Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F20B13DE2F2111F0A4397DCBDAE4EC9C.roa
File: F20B13DE2F2111F0A4397DCBDAE4EC9C.roa (raw, json)
Hash identifier: s+2tjaaS289YcA5nTrYox9Sit1mGGcDdZbssAH+/0VQ=
Subject key identifier: 77:2B:77:F0:BE:FF:69:A8:CD:3B:AC:BB:52:03:A8:45:31:01:D7:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015351
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F20B13DE2F2111F0A4397DCBDAE4EC9C.roa
Signing time: Mon 12 May 2025 11:12:09 +0000
ROA not before: Mon 12 May 2025 11:12:04 +0000
ROA not after: Wed 12 Nov 2025 11:12:04 +0000
asID: 328608
IP address blocks: 45.197.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86865 (0x15351)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 12 11:12:04 2025 GMT
Not After : Nov 12 11:12:04 2025 GMT
Subject: CN=6821d789-9398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:43:c7:91:9d:19:02:70:55:55:ef:8d:fb:40:
41:3f:5f:34:4f:67:33:82:c1:3b:5a:a0:29:cf:3f:
06:03:03:b1:e2:27:0e:02:44:f4:b4:7e:8b:77:92:
4a:67:8f:44:af:99:3c:3e:11:67:f5:e4:e5:c2:34:
aa:19:5b:ef:a7:20:89:94:40:be:b5:3e:9f:98:1d:
dd:88:95:4f:20:c6:0e:c5:90:a5:56:0b:4d:34:0f:
93:81:96:57:28:62:ae:ba:2b:5d:a9:37:2e:51:f2:
03:ba:99:93:e4:b2:53:6c:c5:8f:ef:6d:6f:64:e8:
8e:31:42:28:93:79:ad:c3:22:92:a5:f5:b7:88:1c:
bf:34:b4:8e:0e:39:3b:cb:ba:07:23:f3:6b:6e:7f:
46:57:fc:9f:1d:75:d6:a2:ca:93:8f:f6:79:35:aa:
dc:5f:b9:d5:e4:86:8a:ec:b6:dc:34:4a:7a:2f:86:
d0:90:0a:1e:65:f6:79:b1:96:61:31:13:c0:79:d2:
d4:b8:63:c0:39:e3:f0:ef:f2:7c:00:d2:d2:e5:d9:
e9:c3:24:4c:e8:9c:84:0f:d1:d1:04:24:29:8e:04:
22:45:66:b6:86:66:94:17:05:ce:f7:67:ce:e9:30:
e9:cb:48:dc:ff:30:50:eb:2e:b2:22:0b:c9:7d:56:
d3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:2B:77:F0:BE:FF:69:A8:CD:3B:AC:BB:52:03:A8:45:31:01:D7:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F20B13DE2F2111F0A4397DCBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.188.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:30:0f:31:0f:e6:3a:b8:d5:4e:dc:be:66:58:2b:54:7c:33:
4d:fa:d9:54:0b:37:27:21:05:81:46:cf:72:5d:b3:cb:8b:6a:
3d:0d:57:29:93:49:29:46:c0:96:e9:2f:fe:ae:0b:9b:4a:73:
90:37:66:5e:c7:4d:8a:1e:82:86:4c:bf:b8:2b:05:65:d3:37:
cd:02:4c:28:57:ad:60:4c:c0:e8:cd:8e:f4:2f:c3:2d:21:a6:
ee:fb:2e:34:f3:c2:df:92:3a:7d:ae:1b:68:54:14:c8:6c:0f:
d2:46:f5:47:83:c9:a9:c6:b4:95:91:6b:41:f6:9e:92:4f:00:
f9:c3:39:42:74:cd:f5:e6:69:f1:62:c1:3b:0e:19:3e:89:40:
fa:f0:bc:a0:62:6d:bb:38:47:23:cf:df:3a:29:d2:08:78:a4:
71:8b:25:54:24:9e:3b:bd:df:7f:7c:bf:83:23:03:c9:05:e5:
8f:4b:4a:89:01:74:a3:30:37:74:c3:f5:c2:7b:62:9c:a7:8d:
0e:b2:d9:5d:af:97:3c:3b:02:54:17:01:aa:f0:4a:7c:b8:f5:
59:74:89:16:ba:76:3f:cb:6e:11:eb:31:49:d3:86:0e:21:92:
77:ab:be:5b:6e:9b:ec:0b:a1:5c:ba:da:d1:a8:11:6e:3a:14:
ed:a7:ae:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVNRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEyMTExMjA0WhcNMjUxMTEyMTExMjA0WjAYMRYw
FAYDVQQDEw02ODIxZDc4OS05Mzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwUPHkZ0ZAnBVVe+N+0BBP180T2czgsE7WqApzz8GAwOx4icOAkT0tH6L
d5JKZ49Er5k8PhFn9eTlwjSqGVvvpyCJlEC+tT6fmB3diJVPIMYOxZClVgtNNA+T
gZZXKGKuuitdqTcuUfIDupmT5LJTbMWP721vZOiOMUIok3mtwyKSpfW3iBy/NLSO
Djk7y7oHI/Nrbn9GV/yfHXXWosqTj/Z5NarcX7nV5IaK7LbcNEp6L4bQkAoeZfZ5
sZZhMRPAedLUuGPAOePw7/J8ANLS5dnpwyRM6JyED9HRBCQpjgQiRWa2hmaUFwXO
92fO6TDpy0jc/zBQ6y6yIgvJfVbTSQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHcr
d/C+/2mozTusu1IDqEUxAdenMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMjBCMTNERTJGMjExMUYwQTQzOTdEQ0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcW8MA0GCSqGSIb3DQEBCwUA
A4IBAQCyMA8xD+Y6uNVO3L5mWCtUfDNN+tlUCzcnIQWBRs9yXbPLi2o9DVcpk0kp
RsCW6S/+rgubSnOQN2Zex02KHoKGTL+4KwVl0zfNAkwoV61gTMDozY70L8MtIabu
+y4088Lfkjp9rhtoVBTIbA/SRvVHg8mpxrSVkWtB9p6STwD5wzlCdM315mnxYsE7
Dhk+iUD68LygYm27OEcjz986KdIIeKRxiyVUJJ47vd9/fL+DIwPJBeWPS0qJAXSj
MDd0w/XCe2Kcp40Ostldr5c8OwJUFwGq8Ep8uPVZdIkWunY/y24R6zFJ04YOIZJ3
q75bbpvsC6FcutrRqBFuOhTtp66r
-----END CERTIFICATE-----
Generated at Tue Jun 3 09:13:37 2025 by rpki-client