Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E13248441ED11F08A097386DAE4EC9C.roa
File: 6E13248441ED11F08A097386DAE4EC9C.roa (raw, json)
Hash identifier: OTKBCXR/tQV1oeLysg+uyEGQASVmvpBholzD+sF/1vE=
Subject key identifier: 2C:5F:93:32:08:AE:0A:9E:5A:62:43:CD:31:05:64:7F:A4:AF:82:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0159DE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E13248441ED11F08A097386DAE4EC9C.roa
Signing time: Thu 05 Jun 2025 09:14:06 +0000
ROA not before: Thu 05 Jun 2025 09:14:02 +0000
ROA not after: Thu 10 Jul 2025 09:14:02 +0000
asID: 20473
IP address blocks: 45.195.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 21 Jun 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88542 (0x159de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 5 09:14:02 2025 GMT
Not After : Jul 10 09:14:02 2025 GMT
Subject: CN=68415fde-c38a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d0:9b:16:7c:c8:02:d4:22:17:a7:96:24:5f:
91:23:2d:d1:e5:2d:51:a1:72:cd:02:41:75:c7:68:
43:04:84:23:32:1c:9f:4c:60:4d:17:6c:7a:f7:59:
f5:b7:9b:6d:a9:fe:bc:15:77:69:64:55:93:cc:a7:
b2:55:79:b7:57:7a:7e:18:62:82:19:47:1b:73:85:
b5:00:f7:3b:56:1a:44:05:4b:46:d1:84:4e:10:4d:
21:eb:dc:55:5a:92:07:7c:59:e6:a5:7f:c4:c0:26:
3d:80:75:88:b5:9f:b2:61:ab:56:9e:51:54:86:eb:
63:ce:37:37:d6:1e:fb:fb:e8:23:3f:f3:46:47:7c:
88:0a:25:8c:a3:1f:71:6f:2a:c0:48:bf:95:8c:d8:
0a:4c:6e:bd:94:6f:0f:8d:9f:cf:64:68:2f:36:2e:
b5:d2:d1:4c:ef:a8:b5:db:71:2d:80:d4:75:ea:da:
a8:cd:a6:84:b4:46:85:ed:1b:ab:ef:be:f3:d9:ac:
f0:41:53:9b:54:cb:10:8a:db:42:07:29:ea:18:10:
81:4d:83:81:94:6a:4d:55:41:cd:29:3a:54:c2:26:
0d:92:e8:db:6b:b3:c2:38:e8:61:6f:bc:77:59:7f:
2f:53:2c:5f:ae:87:dd:41:84:6d:af:b1:34:fd:50:
35:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5F:93:32:08:AE:0A:9E:5A:62:43:CD:31:05:64:7F:A4:AF:82:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E13248441ED11F08A097386DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.137.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:05:3c:97:35:cd:54:98:99:65:23:ac:a7:dd:f8:f1:93:78:
5f:6f:f3:a2:7f:f3:bd:38:51:e5:68:6b:ef:e9:c6:33:45:9e:
5b:d6:1d:ae:8b:90:18:07:e4:a8:5c:b6:69:bd:f7:0a:5a:82:
c3:9e:ed:72:7e:75:81:bc:fe:13:04:4a:7e:20:34:ca:b0:78:
f5:e1:59:19:d4:f3:ce:cd:dd:35:67:03:56:d0:e9:66:7b:34:
d7:b6:60:35:71:8d:07:02:25:44:de:57:50:3d:ba:70:4d:32:
91:ac:e3:86:69:c6:73:68:44:2a:ba:58:7c:4d:f0:19:1e:e7:
ff:31:80:fa:75:32:2a:96:8b:88:a8:c8:57:09:51:97:76:8c:
9f:8f:89:f3:19:20:9b:89:fd:09:55:06:c5:68:89:c6:d7:9d:
cb:cf:45:e8:ec:fc:1b:fa:b4:05:b1:cc:cb:b8:f7:d3:e4:d3:
31:50:a6:dd:99:cf:53:bb:e4:c4:0a:4b:74:b5:bb:f6:27:4f:
36:99:12:00:bd:de:7f:87:9b:f4:83:62:7c:d4:33:be:8b:85:
aa:7c:dc:29:68:5a:0c:9e:43:12:dd:c4:d3:a0:e5:11:e7:ef:
02:96:47:a0:7a:fc:34:97:f0:0f:16:33:ec:ea:d4:53:c4:32:
2f:fd:19:3c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVneMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA1MDkxNDAyWhcNMjUwNzEwMDkxNDAyWjAYMRYw
FAYDVQQDEw02ODQxNWZkZS1jMzhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv9CbFnzIAtQiF6eWJF+RIy3R5S1RoXLNAkF1x2hDBIQjMhyfTGBNF2x6
91n1t5ttqf68FXdpZFWTzKeyVXm3V3p+GGKCGUcbc4W1APc7VhpEBUtG0YROEE0h
69xVWpIHfFnmpX/EwCY9gHWItZ+yYatWnlFUhutjzjc31h77++gjP/NGR3yICiWM
ox9xbyrASL+VjNgKTG69lG8PjZ/PZGgvNi610tFM76i123EtgNR16tqozaaEtEaF
7Rur777z2azwQVObVMsQittCBynqGBCBTYOBlGpNVUHNKTpUwiYNkujba7PCOOhh
b7x3WX8vUyxfrofdQYRtr7E0/VA1vQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCxf
kzIIrgqeWmJDzTEFZH+kr4J0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RTEzMjQ4NDQxRUQxMUYwOEEwOTczODZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcOJMA0GCSqGSIb3DQEBCwUA
A4IBAQCMBTyXNc1UmJllI6yn3fjxk3hfb/Oif/O9OFHlaGvv6cYzRZ5b1h2ui5AY
B+SoXLZpvfcKWoLDnu1yfnWBvP4TBEp+IDTKsHj14VkZ1PPOzd01ZwNW0OlmezTX
tmA1cY0HAiVE3ldQPbpwTTKRrOOGacZzaEQqulh8TfAZHuf/MYD6dTIqlouIqMhX
CVGXdoyfj4nzGSCbif0JVQbFaInG153Lz0Xo7Pwb+rQFsczLuPfT5NMxUKbdmc9T
u+TECkt0tbv2J082mRIAvd5/h5v0g2J81DO+i4WqfNwpaFoMnkMS3cTToOUR5+8C
lkegevw0l/APFjPs6tRTxDIv/Rk8
-----END CERTIFICATE-----
Generated at Thu Jun 19 02:59:32 2025 by rpki-client