Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39AC72DC210D11F0A348EE91DAE4EC9C.roa
File: 39AC72DC210D11F0A348EE91DAE4EC9C.roa (raw, json)
Hash identifier: a4+TTCEEdmC/B9vl28Q7qytRocUZR+bvPYb2SrRh9Q4=
Subject key identifier: B9:16:BC:CE:59:59:C4:E8:DE:3F:70:1A:04:42:90:7F:58:B3:3E:B4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014E5E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39AC72DC210D11F0A348EE91DAE4EC9C.roa
Signing time: Thu 24 Apr 2025 13:08:34 +0000
ROA not before: Thu 24 Apr 2025 13:08:29 +0000
ROA not after: Wed 30 Apr 2025 13:08:29 +0000
asID: 131471
IP address blocks: 45.195.130.0/23 maxlen: 24
45.195.194.0/23 maxlen: 24
45.195.210.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85598 (0x14e5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 24 13:08:29 2025 GMT
Not After : Apr 30 13:08:29 2025 GMT
Subject: CN=680a37d2-9071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:01:ae:f7:15:6a:05:2a:db:31:0d:73:4b:ae:
3f:68:54:84:dd:55:77:17:92:e3:74:df:44:44:f1:
ab:be:f5:c8:54:e8:3c:51:13:82:80:ad:41:18:00:
f7:8b:71:f0:1f:62:8e:9d:8f:cc:2f:f7:d8:f1:4a:
f7:91:5c:0a:08:09:75:2e:17:36:f7:3d:4d:d6:66:
b6:10:d0:cd:c0:a1:6e:1d:d4:db:2b:ec:cd:aa:e0:
bf:0c:34:16:b2:28:e9:5f:c1:68:95:32:70:0f:30:
6f:6b:6f:57:90:74:fd:26:a5:48:85:e2:3a:a5:8a:
dc:f4:f3:c0:08:10:f8:34:f0:f0:5d:67:47:68:95:
fc:e2:2d:ba:b6:f3:97:6c:b9:fc:93:77:4a:d9:77:
d1:f6:fd:77:97:5a:77:d1:be:f1:f1:2e:be:5b:60:
39:3c:d9:3a:ad:02:25:52:90:74:54:c0:8d:c6:ad:
8c:69:3d:7d:f6:71:5b:ff:ad:44:21:d6:3e:42:fe:
4b:50:4f:de:f0:bf:b0:3f:c9:0e:61:d1:d8:95:19:
63:33:ea:3f:ae:10:a9:dc:b4:87:2f:2d:df:5e:ac:
40:e8:b9:96:41:51:dd:ad:11:e7:29:c9:22:55:88:
2a:e2:f1:1c:69:54:80:05:47:95:62:04:0b:2f:06:
2f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:16:BC:CE:59:59:C4:E8:DE:3F:70:1A:04:42:90:7F:58:B3:3E:B4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39AC72DC210D11F0A348EE91DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.130.0/23
45.195.194.0/23
45.195.210.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:ab:b6:3e:14:b9:27:72:b9:52:5f:47:0b:5a:68:4c:ae:59:
6e:a8:be:6c:01:fd:ff:4b:1e:3f:da:6a:0b:a3:89:63:94:b8:
dc:16:63:aa:a4:76:95:cc:cf:1c:39:5e:ee:e6:a1:f3:f2:f2:
7c:71:4b:35:63:63:53:4b:13:c4:ac:d3:9f:ab:5a:fb:ae:a2:
12:0a:83:17:3b:df:6e:6c:b6:a1:86:5f:1c:47:fa:d5:1b:ff:
88:d7:1f:b6:cf:a6:3b:ca:66:08:3e:1e:1a:b2:87:80:94:fa:
cc:32:d4:a5:ba:ab:5f:f6:66:b9:2b:70:fa:62:5b:2e:f7:3c:
f4:d6:41:79:57:b3:35:89:85:c9:1c:ab:93:0d:e5:ef:b5:37:
d4:df:7d:2d:93:db:2d:e0:ed:59:64:8c:38:be:02:d1:55:72:
e7:74:c8:07:61:ae:65:1c:f7:a2:de:1b:37:96:c3:a3:61:33:
40:d4:ca:d6:92:24:5c:d3:74:2d:4d:0e:ed:54:56:db:d4:a8:
25:71:4c:44:d9:7a:98:f9:61:e0:78:de:9d:76:4c:ff:c2:df:
d9:65:32:28:1f:86:8f:89:2f:1f:2d:a1:a1:d5:a2:50:07:77:
e7:ef:b7:00:62:e7:89:56:92:42:96:7c:7f:f2:fa:20:67:e1:
2e:6b:f1:c1
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAU5eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI0MTMwODI5WhcNMjUwNDMwMTMwODI5WjAYMRYw
FAYDVQQDEw02ODBhMzdkMi05MDcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyAGu9xVqBSrbMQ1zS64/aFSE3VV3F5LjdN9ERPGrvvXIVOg8UROCgK1B
GAD3i3HwH2KOnY/ML/fY8Ur3kVwKCAl1Lhc29z1N1ma2ENDNwKFuHdTbK+zNquC/
DDQWsijpX8FolTJwDzBva29XkHT9JqVIheI6pYrc9PPACBD4NPDwXWdHaJX84i26
tvOXbLn8k3dK2XfR9v13l1p30b7x8S6+W2A5PNk6rQIlUpB0VMCNxq2MaT199nFb
/61EIdY+Qv5LUE/e8L+wP8kOYdHYlRljM+o/rhCp3LSHLy3fXqxA6LmWQVHdrRHn
KckiVYgq4vEcaVSABUeVYgQLLwYvOQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFLkW
vM5ZWcTo3j9wGgRCkH9Ysz60MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zOUFDNzJEQzIxMEQxMUYwQTM0OEVFOTFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLcOCAwQBLcPCAwQBLcPSMA0G
CSqGSIb3DQEBCwUAA4IBAQA7q7Y+FLkncrlSX0cLWmhMrlluqL5sAf3/Sx4/2moL
o4ljlLjcFmOqpHaVzM8cOV7u5qHz8vJ8cUs1Y2NTSxPErNOfq1r7rqISCoMXO99u
bLahhl8cR/rVG/+I1x+2z6Y7ymYIPh4asoeAlPrMMtSluqtf9ma5K3D6Ylsu9zz0
1kF5V7M1iYXJHKuTDeXvtTfU330tk9st4O1ZZIw4vgLRVXLndMgHYa5lHPei3hs3
lsOjYTNA1MrWkiRc03QtTQ7tVFbb1KglcUxE2XqY+WHgeN6ddkz/wt/ZZTIoH4aP
iS8fLaGh1aJQB3fn77cAYueJVpJClnx/8vogZ+Eua/HB
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:18:26 2025 by rpki-client