Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0C63A7A2A5E11F0BDB7F2F2DAE4EC9C.roa
File: F0C63A7A2A5E11F0BDB7F2F2DAE4EC9C.roa (raw, json)
Hash identifier: 3guh7dTH49TNCqdsg3ZW25Nt/lxxM0E7xUGqvJMaaSI=
Subject key identifier: CE:A1:39:68:7E:5E:6E:BF:25:74:C8:43:82:14:8C:C0:EC:32:FD:43
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015253
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0C63A7A2A5E11F0BDB7F2F2DAE4EC9C.roa
Signing time: Tue 06 May 2025 09:46:11 +0000
ROA not before: Tue 06 May 2025 09:46:06 +0000
ROA not after: Tue 10 Jun 2025 09:46:06 +0000
asID: 132566
IP address blocks: 45.198.238.0/23 maxlen: 24
45.198.240.0/22 maxlen: 24
45.198.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86611 (0x15253)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 6 09:46:06 2025 GMT
Not After : Jun 10 09:46:06 2025 GMT
Subject: CN=6819da63-939e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:08:fb:95:c6:e6:03:48:a4:d0:18:d0:76:b3:
d5:d2:ce:e3:99:56:05:0b:4c:54:25:44:3b:5d:62:
b6:82:9b:b7:87:70:63:f9:29:8f:14:a4:9f:4d:24:
88:2e:7f:8a:9c:de:48:eb:82:b8:21:48:75:67:e4:
3d:02:7c:e3:46:de:46:e4:5a:41:4f:11:62:c1:c7:
1e:1d:8f:31:39:40:6b:30:dc:3d:35:19:96:8d:81:
c9:3d:94:0d:72:51:09:18:7b:70:40:4e:34:35:36:
8f:72:22:81:f6:3d:0b:8e:7e:db:9a:b4:49:4c:56:
49:f3:1f:39:d8:49:bc:64:5f:ce:31:97:9d:0a:1c:
c7:06:dd:60:04:a1:1d:37:4e:dc:b5:7e:03:97:fc:
59:a9:aa:0b:7b:b8:27:9e:68:d3:07:65:ef:96:26:
04:ee:eb:0b:e6:5e:d9:61:d7:cf:b9:af:28:7e:7f:
e3:45:b3:1c:60:bb:9c:de:ad:7b:5f:5a:c0:a1:b7:
45:ef:1c:f7:9d:e9:86:02:2c:fb:26:5d:21:1f:87:
d0:ee:b1:39:43:3d:38:74:07:61:4a:50:4c:9f:ab:
a8:16:cd:59:9e:97:52:89:85:e9:b8:29:6b:55:92:
58:c2:4f:5a:0a:0c:ce:bf:7e:0e:a3:30:14:f2:62:
e7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A1:39:68:7E:5E:6E:BF:25:74:C8:43:82:14:8C:C0:EC:32:FD:43
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0C63A7A2A5E11F0BDB7F2F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.238.0-45.198.245.255
Signature Algorithm: sha256WithRSAEncryption
59:65:fb:a1:1d:2a:f6:dc:5c:e6:19:3f:dc:97:15:2a:cb:ad:
bc:a2:fb:b4:2f:d9:ef:26:19:fb:83:4f:d6:91:0a:91:4d:7d:
c6:f4:11:3d:d1:ac:56:4e:5a:90:f0:a9:04:52:37:37:07:59:
df:13:eb:e9:96:91:7a:99:9e:8d:78:77:f2:cd:9e:93:3b:50:
9c:8c:82:b6:c7:0d:57:9b:2b:59:de:51:33:52:45:04:bc:00:
fb:77:ec:fd:0f:d4:a2:a2:fa:b3:8f:d6:1f:5b:5f:bc:a7:51:
16:09:31:c6:a1:92:1b:58:18:97:f8:82:f1:40:6c:42:d1:5e:
78:d4:ec:4d:50:13:b5:18:0e:17:53:be:53:cc:a8:58:06:0c:
c3:dc:e2:f3:47:c6:c8:40:ae:ab:d6:4b:09:de:ff:2c:be:e8:
45:09:82:b6:29:9c:6a:5e:1d:62:b1:59:06:b6:eb:19:e6:2e:
4f:03:6a:30:5b:3e:68:ef:1f:e8:ad:fb:f5:43:0d:7b:88:48:
b2:54:e7:96:4c:b7:56:0e:da:f2:a9:59:8c:f0:74:1c:a2:3a:
92:f2:49:ef:50:27:2c:05:e2:fd:ce:a2:ee:69:0e:f6:f3:d9:
62:b4:0a:3c:c0:2e:cc:ec:23:eb:6e:af:e0:a1:8b:fc:7a:cc:
21:62:94:fb
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVJTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA2MDk0NjA2WhcNMjUwNjEwMDk0NjA2WjAYMRYw
FAYDVQQDEw02ODE5ZGE2My05MzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAowj7lcbmA0ik0BjQdrPV0s7jmVYFC0xUJUQ7XWK2gpu3h3Bj+SmPFKSf
TSSILn+KnN5I64K4IUh1Z+Q9AnzjRt5G5FpBTxFiwcceHY8xOUBrMNw9NRmWjYHJ
PZQNclEJGHtwQE40NTaPciKB9j0Ljn7bmrRJTFZJ8x852Em8ZF/OMZedChzHBt1g
BKEdN07ctX4Dl/xZqaoLe7gnnmjTB2XvliYE7usL5l7ZYdfPua8ofn/jRbMcYLuc
3q17X1rAobdF7xz3nemGAiz7Jl0hH4fQ7rE5Qz04dAdhSlBMn6uoFs1ZnpdSiYXp
uClrVZJYwk9aCgzOv34OozAU8mLniwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFM6h
OWh+Xm6/JXTIQ4IUjMDsMv1DMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMEM2M0E3QTJBNUUxMUYwQkRCN0YyRjJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEtxu4DBAEtxvQwDQYJKoZI
hvcNAQELBQADggEBAFll+6EdKvbcXOYZP9yXFSrLrbyi+7Qv2e8mGfuDT9aRCpFN
fcb0ET3RrFZOWpDwqQRSNzcHWd8T6+mWkXqZno14d/LNnpM7UJyMgrbHDVebK1ne
UTNSRQS8APt37P0P1KKi+rOP1h9bX7ynURYJMcahkhtYGJf4gvFAbELRXnjU7E1Q
E7UYDhdTvlPMqFgGDMPc4vNHxshArqvWSwne/yy+6EUJgrYpnGpeHWKxWQa26xnm
Lk8DajBbPmjvH+it+/VDDXuISLJU55ZMt1YO2vKpWYzwdByiOpLySe9QJywF4v3O
ou5pDvbz2WK0CjzALszsI+tur+Chi/x6zCFilPs=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:29:53 2025 by rpki-client