Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F5A0875E37EB11F0B57744E7DAE4EC9C.roa
File: F5A0875E37EB11F0B57744E7DAE4EC9C.roa (raw, json)
Hash identifier: kMAWSNX+dlDSqvck2+tww6PtzAghsTk9j6jK805S9/4=
Subject key identifier: 42:CE:07:A1:22:5E:0F:69:C7:C9:4B:6F:CA:23:EA:26:B7:20:D8:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0156F5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F5A0875E37EB11F0B57744E7DAE4EC9C.roa
Signing time: Fri 23 May 2025 15:38:23 +0000
ROA not before: Fri 23 May 2025 15:38:18 +0000
ROA not after: Mon 30 Jun 2025 15:38:18 +0000
asID: 202656
IP address blocks: 45.195.208.0/24 maxlen: 24
45.195.209.0/24 maxlen: 24
45.199.135.0/24 maxlen: 24
45.199.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87797 (0x156f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 15:38:18 2025 GMT
Not After : Jun 30 15:38:18 2025 GMT
Subject: CN=6830966f-6f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:70:90:4d:90:c9:65:50:58:ec:6e:f2:a5:ae:
4d:98:b0:02:a8:82:5a:09:67:4e:4c:5e:3b:6c:5a:
f7:64:45:9a:d9:f2:29:f4:df:b4:f5:cc:5a:13:66:
cc:18:db:13:91:0a:db:d2:9d:8b:af:df:9e:f9:f8:
ba:c0:90:10:81:d1:1c:c6:7b:cc:9e:9f:bb:4a:05:
d1:a1:90:40:c0:9d:8e:23:22:9f:52:67:4c:4e:9b:
c7:a5:de:7b:f3:f5:af:ff:b6:42:a4:37:4a:96:0e:
b8:e3:ca:29:57:a7:d2:12:46:27:8a:b1:b7:1e:f5:
dd:a2:92:1e:47:ea:40:5a:2d:bc:1d:47:73:5e:fe:
5e:bd:af:82:0c:fd:98:b8:71:96:00:51:24:ae:61:
88:ac:56:30:c9:2d:35:b2:aa:19:a1:ce:4b:53:04:
57:f5:a6:47:6e:3f:20:9b:8b:95:95:a4:fd:64:59:
45:6c:7a:ee:6e:40:98:d3:d8:23:9b:3b:40:57:04:
dd:3a:0d:b6:0b:c4:97:b8:12:12:ed:40:cd:f9:33:
93:a6:28:23:b2:d0:7e:95:36:53:4e:fa:7b:a9:40:
3d:bd:df:b4:ee:28:cd:1a:eb:72:d6:29:ea:e6:4a:
6b:9a:33:c6:03:e8:8d:d3:1d:a5:41:21:e4:3e:bb:
68:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:CE:07:A1:22:5E:0F:69:C7:C9:4B:6F:CA:23:EA:26:B7:20:D8:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F5A0875E37EB11F0B57744E7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.208.0/23
45.199.135.0-45.199.136.255
Signature Algorithm: sha256WithRSAEncryption
7f:f5:53:58:5e:15:38:2f:e0:80:8c:9c:1c:8b:3d:e7:1d:68:
2b:84:2a:f9:fd:b3:d4:1f:77:64:0e:21:6f:18:7c:b0:83:ee:
b1:b4:20:9c:4b:fe:68:33:6c:62:e8:cb:df:e8:28:fc:c9:0a:
50:39:7a:e8:32:ec:d4:d2:8d:82:3e:b8:0b:6a:ce:30:13:13:
9d:8c:be:e8:0d:e7:05:9f:56:6c:f6:c0:e4:c5:28:34:ba:44:
d9:5c:a1:b2:85:89:f8:51:4c:dc:57:96:73:fb:df:e7:5d:32:
ce:4e:31:ae:92:5f:d0:08:15:3a:4e:40:0b:0a:fb:da:a3:aa:
1a:67:7e:9b:18:6b:6b:fa:d9:b4:cf:b3:05:1f:49:89:95:d7:
13:14:8a:c5:be:3c:bf:ef:38:39:ba:50:97:59:ab:6b:a8:76:
9d:72:e7:6f:b1:a2:61:24:c3:8d:54:1b:f2:6a:26:90:bd:75:
4b:bd:88:fd:d5:bf:a5:99:ab:1c:ae:f9:55:f9:b9:55:6d:4b:
77:64:eb:0c:55:49:c9:76:a6:fa:c8:4f:54:16:f2:32:59:8c:
a9:ee:31:b2:17:7a:a9:34:88:59:bb:ae:a4:6d:bc:d9:97:b6:
2f:4d:22:87:b5:68:ff:8d:b0:7e:03:26:ba:39:52:71:98:b3:
0e:0a:fe:1d
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAVb1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIzMTUzODE4WhcNMjUwNjMwMTUzODE4WjAYMRYw
FAYDVQQDEw02ODMwOTY2Zi02Zjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAynCQTZDJZVBY7G7ypa5NmLACqIJaCWdOTF47bFr3ZEWa2fIp9N+09cxa
E2bMGNsTkQrb0p2Lr9+e+fi6wJAQgdEcxnvMnp+7SgXRoZBAwJ2OIyKfUmdMTpvH
pd578/Wv/7ZCpDdKlg6448opV6fSEkYnirG3HvXdopIeR+pAWi28HUdzXv5eva+C
DP2YuHGWAFEkrmGIrFYwyS01sqoZoc5LUwRX9aZHbj8gm4uVlaT9ZFlFbHrubkCY
09gjmztAVwTdOg22C8SXuBIS7UDN+TOTpigjstB+lTZTTvp7qUA9vd+07ijNGuty
1inq5kprmjPGA+iN0x2lQSHkPrto+QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFELO
B6EiXg9px8lLb8oj6ia3INjlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNUEwODc1RTM3RUIxMUYwQjU3NzQ0RTdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBLcPQMAwDBAAtx4cDBAAtx4gw
DQYJKoZIhvcNAQELBQADggEBAH/1U1heFTgv4ICMnByLPecdaCuEKvn9s9Qfd2QO
IW8YfLCD7rG0IJxL/mgzbGLoy9/oKPzJClA5eugy7NTSjYI+uAtqzjATE52MvugN
5wWfVmz2wOTFKDS6RNlcobKFifhRTNxXlnP73+ddMs5OMa6SX9AIFTpOQAsK+9qj
qhpnfpsYa2v62bTPswUfSYmV1xMUisW+PL/vODm6UJdZq2uodp1y52+xomEkw41U
G/JqJpC9dUu9iP3Vv6WZqxyu+VX5uVVtS3dk6wxVScl2pvrIT1QW8jJZjKnuMbIX
eqk0iFm7rqRtvNmXti9NIoe1aP+NsH4DJro5UnGYsw4K/h0=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:34:00 2025 by rpki-client