Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B66C6C03C7611F0BCE64981DAE4EC9C.roa
File: 8B66C6C03C7611F0BCE64981DAE4EC9C.roa (raw, json)
Hash identifier: QDE+0d3A+6uVbNnoscBeenjd/Mk+lgS52kuy0Lj3jzI=
Subject key identifier: 26:0E:6F:D7:3C:D4:89:13:3B:F2:EA:8C:EA:58:E6:17:F5:D7:1E:B1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0158AE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B66C6C03C7611F0BCE64981DAE4EC9C.roa
Signing time: Thu 29 May 2025 10:20:29 +0000
ROA not before: Thu 29 May 2025 10:20:24 +0000
ROA not after: Sun 28 Jun 2026 10:20:24 +0000
asID: 984
IP address blocks: 45.205.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88238 (0x158ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 29 10:20:24 2025 GMT
Not After : Jun 28 10:20:24 2026 GMT
Subject: CN=683834ed-0c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:e7:17:6d:98:5d:bf:64:52:bd:95:8e:4b:04:
4c:96:40:fd:d2:aa:f9:f5:dc:28:bc:36:9c:d2:aa:
97:c6:08:63:6a:1c:af:ca:53:fe:07:22:1a:1f:3a:
72:8e:38:a2:ff:8e:20:5f:9d:87:65:35:8d:5d:d2:
e0:2c:8a:9a:d0:c7:46:21:49:e2:36:d8:bd:5d:7c:
78:68:51:da:e1:87:d0:cc:67:ec:d3:f2:5a:6d:3c:
a3:6e:7b:73:ac:f0:90:ed:f2:dd:b7:91:ee:e4:1e:
28:51:45:43:9c:75:7d:51:4e:b6:04:2c:a5:63:f6:
91:87:86:ac:10:78:b2:02:0c:28:d2:f5:7f:5c:5e:
56:e1:6c:42:3d:2d:ba:ec:58:8c:7d:b4:c9:6b:c9:
3d:b1:2a:09:8c:91:ff:00:8f:c3:82:66:d5:49:21:
f0:32:3f:b3:37:61:be:98:39:f6:48:da:c2:43:de:
db:9c:a6:c1:1e:f0:2f:b2:11:1b:5d:fe:0a:7e:1f:
3a:4b:cb:38:a7:34:8f:0e:7d:8c:f5:57:39:45:45:
72:1a:ed:af:6b:10:cc:ba:8b:f3:c9:5f:0c:f0:e1:
a7:54:73:9d:af:79:4a:4e:80:a9:5c:b6:31:7f:85:
b0:21:d3:c4:eb:f3:21:bf:78:57:0f:9f:1f:41:0f:
c6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:0E:6F:D7:3C:D4:89:13:3B:F2:EA:8C:EA:58:E6:17:F5:D7:1E:B1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B66C6C03C7611F0BCE64981DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.83.0/24
Signature Algorithm: sha256WithRSAEncryption
45:3b:7f:09:dc:3d:7c:b8:2e:1a:1b:2d:d5:85:ae:bb:ae:c0:
d4:7b:e4:a1:bd:c9:c0:7b:a0:02:df:e3:df:fe:65:4b:0e:ce:
10:5d:87:6e:81:bc:82:a8:fc:9a:46:8b:1e:5a:81:d0:c4:ee:
6f:eb:5f:bf:a3:5f:15:69:ef:76:2c:43:e8:c7:1c:21:dd:ba:
a7:3e:02:16:03:ee:97:32:c4:63:8c:c9:bf:48:8b:86:1c:99:
06:8e:c2:a3:03:38:35:19:a8:2f:47:d1:ff:2e:ef:1a:58:4f:
36:73:55:a8:38:cf:df:ec:9a:ab:26:62:1f:a3:e7:6f:7b:6d:
3b:98:f7:d5:66:aa:04:5b:f7:71:54:28:cd:dd:4e:cf:da:2e:
01:6c:b6:a7:2b:7d:c6:a8:c6:67:8e:90:a8:41:f2:cb:a0:82:
01:d5:a2:1f:f0:15:88:33:b8:11:43:b8:2e:8e:dc:f9:79:12:
79:17:ab:5d:b1:2e:57:c6:f1:24:fb:c2:cb:03:73:57:73:b7:
98:3b:e9:dd:6c:a7:94:9a:f7:80:4d:a3:73:b4:6c:59:79:5d:
3a:8c:42:1b:df:05:24:02:39:12:e5:41:87:6b:36:e3:48:71:
98:2c:10:bf:f4:4d:21:ef:39:ae:f4:8a:b9:d5:93:ec:28:04:
ef:04:af:66
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAViuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI5MTAyMDI0WhcNMjYwNjI4MTAyMDI0WjAYMRYw
FAYDVQQDEw02ODM4MzRlZC0wYzZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9+cXbZhdv2RSvZWOSwRMlkD90qr59dwovDac0qqXxghjahyvylP+ByIa
Hzpyjjii/44gX52HZTWNXdLgLIqa0MdGIUniNti9XXx4aFHa4YfQzGfs0/JabTyj
bntzrPCQ7fLdt5Hu5B4oUUVDnHV9UU62BCylY/aRh4asEHiyAgwo0vV/XF5W4WxC
PS267FiMfbTJa8k9sSoJjJH/AI/DgmbVSSHwMj+zN2G+mDn2SNrCQ97bnKbBHvAv
shEbXf4Kfh86S8s4pzSPDn2M9Vc5RUVyGu2vaxDMuovzyV8M8OGnVHOdr3lKToCp
XLYxf4WwIdPE6/Mhv3hXD58fQQ/GdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCYO
b9c81IkTO/LqjOpY5hf11x6xMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QjY2QzZDMDNDNzYxMUYwQkNFNjQ5ODFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc1TMA0GCSqGSIb3DQEBCwUA
A4IBAQBFO38J3D18uC4aGy3Vha67rsDUe+ShvcnAe6AC3+Pf/mVLDs4QXYdugbyC
qPyaRoseWoHQxO5v61+/o18Vae92LEPoxxwh3bqnPgIWA+6XMsRjjMm/SIuGHJkG
jsKjAzg1GagvR9H/Lu8aWE82c1WoOM/f7JqrJmIfo+dve207mPfVZqoEW/dxVCjN
3U7P2i4BbLanK33GqMZnjpCoQfLLoIIB1aIf8BWIM7gRQ7gujtz5eRJ5F6tdsS5X
xvEk+8LLA3NXc7eYO+ndbKeUmveATaNztGxZeV06jEIb3wUkAjkS5UGHazbjSHGY
LBC/9E0h7zmu9Iq51ZPsKATvBK9m
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:44:46 2025 by rpki-client