Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E4198FE450711F09296DDADDAE4EC9C.roa
File: 3E4198FE450711F09296DDADDAE4EC9C.roa (raw, json)
Hash identifier: KAIU3jBNaVq955pU84PdJKJgDN888SoXEtFXKIzFdvo=
Subject key identifier: 21:C8:A2:FD:81:1E:01:AF:60:54:C5:B5:6D:15:0C:2C:E5:8A:C9:4F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015A73
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E4198FE450711F09296DDADDAE4EC9C.roa
Signing time: Mon 09 Jun 2025 07:56:26 +0000
ROA not before: Mon 09 Jun 2025 07:56:22 +0000
ROA not after: Sun 13 Jul 2025 07:56:22 +0000
asID: 20326
IP address blocks: 45.202.100.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88691 (0x15a73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 9 07:56:22 2025 GMT
Not After : Jul 13 07:56:22 2025 GMT
Subject: CN=684693aa-4b09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:37:31:2d:0b:48:0b:1c:56:5c:46:84:d6:64:
d4:21:66:ca:f4:e2:6c:17:e6:49:44:75:67:78:4f:
78:2c:cc:c4:f1:8b:ba:3e:c5:dc:2f:55:93:1a:29:
d2:11:76:e1:38:25:d5:5f:8f:fe:c0:03:48:4b:a5:
72:43:84:65:af:c8:e7:af:57:d3:13:ff:9f:dc:ae:
47:a9:c5:44:ca:e3:6d:de:bb:85:6e:0c:e5:eb:f5:
39:4b:c5:eb:4d:0c:14:50:aa:10:60:c9:de:c2:73:
de:41:5f:f6:e3:d2:8b:c5:14:a3:7b:93:d9:b2:25:
01:db:5c:ad:ec:12:8a:12:d4:97:93:e8:51:4f:84:
f0:97:b5:4f:7d:32:65:b1:15:39:e2:83:7f:23:4a:
4c:b0:ab:9e:34:3a:9e:66:cd:43:e2:8e:44:ee:08:
12:17:09:b5:a2:1d:50:cf:2f:ce:e2:f0:cb:b8:d7:
8e:9f:10:4f:dd:02:95:5b:03:d6:a2:cc:1e:51:bb:
bc:96:f4:e4:da:5e:30:44:c7:43:3d:e3:06:63:86:
ff:7b:7f:a9:dd:e2:32:1f:b6:2a:94:dd:b6:76:a6:
45:68:49:fa:ae:fe:9e:76:f8:4a:ec:8d:a1:56:2d:
c0:12:5c:74:08:11:a3:db:2b:03:67:48:01:42:5a:
54:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C8:A2:FD:81:1E:01:AF:60:54:C5:B5:6D:15:0C:2C:E5:8A:C9:4F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E4198FE450711F09296DDADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.100.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:be:ff:ea:73:83:cd:3d:83:33:8f:d5:a3:14:27:76:95:9c:
81:83:aa:e3:44:3a:ec:5e:ae:1c:ac:2c:a2:4a:0b:1e:75:55:
d1:09:c0:2e:b9:fd:39:82:ce:d9:7f:2a:99:ff:f3:5d:80:5a:
29:c2:be:a3:26:bb:75:9e:89:d7:f0:df:b5:ae:5a:8c:e0:05:
69:99:e0:0d:27:1a:54:21:60:06:36:f6:c2:e3:dd:f2:dd:e5:
63:9e:ae:c2:2a:88:20:d7:ae:ce:0e:be:38:cf:97:59:cb:1c:
86:ea:f3:78:75:76:67:54:7c:66:a6:8c:24:f9:99:bd:68:30:
2e:64:b5:2e:e8:86:19:93:66:03:54:4a:63:95:5c:b1:f7:c1:
e9:32:fd:48:dc:bd:a1:a0:bd:a0:f7:e7:aa:a1:63:43:b5:54:
2a:af:e4:1e:66:b8:e5:7b:f8:fa:04:f5:75:74:af:90:d4:a3:
d4:85:56:de:09:af:f2:b5:12:76:d2:f6:4b:ac:9a:df:71:e8:
b7:ff:3a:52:f4:3c:3a:ca:a9:01:47:35:78:be:59:1e:aa:f0:
46:8d:18:c4:03:4f:c2:5d:53:d9:6d:5b:6a:45:0c:b5:5b:5d:
83:8a:94:c4:77:b9:76:44:82:5a:b8:b7:36:57:d9:82:14:a0:
a2:76:48:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVpzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA5MDc1NjIyWhcNMjUwNzEzMDc1NjIyWjAYMRYw
FAYDVQQDEw02ODQ2OTNhYS00YjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwzcxLQtICxxWXEaE1mTUIWbK9OJsF+ZJRHVneE94LMzE8Yu6PsXcL1WT
GinSEXbhOCXVX4/+wANIS6VyQ4Rlr8jnr1fTE/+f3K5HqcVEyuNt3ruFbgzl6/U5
S8XrTQwUUKoQYMnewnPeQV/249KLxRSje5PZsiUB21yt7BKKEtSXk+hRT4Twl7VP
fTJlsRU54oN/I0pMsKueNDqeZs1D4o5E7ggSFwm1oh1Qzy/O4vDLuNeOnxBP3QKV
WwPWosweUbu8lvTk2l4wRMdDPeMGY4b/e3+p3eIyH7YqlN22dqZFaEn6rv6edvhK
7I2hVi3AElx0CBGj2ysDZ0gBQlpUDQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCHI
ov2BHgGvYFTFtW0VDCzlislPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRTQxOThGRTQ1MDcxMUYwOTI5NkREQUREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcpkMA0GCSqGSIb3DQEBCwUA
A4IBAQCKvv/qc4PNPYMzj9WjFCd2lZyBg6rjRDrsXq4crCyiSgsedVXRCcAuuf05
gs7ZfyqZ//NdgFopwr6jJrt1nonX8N+1rlqM4AVpmeANJxpUIWAGNvbC493y3eVj
nq7CKogg167ODr44z5dZyxyG6vN4dXZnVHxmpowk+Zm9aDAuZLUu6IYZk2YDVEpj
lVyx98HpMv1I3L2hoL2g9+eqoWNDtVQqr+QeZrjle/j6BPV1dK+Q1KPUhVbeCa/y
tRJ20vZLrJrfcei3/zpS9Dw6yqkBRzV4vlkeqvBGjRjEA0/CXVPZbVtqRQy1W12D
ipTEd7l2RIJauLc2V9mCFKCidkga
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:13:36 2025 by rpki-client