Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB5E8A800A1B11F0A0C0887B762E951A.roa
File: BB5E8A800A1B11F0A0C0887B762E951A.roa (raw, json)
Hash identifier: LrBCzOt4sbzJB8gFAQgtV65zIcC0DfiU8ZvjkGJTMcU=
Subject key identifier: 3A:AD:4D:83:4E:FB:5D:14:FD:2E:B5:CD:85:C5:B8:0F:BA:31:DB:FE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014844
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB5E8A800A1B11F0A0C0887B762E951A.roa
Signing time: Wed 26 Mar 2025 08:24:27 +0000
ROA not before: Wed 26 Mar 2025 08:24:23 +0000
ROA not after: Wed 22 Apr 2026 08:24:23 +0000
asID: 984
IP address blocks: 45.198.5.0/24 maxlen: 24
45.202.89.0/24 maxlen: 24
45.202.91.0/24 maxlen: 24
45.202.109.0/24 maxlen: 24
45.204.188.0/24 maxlen: 24
45.204.189.0/24 maxlen: 24
45.204.190.0/24 maxlen: 24
45.204.191.0/24 maxlen: 24
45.204.255.0/24 maxlen: 24
45.205.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84036 (0x14844)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 26 08:24:23 2025 GMT
Not After : Apr 22 08:24:23 2026 GMT
Subject: CN=67e3b9bb-1264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bb:ab:69:50:66:ed:e4:63:e4:5f:93:9c:c1:
6d:fa:46:b3:e4:af:71:f3:c6:bb:6c:bd:b1:9b:8a:
59:29:85:6a:ea:3b:aa:c0:75:91:3e:a2:bc:3d:34:
3e:1d:13:17:7d:6c:32:47:40:e7:2a:2b:aa:0f:ad:
16:0b:9a:20:52:a5:f8:47:fc:95:40:4f:3c:ed:a5:
41:c8:f1:ab:4d:95:42:37:62:82:4f:a2:d7:d5:3a:
e3:eb:06:5c:9b:cc:8f:89:d2:f8:b3:5c:56:c7:0a:
0e:7f:10:cf:da:a9:b5:8a:82:1b:a6:a3:ef:3b:a3:
a3:33:54:63:80:2f:86:20:16:9d:8d:00:4a:b5:ae:
ab:b3:25:bb:88:22:05:5b:b9:e0:1b:97:c8:8e:5c:
13:8a:eb:42:4d:73:65:20:bb:33:cd:66:41:a6:34:
7c:04:15:ea:79:34:06:8c:ee:e4:05:a2:e0:b4:ea:
40:12:c3:c9:2b:ab:de:d7:90:ac:43:62:a0:d6:25:
c4:9f:d4:9e:bf:b3:19:e7:b8:5a:5f:62:d3:9e:c6:
94:dc:a6:8a:ef:11:4e:17:99:dd:25:d4:77:14:67:
0a:19:38:c5:80:aa:81:4a:df:55:1c:09:57:1a:28:
e7:0a:ac:1f:d2:8d:4f:ef:e5:77:42:25:d6:28:86:
3f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AD:4D:83:4E:FB:5D:14:FD:2E:B5:CD:85:C5:B8:0F:BA:31:DB:FE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB5E8A800A1B11F0A0C0887B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.5.0/24
45.202.89.0/24
45.202.91.0/24
45.202.109.0/24
45.204.188.0/22
45.204.255.0/24
45.205.136.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:ea:cd:2e:51:22:fd:f0:73:59:ce:e7:3b:86:07:64:77:bc:
1c:f7:77:3d:bc:12:ba:c7:85:2d:98:cd:b8:26:01:e8:72:44:
d8:91:d2:ff:9b:36:42:67:12:e3:1f:f2:ea:19:b0:58:31:a2:
9d:41:a9:b3:62:41:31:5a:6a:1a:dd:78:f0:23:63:c8:0e:e8:
33:a8:06:68:2c:89:5a:c3:fd:56:35:53:08:4f:9b:e6:eb:fa:
d5:33:b9:47:3c:96:e8:1d:28:b3:7b:97:66:4b:1c:15:9d:b0:
d5:2d:95:7c:8f:fa:21:e9:db:5c:d5:fb:54:1e:d4:bf:86:16:
aa:6c:2d:7e:e0:aa:d3:b6:cc:8b:2c:a9:ab:57:37:22:0e:df:
28:6a:c5:23:ee:43:52:0c:68:4b:3d:43:16:25:bf:80:ea:f5:
3d:80:68:58:21:b3:62:fb:07:66:8e:6b:33:71:0e:ad:37:a5:
0e:24:ab:18:dd:a7:e4:f8:b1:a4:5e:8d:dc:d5:b4:a5:1a:2b:
74:11:2d:3a:8c:d0:27:18:20:51:4b:3e:f1:2d:2d:b8:ec:90:
67:0b:cb:a7:42:d2:4a:55:24:e0:5e:88:39:d9:e0:1c:23:d2:
49:d8:e7:2c:be:00:2c:0a:15:92:7e:78:c0:94:f1:77:8e:e6:
dd:79:dc:11
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIDAUhEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI2MDgyNDIzWhcNMjYwNDIyMDgyNDIzWjAYMRYw
FAYDVQQDEw02N2UzYjliYi0xMjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwLuraVBm7eRj5F+TnMFt+kaz5K9x88a7bL2xm4pZKYVq6juqwHWRPqK8
PTQ+HRMXfWwyR0DnKiuqD60WC5ogUqX4R/yVQE887aVByPGrTZVCN2KCT6LX1Trj
6wZcm8yPidL4s1xWxwoOfxDP2qm1ioIbpqPvO6OjM1RjgC+GIBadjQBKta6rsyW7
iCIFW7ngG5fIjlwTiutCTXNlILszzWZBpjR8BBXqeTQGjO7kBaLgtOpAEsPJK6ve
15CsQ2Kg1iXEn9Sev7MZ57haX2LTnsaU3KaK7xFOF5ndJdR3FGcKGTjFgKqBSt9V
HAlXGijnCqwf0o1P7+V3QiXWKIY/YQIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFDqt
TYNO+10U/S61zYXFuA+6Mdv+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQjVFOEE4MDBBMUIxMUYwQTBDMDg4N0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALcYFAwQALcpZAwQALcpbAwQA
LcptAwQCLcy8AwQALcz/AwQALc2IMA0GCSqGSIb3DQEBCwUAA4IBAQBO6s0uUSL9
8HNZzuc7hgdkd7wc93c9vBK6x4UtmM24JgHockTYkdL/mzZCZxLjH/LqGbBYMaKd
QamzYkExWmoa3XjwI2PIDugzqAZoLIlaw/1WNVMIT5vm6/rVM7lHPJboHSize5dm
SxwVnbDVLZV8j/oh6dtc1ftUHtS/hhaqbC1+4KrTtsyLLKmrVzciDt8oasUj7kNS
DGhLPUMWJb+A6vU9gGhYIbNi+wdmjmszcQ6tN6UOJKsY3afk+LGkXo3c1bSlGit0
ES06jNAnGCBRSz7xLS247JBnC8unQtJKVSTgXog52eAcI9JJ2OcsvgAsChWSfnjA
lPF3jubdedwR
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:11:49 2025 by rpki-client