:f7:ed:3f:dd:41:4d:4c:e5:
a8:d5:27:de:20:dc:c8:b8:1c:74:f7:e5:36:62:36:
bb:bb:f8:3f:da:9f:1f:98:13:84:86:f7:11:50:4e:
0d:29:b2:bf:fb:66:55:a1:c3:f7:e1:ac:48:1c:3f:
25:40:a0:53:24:d1:53:b2:66:b5:3a:d8:46:9c:11:
03:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:04:20:F6:70:DA:1D:51:CB:E8:25:B5:08:59:F0:4C:31:32:AB:FE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/899EC6EE37D011F09C3E1CBADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.111.0-45.202.112.255
Signature Algorithm: sha256WithRSAEncryption
bb:e5:5c:3d:fd:80:eb:e1:73:82:1d:7d:cf:4b:1f:f6:74:bc:
ef:7d:7e:cf:49:3d:67:1f:a5:84:57:02:be:fd:ad:f8:62:48:
02:0e:2b:e8:75:90:be:1c:18:53:64:b3:10:6b:a9:54:86:1d:
0f:fb:ab:06:f5:7d:27:7d:f4:7f:1b:cd:c9:7d:c1:a1:bd:e7:
c3:9b:91:2e:81:8b:4b:fa:26:75:76:a5:93:70:06:e4:de:97:
43:8e:73:67:a6:95:c7:b8:3e:34:e7:78:0f:9e:e4:a5:66:01:
94:e0:51:81:5f:ca:7f:c2:bc:17:a7:df:65:a1:71:a7:e1:ee:
d3:e5:9b:57:67:3f:82:9f:d8:e5:f3:77:42:1c:5c:cd:61:ec:
ca:c2:d4:3f:e9:c4:02:76:f8:92:06:5b:7b:73:55:2d:bc:cc:
83:ae:13:ce:7e:9f:d3:a5:d3:4d:0c:23:75:b9:39:72:24:51:
43:63:d0:64:4a:13:74:b5:7d:59:27:f2:45:23:0f:c9:c3:b8:
ba:e1:50:f3:8a:f5:bd:b3:2a:55:6e:34:81:08:39:2d:ba:80:
ac:7d:f1:54:cc:da:3b:d6:44:20:ce:ab:93:ea:e8:d5:7b:cd:
a7:fb:99:cc:a5:c6:e9:a0:e0:2a:41:75:e2:2f:b1:82:37:15:
99:fa:31:c2
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVbVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIzMTIyMjAwWhcNMjUwNjI2MTIyMjAwWjAYMRYw
FAYDVQQDEw02ODMwNjg2ZC00NjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoMmvTSL25p8BVpOYAPU2tq0Pyi8QUN7Bxf6PdNBYb4OJ3L3sq6QtLhgh
IhEJtD8Lgsls4XsDMKv6hBMss1joaIg24uJrrLOVlSPP7gUB2IldtANK+8BTTE9B
2HceWOdHGbGkDpVZiBUr2LuwW2ETxBe5rQXcxHcF5W2ZpXDDuB6X6e50W7hgxXWK
aIK62P/kw+UViixzFjorPyLbdo2epvsK8xLoC1UfMFoy2T0uPVjiD5uEXqfVBV4c
9+0/3UFNTOWo1SfeINzIuBx09+U2Yja7u/g/2p8fmBOEhvcRUE4NKbK/+2ZVocP3
4axIHD8lQKBTJNFTsma1OthGnBEDsQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFPIE
IPZw2h1Ry+gltQhZ8EwxMqv+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84OTlFQzZFRTM3RDAxMUYwOUMzRTFDQkFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtym8DBAAtynAwDQYJKoZI
hvcNAQELBQADggEBALvlXD39gOvhc4Idfc9LH/Z0vO99fs9JPWcfpYRXAr79rfhi
SAIOK+h1kL4cGFNksxBrqVSGHQ/7qwb1fSd99H8bzcl9waG958ObkS6Bi0v6JnV2
pZNwBuTel0OOc2emlce4PjTneA+e5KVmAZTgUYFfyn/CvBen32Whcafh7tPlm1dn
P4Kf2OXzd0IcXM1h7MrC1D/pxAJ2+JIGW3tzVS28zIOuE85+n9Ol000MI3W5OXIk
UUNj0GRKE3S1fVkn8kUjD8nDuLrhUPOK9b2zKlVuNIEIOS26gKx98VTM2jvWRCDO
q5Pq6NV7zaf7mcylxumg4CpBdeIvsYI3FZn6McI=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:31:46 2025 by rpki-client