Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A4B810843A711F0926641B8DAE4EC9C.roa
File: 3A4B810843A711F0926641B8DAE4EC9C.roa (raw, json)
Hash identifier: CYVNQUGOXJQwJ14rl0TRFtf2hb0fYIK5CMyr5hpbmVI=
Subject key identifier: B5:EC:0C:FC:D9:9F:68:AB:07:1F:48:55:A3:27:AD:59:76:C3:CA:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015A67
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A4B810843A711F0926641B8DAE4EC9C.roa
Signing time: Sat 07 Jun 2025 13:56:37 +0000
ROA not before: Sat 07 Jun 2025 13:56:32 +0000
ROA not after: Tue 15 Jul 2025 13:56:32 +0000
asID: 20473
IP address blocks: 45.194.116.0/23 maxlen: 24
45.194.119.0/24 maxlen: 24
45.200.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88679 (0x15a67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 7 13:56:32 2025 GMT
Not After : Jul 15 13:56:32 2025 GMT
Subject: CN=68444515-4735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5c:6b:a9:43:1e:7c:cb:85:1b:62:16:1a:31:
d4:13:9b:c3:60:f3:81:c8:e9:a1:01:46:33:7d:57:
c4:88:48:19:0a:cb:d3:7f:96:d2:2b:7a:e1:b9:75:
75:4b:54:48:ba:95:98:d3:bd:3d:dd:88:66:76:fc:
08:6d:ca:c9:d7:8e:53:44:56:ef:a7:69:cb:21:8d:
1b:57:a7:c9:ac:51:88:0d:95:8f:56:e5:ad:f0:c5:
0a:b1:1f:e7:ed:20:77:41:64:55:b2:d6:0e:b8:40:
06:a3:7d:21:fa:e5:30:01:71:d0:1d:89:a6:4b:fe:
e9:bd:4b:c2:d9:f5:de:89:a3:76:d7:c1:0e:a7:ee:
94:7a:f4:08:ae:5c:cf:b2:3d:4f:e6:6f:0d:bd:4e:
9d:8c:75:74:f3:75:16:1b:5f:99:67:ee:2c:7e:a6:
a6:bf:c6:81:9e:80:4b:a6:d0:d0:4b:a5:b7:36:b1:
f4:79:b5:3e:8d:e7:23:9f:f8:01:f6:7d:70:01:66:
01:77:c2:68:c1:81:5c:d4:de:d8:e1:77:52:ce:72:
3d:ef:b9:74:a3:e7:3e:b5:8a:5c:6f:c5:2d:cd:fb:
2b:a5:c0:69:b4:e3:79:b0:46:6d:97:a3:1f:a2:99:
81:a1:ec:09:32:a6:1d:e5:84:4e:ac:ad:c9:cd:50:
de:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:EC:0C:FC:D9:9F:68:AB:07:1F:48:55:A3:27:AD:59:76:C3:CA:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A4B810843A711F0926641B8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.116.0/23
45.194.119.0/24
45.200.121.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:1f:63:46:00:2d:ad:9a:45:47:96:1f:31:97:53:20:5d:4c:
49:2b:e9:5d:34:dc:7a:d0:fb:ff:e7:07:09:78:c7:e4:0b:f3:
34:76:53:d8:dd:1f:03:df:a6:82:ec:64:8e:35:1e:4a:50:fa:
67:3a:02:e0:88:47:1c:67:c6:4d:b4:1d:24:4c:7b:41:60:72:
29:f0:53:cb:1e:4c:fa:8c:25:c9:c0:56:57:75:9b:e9:56:94:
a6:b7:71:c9:b9:da:37:0a:5a:fe:ff:df:79:d5:a3:f4:cb:b1:
8c:5c:95:5a:a8:21:af:aa:50:d9:4d:cc:35:e3:76:7d:64:fb:
3e:ad:af:a5:cd:9f:bd:5d:6c:c4:79:0f:a6:85:68:4b:67:6b:
c1:8d:47:ec:89:11:aa:07:13:f5:f6:d8:51:d2:f9:ee:59:a5:
1d:bf:67:11:b0:fb:d8:37:e7:05:96:d8:4e:1f:79:76:e7:4a:
c1:a0:e5:c1:40:6c:5a:24:2f:dc:5e:35:97:bb:cf:69:3f:e4:
74:9d:4f:c6:27:ac:d1:8e:f0:93:cf:d6:ec:6d:99:63:74:4b:
7d:ff:b4:60:ff:95:51:7a:99:2e:b2:c7:88:73:38:0a:65:e3:
4e:6d:2d:a1:de:fb:2c:9d:16:61:b9:70:a4:2f:be:3e:80:98:
a5:8d:0a:8b
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVpnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA3MTM1NjMyWhcNMjUwNzE1MTM1NjMyWjAYMRYw
FAYDVQQDEw02ODQ0NDUxNS00NzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsVxrqUMefMuFG2IWGjHUE5vDYPOByOmhAUYzfVfEiEgZCsvTf5bSK3rh
uXV1S1RIupWY07093YhmdvwIbcrJ145TRFbvp2nLIY0bV6fJrFGIDZWPVuWt8MUK
sR/n7SB3QWRVstYOuEAGo30h+uUwAXHQHYmmS/7pvUvC2fXeiaN218EOp+6UevQI
rlzPsj1P5m8NvU6djHV083UWG1+ZZ+4sfqamv8aBnoBLptDQS6W3NrH0ebU+jecj
n/gB9n1wAWYBd8JowYFc1N7Y4XdSznI977l0o+c+tYpcb8UtzfsrpcBptON5sEZt
l6MfopmBoewJMqYd5YROrK3JzVDejQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFLXs
DPzZn2irBx9IVaMnrVl2w8qQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTRCODEwODQzQTcxMUYwOTI2NjQxQjhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLcJ0AwQALcJ3AwQALch5MA0G
CSqGSIb3DQEBCwUAA4IBAQAsH2NGAC2tmkVHlh8xl1MgXUxJK+ldNNx60Pv/5wcJ
eMfkC/M0dlPY3R8D36aC7GSONR5KUPpnOgLgiEccZ8ZNtB0kTHtBYHIp8FPLHkz6
jCXJwFZXdZvpVpSmt3HJudo3Clr+/9951aP0y7GMXJVaqCGvqlDZTcw143Z9ZPs+
ra+lzZ+9XWzEeQ+mhWhLZ2vBjUfsiRGqBxP19thR0vnuWaUdv2cRsPvYN+cFlthO
H3l250rBoOXBQGxaJC/cXjWXu89pP+R0nU/GJ6zRjvCTz9bsbZljdEt9/7Rg/5VR
epkusseIczgKZeNObS2h3vssnRZhuXCkL74+gJiljQqL
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:15:28 2025 by rpki-client