Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDF4E2DC450611F0B9E45EABDAE4EC9C.roa
File: BDF4E2DC450611F0B9E45EABDAE4EC9C.roa (raw, json)
Hash identifier: zbgION4c+jjDohpu9CDJUO7CKY7L9Llsxrd+4unS3b8=
Subject key identifier: 98:C6:48:7D:C9:C3:F0:27:44:8E:09:C1:B4:F4:99:1A:69:F3:FA:76
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015A71
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDF4E2DC450611F0B9E45EABDAE4EC9C.roa
Signing time: Mon 09 Jun 2025 07:52:51 +0000
ROA not before: Mon 09 Jun 2025 07:52:46 +0000
ROA not after: Wed 16 Jul 2025 07:52:46 +0000
asID: 214311
IP address blocks: 45.192.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 19 Jun 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88689 (0x15a71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 9 07:52:46 2025 GMT
Not After : Jul 16 07:52:46 2025 GMT
Subject: CN=684692d3-e1fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0b:73:8a:82:e1:05:e5:29:cf:1a:9c:53:4d:
38:f9:ef:2b:3a:49:23:25:10:d3:7a:fa:76:31:ce:
72:e9:14:0a:07:f6:18:85:98:30:7f:cc:0f:f4:fb:
13:62:e0:7f:fa:10:92:87:3c:00:6b:b6:12:bb:a4:
ed:0a:42:0a:76:ab:02:32:bc:86:e5:6c:e2:3f:74:
b6:d0:54:99:6e:4e:09:49:45:05:ca:4f:9f:01:57:
f5:77:87:9a:c0:1b:55:2f:0a:b7:93:60:38:57:c3:
d9:d4:87:4a:26:7c:86:19:b8:41:3c:d4:a6:5b:f3:
7b:86:64:a7:5b:80:a0:fd:09:0c:80:5c:76:e3:79:
e6:cd:c6:4f:02:00:c1:27:e7:b4:cc:f0:01:00:50:
58:e8:86:0c:ae:8a:67:02:b6:d1:31:54:e6:5b:54:
92:79:72:e7:c0:7b:6f:82:3a:37:23:08:09:96:1b:
0a:0d:62:a8:7d:8b:92:09:ac:8e:80:12:86:44:c4:
0d:c3:88:cd:bc:58:59:49:a7:c1:e3:4c:1b:49:22:
a7:29:31:8b:d0:e0:31:f5:63:fd:d1:58:ba:3a:d4:
dc:49:a5:82:eb:5d:30:85:ac:7a:06:01:65:35:8e:
98:af:10:e8:89:33:77:e7:13:83:02:2a:ab:7b:d3:
89:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C6:48:7D:C9:C3:F0:27:44:8E:09:C1:B4:F4:99:1A:69:F3:FA:76
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDF4E2DC450611F0B9E45EABDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.1.0/24
Signature Algorithm: sha256WithRSAEncryption
68:64:e0:f4:8c:c2:d8:53:5a:87:63:e6:04:1c:e8:94:eb:cb:
8a:cc:90:dd:d8:e8:0c:c2:50:1c:13:20:ac:69:ad:b5:b4:51:
b4:ed:7d:3e:8e:b1:94:96:4c:2f:e0:20:35:c7:06:77:aa:fc:
9b:7c:8a:10:55:a5:89:a0:82:6a:bd:7e:cd:e5:2c:d0:9c:bd:
cd:15:34:37:c4:66:fb:a7:02:cd:18:9c:13:bd:5a:ea:96:1a:
27:b5:29:c7:12:97:18:f7:83:bb:12:5e:32:c8:c6:3f:81:c9:
fd:52:1c:78:fd:7d:9d:0c:45:1a:de:77:64:f0:79:f7:b6:2d:
ac:76:f9:9c:03:a8:e1:b6:fe:6c:cc:98:81:dc:17:cf:44:61:
92:e8:bd:27:c7:29:18:e3:45:9d:1f:5f:ec:47:82:e4:88:b7:
41:b8:9d:bc:f8:51:72:c7:e8:e5:6c:64:52:3b:ee:07:40:34:
3c:d9:b7:40:27:0e:f8:4f:f9:53:4d:55:8a:8f:1b:5b:5e:d9:
dd:63:1a:73:6e:78:8d:c4:22:22:b0:21:76:fe:30:12:0e:9a:
81:7f:9c:5a:99:9b:56:53:a9:ed:84:46:3a:5c:3c:bc:f9:77:
a2:cb:e4:9f:c2:38:e6:d6:4b:13:85:98:92:e6:8b:85:a2:b3:
7a:e8:6d:ae
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVpxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA5MDc1MjQ2WhcNMjUwNzE2MDc1MjQ2WjAYMRYw
FAYDVQQDEw02ODQ2OTJkMy1lMWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqgtzioLhBeUpzxqcU004+e8rOkkjJRDTevp2Mc5y6RQKB/YYhZgwf8wP
9PsTYuB/+hCShzwAa7YSu6TtCkIKdqsCMryG5WziP3S20FSZbk4JSUUFyk+fAVf1
d4eawBtVLwq3k2A4V8PZ1IdKJnyGGbhBPNSmW/N7hmSnW4Cg/QkMgFx243nmzcZP
AgDBJ+e0zPABAFBY6IYMropnArbRMVTmW1SSeXLnwHtvgjo3IwgJlhsKDWKofYuS
CayOgBKGRMQNw4jNvFhZSafB40wbSSKnKTGL0OAx9WP90Vi6OtTcSaWC610whax6
BgFlNY6YrxDoiTN35xODAiqre9OJnwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJjG
SH3Jw/AnRI4JwbT0mRpp8/p2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CREY0RTJEQzQ1MDYxMUYwQjlFNDVFQUJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcABMA0GCSqGSIb3DQEBCwUA
A4IBAQBoZOD0jMLYU1qHY+YEHOiU68uKzJDd2OgMwlAcEyCsaa21tFG07X0+jrGU
lkwv4CA1xwZ3qvybfIoQVaWJoIJqvX7N5SzQnL3NFTQ3xGb7pwLNGJwTvVrqlhon
tSnHEpcY94O7El4yyMY/gcn9Uhx4/X2dDEUa3ndk8Hn3ti2sdvmcA6jhtv5szJiB
3BfPRGGS6L0nxykY40WdH1/sR4LkiLdBuJ28+FFyx+jlbGRSO+4HQDQ82bdAJw74
T/lTTVWKjxtbXtndYxpzbniNxCIisCF2/jASDpqBf5xamZtWU6nthEY6XDy8+Xei
y+Sfwjjm1ksThZiS5ouForN66G2u
-----END CERTIFICATE-----
Generated at Wed Jun 18 01:17:19 2025 by rpki-client