Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38DB5F1A1F4D11F0A0117DE1DAE4EC9C.roa
File: 38DB5F1A1F4D11F0A0117DE1DAE4EC9C.roa (raw, json)
Hash identifier: 8b7Z4FruYvynIaL4tlBEWOp/E4XFtgxg2/FElOk8DBg=
Subject key identifier: BF:5A:0D:51:0D:F9:CA:65:8A:38:0F:21:10:0E:CD:BB:F3:C2:FA:11
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014DE4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38DB5F1A1F4D11F0A0117DE1DAE4EC9C.roa
Signing time: Tue 22 Apr 2025 07:41:38 +0000
ROA not before: Tue 22 Apr 2025 07:41:33 +0000
ROA not after: Tue 27 May 2025 07:41:33 +0000
asID: 9304
IP address blocks: 45.196.250.0/23 maxlen: 24
45.196.252.0/23 maxlen: 24
45.196.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85476 (0x14de4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 22 07:41:33 2025 GMT
Not After : May 27 07:41:33 2025 GMT
Subject: CN=68074832-cba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:7c:db:77:45:3d:45:48:9d:24:8d:89:36:
1e:7a:09:b3:bd:ce:1c:bc:d5:84:31:7e:f7:83:db:
8c:aa:9e:77:3b:a5:9d:d5:da:2c:ce:d1:39:12:dd:
46:e1:43:1a:e5:b3:fa:88:c5:28:3b:e4:2c:9b:0b:
e2:70:da:d2:95:c2:f9:7b:7e:cc:de:13:a7:fe:b2:
2a:e6:4a:38:c7:4b:9a:1b:01:f2:52:b0:92:ef:64:
d6:d6:ee:28:3e:b3:f2:46:b2:81:01:e8:69:41:f0:
b2:03:20:80:8c:35:3c:9d:60:21:fe:54:e2:ad:a1:
78:0b:4a:50:4f:74:d9:eb:da:f8:30:7f:91:b3:e0:
c7:52:94:89:e4:61:a2:b0:08:13:dd:7c:68:ea:c8:
d2:13:c0:f3:43:30:29:94:96:4d:8c:6a:7b:d8:64:
63:f7:1a:a3:95:46:37:9d:72:a4:f4:de:b2:9a:a1:
3f:68:fe:96:06:c4:5e:f1:fe:12:a0:77:58:43:8c:
83:fe:58:61:7d:f2:0c:8c:67:6b:4d:04:c6:3d:de:
88:28:a7:24:24:8d:cc:8c:67:b1:fa:d1:98:11:db:
63:ee:bf:0f:66:1f:04:17:b0:c1:bb:60:60:db:eb:
6b:c3:6c:e2:d6:d7:79:2b:1b:7b:46:ad:d1:47:58:
bc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5A:0D:51:0D:F9:CA:65:8A:38:0F:21:10:0E:CD:BB:F3:C2:FA:11
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38DB5F1A1F4D11F0A0117DE1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.250.0-45.196.255.255
Signature Algorithm: sha256WithRSAEncryption
a3:54:e8:48:47:2a:bf:3f:d1:38:0a:47:88:2a:d7:4d:d0:08:
73:2f:23:75:81:5b:4f:6e:89:11:37:56:09:b9:40:41:dc:9b:
d0:4e:9d:71:6a:c8:f8:ea:48:04:b8:f9:a3:65:c3:05:ea:b3:
27:b2:ff:f2:8a:31:17:45:6e:66:d7:a6:5b:75:90:79:73:a1:
ee:eb:21:c5:c6:03:99:f7:2c:73:f2:09:6f:f0:0e:55:e7:45:
9f:9b:20:d6:24:14:17:7d:f7:4a:9e:82:69:bd:b4:1b:32:5f:
01:af:2a:a1:f7:dd:7f:4e:eb:6e:b4:90:b9:8a:5b:8c:20:dc:
d0:c1:a4:a3:2f:f9:3b:1d:3e:12:9e:5b:42:6e:0c:96:0a:f2:
b1:57:8c:b7:cf:8e:00:31:28:ab:dc:f8:2b:41:4a:74:44:0b:
04:1f:b5:88:80:ed:6d:f7:d4:52:e5:4c:45:18:84:eb:57:d9:
31:2d:fb:39:40:9f:7c:d3:c9:62:42:be:69:8c:4c:89:bb:60:
18:53:a8:3d:d1:5a:53:f6:2b:9f:61:4d:2a:2b:69:e1:c1:25:
8c:7b:d5:6c:a0:c8:f8:71:44:a5:de:20:f5:2c:d6:ad:2f:78:
b1:5c:ab:c9:ea:2f:58:d8:1b:1c:ee:84:ff:82:e8:97:d1:5e:
92:6d:5f:4a
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIDAU3kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDIyMDc0MTMzWhcNMjUwNTI3MDc0MTMzWjAYMRYw
FAYDVQQDEw02ODA3NDgzMi1jYmE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2PF823dFPUVInSSNiTYeegmzvc4cvNWEMX73g9uMqp53O6Wd1dosztE5
Et1G4UMa5bP6iMUoO+QsmwvicNrSlcL5e37M3hOn/rIq5ko4x0uaGwHyUrCS72TW
1u4oPrPyRrKBAehpQfCyAyCAjDU8nWAh/lTiraF4C0pQT3TZ69r4MH+Rs+DHUpSJ
5GGisAgT3Xxo6sjSE8DzQzAplJZNjGp72GRj9xqjlUY3nXKk9N6ymqE/aP6WBsRe
8f4SoHdYQ4yD/lhhffIMjGdrTQTGPd6IKKckJI3MjGex+tGYEdtj7r8PZh8EF7DB
u2Bg2+trw2zi1td5Kxt7Rq3RR1i8kQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFL9a
DVEN+cplijgPIRAOzbvzwvoRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zOERCNUYxQTFGNEQxMUYwQTAxMTdERTFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBAEtxPoDAwAtxDANBgkqhkiG
9w0BAQsFAAOCAQEAo1ToSEcqvz/ROApHiCrXTdAIcy8jdYFbT26JETdWCblAQdyb
0E6dcWrI+OpIBLj5o2XDBeqzJ7L/8ooxF0VuZtemW3WQeXOh7ushxcYDmfcsc/IJ
b/AOVedFn5sg1iQUF333Sp6Cab20GzJfAa8qoffdf07rbrSQuYpbjCDc0MGkoy/5
Ox0+Ep5bQm4MlgrysVeMt8+OADEoq9z4K0FKdEQLBB+1iIDtbffUUuVMRRiE61fZ
MS37OUCffNPJYkK+aYxMibtgGFOoPdFaU/Yrn2FNKitp4cEljHvVbKDI+HFEpd4g
9SzWrS94sVyryeovWNgbHO6E/4Lol9Fekm1fSg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:54:27 2025 by rpki-client