Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/443B9C9E210F11F0B1227B9FDAE4EC9C.roa
File: 443B9C9E210F11F0B1227B9FDAE4EC9C.roa (raw, json)
Hash identifier: cmjwYl9abNihXeFat8EPhweTjBjV/dllUUCGf5k9FrQ=
Subject key identifier: 28:7D:9A:63:53:0C:8C:A7:E6:4D:38:C3:65:E3:BB:1A:54:8A:9A:85
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014E68
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/443B9C9E210F11F0B1227B9FDAE4EC9C.roa
Signing time: Thu 24 Apr 2025 13:23:10 +0000
ROA not before: Thu 24 Apr 2025 13:23:06 +0000
ROA not after: Wed 30 Apr 2025 13:23:06 +0000
asID: 138590
IP address blocks: 45.194.14.0/23 maxlen: 24
45.194.25.0/24 maxlen: 24
45.194.26.0/24 maxlen: 24
45.194.80.0/23 maxlen: 24
45.194.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85608 (0x14e68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 24 13:23:06 2025 GMT
Not After : Apr 30 13:23:06 2025 GMT
Subject: CN=680a3b3e-b733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0e:c6:45:cf:f5:48:9d:be:ac:40:83:10:8b:
02:e4:dd:6f:5e:16:af:4c:2d:62:e8:b6:ac:ca:f2:
50:2e:06:1f:9f:71:91:46:0b:74:99:9c:7e:34:74:
31:41:fa:c3:2b:dd:88:e5:b3:d1:80:99:52:eb:08:
6c:ef:21:c7:e0:4f:cf:06:5c:a9:43:3a:3b:5c:32:
d0:bf:fa:5a:ec:ea:8a:47:c9:7c:2e:95:4c:49:df:
fe:e1:88:c3:b6:53:fb:ec:20:74:11:58:6e:04:c4:
67:73:09:2d:ec:1f:b4:3b:35:58:da:79:42:63:ee:
d2:39:23:98:54:6e:74:29:12:d7:f8:a6:20:90:08:
b9:4c:f4:71:6b:a8:a2:f6:bd:a2:ae:36:6b:33:2e:
b8:25:8b:f8:f4:d5:a4:18:43:dd:5d:75:8d:42:f7:
d9:20:3d:b7:fb:35:95:46:01:6d:fc:bb:29:40:54:
15:e2:16:0b:49:70:f4:38:e2:b0:9a:c5:f6:45:53:
18:72:b2:8d:19:1a:6a:df:c0:12:61:bb:88:df:9d:
05:56:11:50:bd:13:4c:e3:b0:86:73:a8:09:a9:3e:
24:71:9e:33:26:e0:4c:4c:12:be:c6:ab:67:a0:f1:
a0:3e:a1:3c:93:35:cb:95:a0:84:c6:11:80:87:e4:
b5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:7D:9A:63:53:0C:8C:A7:E6:4D:38:C3:65:E3:BB:1A:54:8A:9A:85
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/443B9C9E210F11F0B1227B9FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.14.0/23
45.194.25.0-45.194.26.255
45.194.80.0/23
45.194.88.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:90:29:27:d3:2a:77:a6:24:8b:8f:ad:c5:52:4f:bd:4e:44:
d4:05:62:fe:1f:15:46:ea:65:a9:70:56:ac:bb:ab:0d:79:a6:
f2:8b:38:cc:da:8b:85:6d:11:7d:91:2a:cf:fb:cc:ce:a3:fc:
a2:90:7a:95:47:bf:32:05:ef:ea:91:0d:82:c3:8b:24:3d:49:
80:9b:ce:7e:71:e0:26:8c:ff:64:98:d6:21:6b:ec:83:f0:55:
72:6a:b5:f6:52:b0:6b:16:0a:48:ef:5d:a4:7c:e0:ac:20:13:
bc:84:a5:d0:d4:de:09:c8:03:71:66:c8:04:9a:d7:f2:e6:51:
d7:1c:c5:6b:0b:de:2e:1e:16:0b:a2:5b:55:f6:4c:41:da:a6:
8b:8a:d7:b9:a4:20:e4:0a:7f:0c:11:2e:1f:a4:89:b7:e4:db:
f0:09:66:9f:15:04:fa:3c:62:26:4e:b1:8e:30:14:9d:8b:9f:
9e:49:1d:f1:6d:42:9d:16:e3:51:06:2c:9b:c2:5e:a5:85:42:
19:35:5c:b4:6d:c0:81:25:f4:3c:fb:0b:85:83:60:8b:14:3b:
c9:34:63:3c:04:0e:99:5a:d4:7f:c5:fe:e6:90:8f:e5:f3:d0:
76:2b:bc:fb:f2:9d:4f:05:fd:39:69:f1:bc:d3:4e:50:5d:c7:
db:13:33:a8
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDAU5oMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI0MTMyMzA2WhcNMjUwNDMwMTMyMzA2WjAYMRYw
FAYDVQQDEw02ODBhM2IzZS1iNzMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwg7GRc/1SJ2+rECDEIsC5N1vXhavTC1i6LasyvJQLgYfn3GRRgt0mZx+
NHQxQfrDK92I5bPRgJlS6whs7yHH4E/PBlypQzo7XDLQv/pa7OqKR8l8LpVMSd/+
4YjDtlP77CB0EVhuBMRncwkt7B+0OzVY2nlCY+7SOSOYVG50KRLX+KYgkAi5TPRx
a6ii9r2irjZrMy64JYv49NWkGEPdXXWNQvfZID23+zWVRgFt/LspQFQV4hYLSXD0
OOKwmsX2RVMYcrKNGRpq38ASYbuI350FVhFQvRNM47CGc6gJqT4kcZ4zJuBMTBK+
xqtnoPGgPqE8kzXLlaCExhGAh+S1mQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFCh9
mmNTDIyn5k04w2XjuxpUipqFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NDNCOUM5RTIxMEYxMUYwQjEyMjdCOUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLcIOMAwDBAAtwhkDBAAtwhoD
BAEtwlADBAEtwlgwDQYJKoZIhvcNAQELBQADggEBAKSQKSfTKnemJIuPrcVST71O
RNQFYv4fFUbqZalwVqy7qw15pvKLOMzai4VtEX2RKs/7zM6j/KKQepVHvzIF7+qR
DYLDiyQ9SYCbzn5x4CaM/2SY1iFr7IPwVXJqtfZSsGsWCkjvXaR84KwgE7yEpdDU
3gnIA3FmyASa1/LmUdccxWsL3i4eFguiW1X2TEHapouK17mkIOQKfwwRLh+kibfk
2/AJZp8VBPo8YiZOsY4wFJ2Ln55JHfFtQp0W41EGLJvCXqWFQhk1XLRtwIEl9Dz7
C4WDYIsUO8k0YzwEDpla1H/F/uaQj+Xz0HYrvPvynU8F/Tlp8bzTTlBdx9sTM6g=
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:27:05 2025 by rpki-client