Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2AF918230F111F0B44AAEE5DAE4EC9C.roa
File: D2AF918230F111F0B44AAEE5DAE4EC9C.roa (raw, json)
Hash identifier: PBVLjk2zvQuYSQCTQJ6CWj6Lwrk/DA+EJ64e7X0jteU=
Subject key identifier: 54:1B:DE:7D:4F:B4:B1:E8:05:FA:32:D2:9B:FC:EB:26:B6:40:E2:C4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015452
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2AF918230F111F0B44AAEE5DAE4EC9C.roa
Signing time: Wed 14 May 2025 18:32:43 +0000
ROA not before: Wed 14 May 2025 18:32:38 +0000
ROA not after: Thu 05 Jun 2025 18:32:38 +0000
asID: 27951
IP address blocks: 45.195.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87122 (0x15452)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 14 18:32:38 2025 GMT
Not After : Jun 5 18:32:38 2025 GMT
Subject: CN=6824e1cb-07ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e6:af:0d:03:ff:81:82:b6:d1:92:12:64:7d:
08:e1:c3:a4:68:69:c4:8d:d5:d1:a9:fe:c5:1c:25:
17:22:3b:52:c1:27:ea:e6:50:38:c0:63:b3:60:66:
e0:9c:fb:bf:8d:83:bc:9b:2d:55:99:f4:f6:d8:ef:
f5:b9:9c:ef:50:ff:60:d8:e8:b2:ba:e9:7f:25:da:
5f:f4:ef:fa:90:61:da:a8:84:2c:39:6b:22:69:34:
b0:84:7a:42:14:89:b1:9f:3c:65:d4:e6:27:4a:0d:
a0:76:af:3c:76:cf:d9:f2:36:c4:84:ed:69:5c:71:
e0:6e:23:7d:e4:34:59:7d:35:21:ea:16:63:24:a0:
f7:b5:dc:ef:51:77:9a:61:86:df:42:c1:d1:38:73:
e1:ad:ba:fc:e7:94:7c:aa:b4:c9:4c:98:10:d5:97:
6a:81:ca:0b:70:14:eb:08:ee:eb:fa:ec:72:b3:f1:
d5:c7:51:53:5d:58:86:7f:2d:a2:25:6a:3a:8f:d9:
3d:92:18:6c:dd:2d:9c:a8:f6:34:74:33:98:85:05:
b0:2f:5c:3d:df:26:93:89:c5:9d:d8:b2:2b:54:27:
84:6e:cb:3a:2d:e8:94:2c:98:7a:53:5f:20:51:be:
ce:34:ee:ff:60:96:2d:a8:f3:fe:41:75:30:36:1d:
21:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:1B:DE:7D:4F:B4:B1:E8:05:FA:32:D2:9B:FC:EB:26:B6:40:E2:C4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2AF918230F111F0B44AAEE5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.68.0/24
Signature Algorithm: sha256WithRSAEncryption
25:42:f6:66:7f:de:ea:d9:1b:a7:92:bc:17:d2:ba:b6:66:17:
6c:fb:0e:ba:27:89:5e:1c:c8:25:ab:81:a2:ef:73:93:0c:5b:
bb:f0:31:4d:e3:e5:7b:e2:85:6d:0c:e1:5d:c2:ff:2c:c5:45:
eb:c8:16:d0:a4:1b:88:35:2b:b8:1e:8a:3a:b2:e7:c2:a4:3f:
34:ac:fa:57:43:3f:ad:d6:45:22:46:e7:bc:4b:19:34:55:26:
0e:c9:48:ac:07:d2:08:84:b9:97:b1:2c:11:18:c1:51:99:f1:
b9:9b:72:ad:59:e1:1d:03:5b:25:6f:73:ed:4b:3d:3d:90:11:
3b:ee:ca:75:3c:87:76:3e:50:9e:67:5b:9f:a6:e2:4a:5e:d8:
58:cb:1c:13:7b:77:5e:6d:24:4d:d8:17:0e:7d:8c:0e:4d:f3:
ec:67:f9:b5:86:6d:2b:5f:fc:df:75:8d:1d:04:0f:82:a2:2e:
88:92:2e:9f:64:db:cc:75:0f:52:c4:f2:c4:53:0e:35:eb:01:
eb:9a:b2:44:2b:98:70:9c:f2:42:19:92:d5:8c:42:f5:03:50:
15:35:88:28:01:6c:96:15:87:ea:96:52:94:22:16:ad:96:9e:
f2:51:ae:56:a5:5b:15:39:55:af:97:2f:20:cf:d2:b8:5e:16:
2a:82:9c:de
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVRSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE0MTgzMjM4WhcNMjUwNjA1MTgzMjM4WjAYMRYw
FAYDVQQDEw02ODI0ZTFjYi0wN2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzuavDQP/gYK20ZISZH0I4cOkaGnEjdXRqf7FHCUXIjtSwSfq5lA4wGOz
YGbgnPu/jYO8my1VmfT22O/1uZzvUP9g2Oiyuul/Jdpf9O/6kGHaqIQsOWsiaTSw
hHpCFImxnzxl1OYnSg2gdq88ds/Z8jbEhO1pXHHgbiN95DRZfTUh6hZjJKD3tdzv
UXeaYYbfQsHROHPhrbr855R8qrTJTJgQ1ZdqgcoLcBTrCO7r+uxys/HVx1FTXViG
fy2iJWo6j9k9khhs3S2cqPY0dDOYhQWwL1w93yaTicWd2LIrVCeEbss6LeiULJh6
U18gUb7ONO7/YJYtqPP+QXUwNh0hswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFQb
3n1PtLHoBfoy0pv86ya2QOLEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMkFGOTE4MjMwRjExMUYwQjQ0QUFFRTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcNEMA0GCSqGSIb3DQEBCwUA
A4IBAQAlQvZmf97q2RunkrwX0rq2Zhds+w66J4leHMglq4Gi73OTDFu78DFN4+V7
4oVtDOFdwv8sxUXryBbQpBuINSu4Hoo6sufCpD80rPpXQz+t1kUiRue8Sxk0VSYO
yUisB9IIhLmXsSwRGMFRmfG5m3KtWeEdA1slb3PtSz09kBE77sp1PId2PlCeZ1uf
puJKXthYyxwTe3debSRN2BcOfYwOTfPsZ/m1hm0rX/zfdY0dBA+Coi6Iki6fZNvM
dQ9SxPLEUw416wHrmrJEK5hwnPJCGZLVjEL1A1AVNYgoAWyWFYfqllKUIhatlp7y
Ua5WpVsVOVWvly8gz9K4XhYqgpze
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:42:58 2025 by rpki-client