Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF3422843D6D11F08E4F74C1DAE4EC9C.roa
File: BF3422843D6D11F08E4F74C1DAE4EC9C.roa (raw, json)
Hash identifier: KmmP/QqKYsjDT5sK4acsCBlxTLUN4W5dKPRIF5K+dcs=
Subject key identifier: D7:C2:AF:99:F9:77:49:EB:9D:F1:DB:51:17:C5:8C:5B:2D:27:2E:97
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0158F9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF3422843D6D11F08E4F74C1DAE4EC9C.roa
Signing time: Fri 30 May 2025 15:50:02 +0000
ROA not before: Fri 30 May 2025 15:49:57 +0000
ROA not after: Mon 09 Jun 2025 15:49:57 +0000
asID: 54600
IP address blocks: 45.195.112.0/21 maxlen: 24
45.195.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88313 (0x158f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 30 15:49:57 2025 GMT
Not After : Jun 9 15:49:57 2025 GMT
Subject: CN=6839d3aa-5dc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e8:8d:85:6e:ce:6d:34:c1:a1:47:57:55:51:
05:fb:5b:94:2b:c2:19:be:15:e2:98:bd:ae:a8:80:
3b:37:c7:d1:13:7d:0b:3c:c7:f2:ae:3e:04:d9:13:
56:c6:ed:59:ee:1d:53:09:55:e9:12:9c:77:50:67:
dc:71:30:2b:f3:fe:81:18:e6:87:64:48:ee:2c:f4:
ed:c3:a6:cf:8f:dd:fd:ca:df:22:c2:e7:89:ee:e6:
ba:d0:6a:08:ca:f7:33:5a:67:a4:7e:49:1e:64:41:
10:ae:54:cf:22:77:f5:e0:d6:ac:b9:35:ca:bd:fa:
d8:2f:49:8c:10:38:04:ee:8c:79:78:d2:8f:ca:fe:
38:bc:75:42:a8:5e:ab:01:90:e6:31:d0:97:18:2b:
31:3a:a9:cb:ea:7c:35:d9:ac:32:aa:30:4e:f6:0f:
5f:1e:f3:99:cf:77:a2:7c:ca:98:c7:a9:4c:50:b2:
de:29:54:8c:3c:80:8f:78:a7:17:ad:f5:4f:04:91:
5d:9c:5b:de:c1:ef:47:2f:3a:a5:4e:7b:2f:16:b7:
08:82:1b:14:98:ac:42:ec:29:69:f4:1a:d1:ae:a4:
b9:c9:21:8a:1c:70:d8:5a:f9:c2:b0:d3:18:45:53:
aa:2f:a6:c8:d6:bf:18:a0:b1:f2:4c:ab:e4:73:80:
43:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C2:AF:99:F9:77:49:EB:9D:F1:DB:51:17:C5:8C:5B:2D:27:2E:97
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF3422843D6D11F08E4F74C1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.112.0/20
Signature Algorithm: sha256WithRSAEncryption
87:ec:59:11:5b:ae:6a:d3:fd:f6:3c:c0:9b:88:f8:51:1a:ba:
05:eb:37:00:81:7e:22:0f:7b:62:e7:5c:3e:f8:02:20:fe:55:
1e:0e:39:45:44:ef:4d:2c:95:ee:8e:0f:a4:3b:05:73:c9:9d:
0d:1c:e6:a8:41:cb:20:f6:8f:62:65:19:d2:65:c1:0d:3a:82:
1e:21:ee:e4:dd:2b:6e:72:9a:4a:25:73:d6:6c:56:64:c7:e8:
31:db:e9:86:88:ae:2c:03:22:3d:eb:dd:9c:e0:60:3a:f5:f2:
16:ed:bc:db:b9:05:96:fe:25:6d:ef:89:a9:c9:34:b9:d8:e7:
80:c4:61:77:3f:31:e0:14:c3:1b:68:82:19:e3:77:a1:ed:29:
ec:ea:2c:87:59:0e:6c:1a:81:f8:6e:12:5c:be:1d:9f:7d:b1:
1f:3d:cb:e8:33:04:a9:e6:20:c6:ee:d2:1e:a2:ef:ec:44:f7:
d4:20:b3:5a:cd:46:0d:18:03:06:07:36:4f:da:a8:23:3e:6b:
a2:e1:ef:94:d6:8c:84:88:21:24:18:2d:a6:19:0f:36:2b:f4:
2d:a3:08:6d:35:53:30:30:25:74:1d:3c:08:4f:30:be:09:5d:
32:95:8d:41:df:d1:7d:10:11:8c:51:0e:2a:a9:78:63:10:8c:
95:b5:6c:65
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVj5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTMwMTU0OTU3WhcNMjUwNjA5MTU0OTU3WjAYMRYw
FAYDVQQDEw02ODM5ZDNhYS01ZGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzuiNhW7ObTTBoUdXVVEF+1uUK8IZvhXimL2uqIA7N8fRE30LPMfyrj4E
2RNWxu1Z7h1TCVXpEpx3UGfccTAr8/6BGOaHZEjuLPTtw6bPj939yt8iwueJ7ua6
0GoIyvczWmekfkkeZEEQrlTPInf14NasuTXKvfrYL0mMEDgE7ox5eNKPyv44vHVC
qF6rAZDmMdCXGCsxOqnL6nw12awyqjBO9g9fHvOZz3eifMqYx6lMULLeKVSMPICP
eKcXrfVPBJFdnFvewe9HLzqlTnsvFrcIghsUmKxC7Clp9BrRrqS5ySGKHHDYWvnC
sNMYRVOqL6bI1r8YoLHyTKvkc4BDvwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNfC
r5n5d0nrnfHbURfFjFstJy6XMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRjM0MjI4NDNENkQxMUYwOEU0Rjc0QzFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcNwMA0GCSqGSIb3DQEBCwUA
A4IBAQCH7FkRW65q0/32PMCbiPhRGroF6zcAgX4iD3ti51w++AIg/lUeDjlFRO9N
LJXujg+kOwVzyZ0NHOaoQcsg9o9iZRnSZcENOoIeIe7k3StucppKJXPWbFZkx+gx
2+mGiK4sAyI9692c4GA69fIW7bzbuQWW/iVt74mpyTS52OeAxGF3PzHgFMMbaIIZ
43eh7Sns6iyHWQ5sGoH4bhJcvh2ffbEfPcvoMwSp5iDG7tIeou/sRPfUILNazUYN
GAMGBzZP2qgjPmui4e+U1oyEiCEkGC2mGQ82K/QtowhtNVMwMCV0HTwITzC+CV0y
lY1B39F9EBGMUQ4qqXhjEIyVtWxl
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:46:41 2025 by rpki-client