Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/217A35901E2011F0B17DC0F6DAE4EC9C.roa
File: 217A35901E2011F0B17DC0F6DAE4EC9C.roa (raw, json)
Hash identifier: iG3dId8mS7D3Pv3HuvatyG17+US9WN0rfet/eunySJ0=
Subject key identifier: FE:40:2E:4F:AF:FD:36:5A:17:B0:4A:50:9A:62:B8:00:2F:81:EA:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014DAF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/217A35901E2011F0B17DC0F6DAE4EC9C.roa
Signing time: Sun 20 Apr 2025 19:46:20 +0000
ROA not before: Sun 20 Apr 2025 19:46:15 +0000
ROA not after: Sun 27 Apr 2025 19:46:15 +0000
asID: 39600
IP address blocks: 45.195.152.0/22 maxlen: 24
45.195.156.0/22 maxlen: 24
45.196.128.0/22 maxlen: 24
45.196.132.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 19:46:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85423 (0x14daf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 20 19:46:15 2025 GMT
Not After : Apr 27 19:46:15 2025 GMT
Subject: CN=68054f0c-f122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:23:42:38:22:e1:8a:b4:48:94:25:8c:4e:eb:
97:59:b6:e0:bd:79:b4:a8:20:e9:cd:c7:84:73:d5:
86:e6:e6:0f:1f:83:a2:b3:9f:c5:56:21:6c:d0:97:
9f:87:79:0f:6b:45:4d:b1:a5:66:ee:a2:59:3d:1e:
23:d5:9e:0b:4f:7f:81:07:0d:16:b1:ee:90:9c:8a:
ee:8a:2a:f9:06:e8:55:cf:c4:5d:18:ba:0d:b2:1f:
e8:cf:06:b2:5b:00:46:0c:b8:1b:3d:f6:f4:64:fd:
95:92:48:97:e9:13:62:4f:22:5e:d1:f9:0c:e0:01:
2d:19:ef:b1:b0:fd:ca:39:cf:68:69:c7:eb:21:60:
38:1b:f2:ee:e8:1d:a3:29:55:c3:97:b7:93:d2:ea:
1d:cd:f4:9f:7e:36:1c:6b:bb:15:1a:70:1d:08:19:
cd:19:c0:7b:24:19:a5:16:8c:08:bc:00:8f:b4:ff:
53:78:fc:b6:5e:73:c6:c2:12:2f:1e:d6:dd:8a:3d:
6c:d4:63:67:41:8e:8d:82:24:78:58:b5:fc:85:74:
bf:77:77:28:da:1a:3f:ad:57:fc:8a:43:50:9a:24:
60:0d:7f:95:4c:ee:8f:6e:e1:94:b4:e0:73:20:c6:
5f:ef:ce:10:6b:e5:17:09:cc:8c:dc:bb:3f:5f:ee:
bc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:40:2E:4F:AF:FD:36:5A:17:B0:4A:50:9A:62:B8:00:2F:81:EA:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/217A35901E2011F0B17DC0F6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.152.0/21
45.196.128.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:8c:13:72:af:f3:b1:3c:18:dc:4d:ec:1f:b5:23:7e:0e:17:
9d:52:1f:9a:0e:1f:ef:47:8c:d5:65:81:36:3f:53:1b:80:76:
06:62:e2:dc:56:b0:ea:70:7e:7b:46:0d:d1:72:eb:34:22:36:
7e:17:ed:a8:60:00:b2:24:47:f7:d9:63:41:20:b7:97:9c:60:
e9:68:33:db:bf:fd:1a:87:b1:62:7a:90:56:d1:20:61:cf:ed:
df:13:ab:49:5f:1a:65:c1:3b:6e:58:cd:0c:81:0a:76:22:12:
5d:49:dd:69:27:da:5b:a9:22:01:f5:ba:57:f9:84:e9:ad:76:
0d:dc:f9:b9:2b:01:d1:d2:47:05:fe:9f:da:da:c2:c7:ae:48:
9d:30:15:bc:b7:61:b6:6f:21:a1:b0:49:5a:cb:d7:f6:75:71:
54:2c:66:59:da:5a:46:11:aa:9e:23:f1:94:0c:72:a8:8f:46:
11:55:ea:72:ad:56:84:d7:c5:cd:6a:11:81:5b:71:21:41:aa:
23:5b:53:9d:ec:80:3c:31:ae:f2:49:85:3a:b3:34:52:21:ed:
7b:e8:d1:14:f2:6d:d6:e5:8d:99:fd:f8:58:ce:96:7c:a7:f4:
05:28:68:03:e9:8e:6d:a2:13:ea:26:be:78:a4:2f:56:c4:0b:
6c:8b:5d:58
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAU2vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDIwMTk0NjE1WhcNMjUwNDI3MTk0NjE1WjAYMRYw
FAYDVQQDEw02ODA1NGYwYy1mMTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvCNCOCLhirRIlCWMTuuXWbbgvXm0qCDpzceEc9WG5uYPH4Ois5/FViFs
0Jefh3kPa0VNsaVm7qJZPR4j1Z4LT3+BBw0Wse6QnIruiir5BuhVz8RdGLoNsh/o
zwayWwBGDLgbPfb0ZP2VkkiX6RNiTyJe0fkM4AEtGe+xsP3KOc9oacfrIWA4G/Lu
6B2jKVXDl7eT0uodzfSffjYca7sVGnAdCBnNGcB7JBmlFowIvACPtP9TePy2XnPG
whIvHtbdij1s1GNnQY6NgiR4WLX8hXS/d3co2ho/rVf8ikNQmiRgDX+VTO6PbuGU
tOBzIMZf784Qa+UXCcyM3Ls/X+68nQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP5A
Lk+v/TZaF7BKUJpiuAAvgeo6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMTdBMzU5MDFFMjAxMUYwQjE3REMwRjZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLcOYAwQDLcSAMA0GCSqGSIb3
DQEBCwUAA4IBAQCajBNyr/OxPBjcTewftSN+DhedUh+aDh/vR4zVZYE2P1MbgHYG
YuLcVrDqcH57Rg3Rcus0IjZ+F+2oYACyJEf32WNBILeXnGDpaDPbv/0ah7FiepBW
0SBhz+3fE6tJXxplwTtuWM0MgQp2IhJdSd1pJ9pbqSIB9bpX+YTprXYN3Pm5KwHR
0kcF/p/a2sLHrkidMBW8t2G2byGhsElay9f2dXFULGZZ2lpGEaqeI/GUDHKoj0YR
VepyrVaE18XNahGBW3EhQaojW1Od7IA8Ma7ySYU6szRSIe176NEU8m3W5Y2Z/fhY
zpZ8p/QFKGgD6Y5tohPqJr54pC9WxAtsi11Y
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:55:24 2025 by rpki-client