Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFE109D020BC11F0AF405CF4DAE4EC9C.roa
File: CFE109D020BC11F0AF405CF4DAE4EC9C.roa (raw, json)
Hash identifier: Y+shtjuk5s8CL7SRlblAhorJ/KXJs8FuaJBxbOhNHr8=
Subject key identifier: C9:F0:9C:1A:E9:4C:D2:59:E7:96:04:81:4D:4C:2B:83:A0:84:66:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014E53
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFE109D020BC11F0AF405CF4DAE4EC9C.roa
Signing time: Thu 24 Apr 2025 03:32:57 +0000
ROA not before: Thu 24 Apr 2025 03:32:51 +0000
ROA not after: Wed 31 Dec 2025 03:32:51 +0000
asID: 17561
IP address blocks: 45.194.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85587 (0x14e53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 24 03:32:51 2025 GMT
Not After : Dec 31 03:32:51 2025 GMT
Subject: CN=6809b0e8-0289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4d:89:ef:61:01:d7:40:2b:99:72:69:09:02:
6d:d7:3e:f5:37:e0:b5:b5:a7:af:01:d2:c3:e8:ca:
df:35:38:d3:88:8e:6e:75:12:28:99:c5:3b:1b:e5:
f0:fd:f0:c9:f2:2f:e4:fb:1d:de:32:fc:2f:06:a7:
75:37:8b:97:15:87:68:70:f0:ec:3b:82:b1:bb:fb:
d7:b7:49:f1:a5:a7:22:13:d4:38:fa:36:af:90:99:
c8:23:c4:b7:14:2a:3a:22:ad:fe:da:2e:e7:33:db:
03:49:10:4e:be:db:20:69:ce:84:08:7c:4a:0b:f0:
28:d6:42:2f:41:db:f3:56:4c:ca:10:bd:50:88:9c:
83:47:64:62:42:8f:44:76:db:c2:19:cd:1e:80:4e:
7b:7d:b3:9c:c5:96:60:f6:b6:8e:51:fa:27:4d:c4:
54:12:9a:37:ae:11:e1:28:90:a3:92:ce:4b:64:40:
6d:de:10:42:b0:94:a4:ee:0d:a1:1d:39:50:ce:4c:
31:01:31:57:1c:46:b8:47:80:98:f7:a4:f5:d5:5e:
4b:bb:71:db:ea:f4:de:80:51:e4:88:64:20:64:32:
a5:d8:8b:50:b4:cf:3e:68:84:f5:bb:a2:43:65:b1:
c3:a8:33:3e:c0:07:5e:f7:bc:d0:bd:c6:33:36:8c:
59:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F0:9C:1A:E9:4C:D2:59:E7:96:04:81:4D:4C:2B:83:A0:84:66:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFE109D020BC11F0AF405CF4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.64.0/22
Signature Algorithm: sha256WithRSAEncryption
80:2a:45:85:ce:32:b9:92:65:77:02:63:a9:04:90:7e:38:f3:
f4:66:4d:50:c0:e8:42:58:a7:01:30:0d:92:d6:6f:cc:5a:fb:
03:63:4e:d4:bf:6a:77:05:f5:84:b8:21:a7:8b:f7:da:0f:d7:
41:e2:b3:71:66:bb:aa:e4:fd:a8:6d:64:67:61:8c:3c:bf:ad:
59:0d:39:92:70:e9:6a:08:62:2d:89:ea:04:6f:e4:bd:cc:f2:
35:94:f6:91:c9:2b:8c:5f:a7:8e:41:56:80:13:15:a1:db:f9:
ea:85:5d:17:01:8e:98:64:aa:66:c9:2a:ed:47:e5:6e:24:39:
28:44:59:80:ec:7e:03:a1:82:f7:bf:74:6c:e9:5b:1d:89:75:
24:05:d9:67:be:fe:6f:cd:43:92:49:e1:8b:da:b2:1f:6b:19:
88:bf:9d:96:03:36:c0:05:b7:b2:aa:44:87:81:bb:a1:e4:c3:
da:e1:8a:5b:fc:ec:22:5c:5a:15:2e:1b:ae:47:cd:7a:b0:34:
ac:ab:03:6b:51:c5:44:f0:6b:72:be:19:c7:27:03:cd:f8:4f:
a8:e2:11:8e:f9:72:e7:3b:91:cc:48:b7:9b:1a:2e:37:a5:22:
b1:23:e7:ac:fb:7a:e4:0b:3f:93:cd:e3:4b:c9:75:2f:f1:1d:
e8:ea:62:16
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAU5TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI0MDMzMjUxWhcNMjUxMjMxMDMzMjUxWjAYMRYw
FAYDVQQDEw02ODA5YjBlOC0wMjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyE2J72EB10ArmXJpCQJt1z71N+C1taevAdLD6MrfNTjTiI5udRIomcU7
G+Xw/fDJ8i/k+x3eMvwvBqd1N4uXFYdocPDsO4Kxu/vXt0nxpaciE9Q4+javkJnI
I8S3FCo6Iq3+2i7nM9sDSRBOvtsgac6ECHxKC/Ao1kIvQdvzVkzKEL1QiJyDR2Ri
Qo9EdtvCGc0egE57fbOcxZZg9raOUfonTcRUEpo3rhHhKJCjks5LZEBt3hBCsJSk
7g2hHTlQzkwxATFXHEa4R4CY96T11V5Lu3Hb6vTegFHkiGQgZDKl2ItQtM8+aIT1
u6JDZbHDqDM+wAde97zQvcYzNoxZawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMnw
nBrpTNJZ55YEgU1MK4OghGY6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRkUxMDlEMDIwQkMxMUYwQUY0MDVDRjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcJAMA0GCSqGSIb3DQEBCwUA
A4IBAQCAKkWFzjK5kmV3AmOpBJB+OPP0Zk1QwOhCWKcBMA2S1m/MWvsDY07Uv2p3
BfWEuCGni/faD9dB4rNxZruq5P2obWRnYYw8v61ZDTmScOlqCGItieoEb+S9zPI1
lPaRySuMX6eOQVaAExWh2/nqhV0XAY6YZKpmySrtR+VuJDkoRFmA7H4DoYL3v3Rs
6VsdiXUkBdlnvv5vzUOSSeGL2rIfaxmIv52WAzbABbeyqkSHgbuh5MPa4Ypb/Owi
XFoVLhuuR816sDSsqwNrUcVE8GtyvhnHJwPN+E+o4hGO+XLnO5HMSLebGi43pSKx
I+es+3rkCz+TzeNLyXUv8R3o6mIW
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:10:54 2025 by rpki-client