Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5A40194453111F09E6685BEDAE4EC9C.roa
File: D5A40194453111F09E6685BEDAE4EC9C.roa (raw, json)
Hash identifier: swl/wrnqvhOfJTYKB3hpgKnagyM9eqc9rEhdAVel8kw=
Subject key identifier: E8:A3:92:4C:A2:21:87:76:A8:CC:19:97:75:1A:6E:25:F4:E8:60:3D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015A99
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5A40194453111F09E6685BEDAE4EC9C.roa
Signing time: Mon 09 Jun 2025 13:01:19 +0000
ROA not before: Mon 09 Jun 2025 13:01:14 +0000
ROA not after: Tue 11 Nov 2025 13:01:14 +0000
asID: 139923
IP address blocks: 45.195.112.0/21 maxlen: 24
45.195.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 19 Jun 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88729 (0x15a99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 9 13:01:14 2025 GMT
Not After : Nov 11 13:01:14 2025 GMT
Subject: CN=6846db1f-f16f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:db:8e:d0:0d:95:5c:81:8f:3d:fc:91:1a:4d:
01:2e:e6:a3:c9:24:ac:d9:38:d6:cc:85:d7:af:da:
ac:be:30:88:21:5d:b6:90:b6:74:37:d5:9d:d8:2f:
4b:c0:ab:ba:83:91:f7:ca:4a:90:fb:9e:5f:06:45:
02:fb:65:0f:05:ab:bd:a4:1e:02:8f:de:53:9f:a3:
ad:6e:93:c9:ae:c1:6b:2a:a3:f5:be:a4:c3:b6:bb:
25:95:32:00:70:27:fd:67:19:76:95:74:cc:41:82:
cd:c0:1c:de:f5:c9:54:54:c0:6c:38:03:0e:e4:cf:
bb:11:97:e0:67:82:04:6b:71:aa:6d:f2:b6:a6:3d:
ac:7f:fc:ba:59:a0:16:38:2c:e7:0b:30:18:2d:92:
18:aa:6f:dd:7c:db:fc:05:8a:8a:4e:85:e3:a5:be:
89:00:24:6d:e5:89:2c:fa:f2:9e:21:49:2e:14:8f:
80:e7:a7:1a:37:a9:e9:0b:d7:78:02:80:e7:39:2f:
c9:be:ba:b5:82:74:2f:76:1f:76:d1:2b:b6:d2:06:
19:5d:10:0d:10:16:6a:bc:14:8b:a8:fa:7a:b5:c7:
e5:ad:de:6c:33:8d:09:19:ce:6c:a9:e5:a9:30:98:
50:8e:56:10:19:c0:6d:b2:55:a5:42:f2:f2:78:ba:
d3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A3:92:4C:A2:21:87:76:A8:CC:19:97:75:1A:6E:25:F4:E8:60:3D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5A40194453111F09E6685BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.112.0/20
Signature Algorithm: sha256WithRSAEncryption
94:dd:f7:52:d0:8e:0b:eb:93:33:71:1b:78:96:c7:1c:5f:d1:
23:89:b8:aa:9a:b4:cd:11:a7:cc:76:21:c5:0a:16:67:aa:9c:
2c:cd:5b:69:8f:fb:15:08:2c:58:2e:1d:e0:52:62:53:f6:4b:
39:d2:c2:73:68:4f:49:03:f7:9b:30:96:2d:a0:bb:c4:43:da:
a1:dd:a9:af:c0:a5:d7:a1:ba:47:08:61:ba:ac:7e:63:73:6b:
14:ac:2c:47:62:02:a6:5b:ca:e5:ba:32:54:59:c2:ba:87:d5:
59:eb:1d:fe:56:a3:b6:dc:01:26:ce:99:b1:2e:aa:22:43:23:
41:17:ce:c5:3d:8e:50:73:d7:56:6a:7f:83:7e:8c:0f:29:72:
49:c1:01:9c:67:81:a8:66:14:05:c4:e1:53:e8:27:a2:1a:e3:
28:68:dc:7d:6c:cd:50:70:d6:24:34:1d:2b:9b:22:55:d9:2e:
73:55:a4:e7:c5:02:41:0d:19:4b:ee:f5:bc:b2:cf:86:d6:d1:
d6:b4:7f:3c:45:63:71:96:61:ac:c1:28:2f:13:74:c8:16:e2:
42:71:34:3f:6f:10:d2:f9:ab:ed:79:da:b3:c3:aa:5c:cd:08:
39:33:b9:5b:df:c9:7d:e6:59:14:c0:17:96:e6:89:bc:09:2a:
38:57:38:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVqZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA5MTMwMTE0WhcNMjUxMTExMTMwMTE0WjAYMRYw
FAYDVQQDEw02ODQ2ZGIxZi1mMTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuduO0A2VXIGPPfyRGk0BLuajySSs2TjWzIXXr9qsvjCIIV22kLZ0N9Wd
2C9LwKu6g5H3ykqQ+55fBkUC+2UPBau9pB4Cj95Tn6OtbpPJrsFrKqP1vqTDtrsl
lTIAcCf9Zxl2lXTMQYLNwBze9clUVMBsOAMO5M+7EZfgZ4IEa3GqbfK2pj2sf/y6
WaAWOCznCzAYLZIYqm/dfNv8BYqKToXjpb6JACRt5Yks+vKeIUkuFI+A56caN6np
C9d4AoDnOS/Jvrq1gnQvdh920Su20gYZXRANEBZqvBSLqPp6tcflrd5sM40JGc5s
qeWpMJhQjlYQGcBtslWlQvLyeLrTxQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOij
kkyiIYd2qMwZl3UabiX06GA9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENUE0MDE5NDQ1MzExMUYwOUU2Njg1QkVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcNwMA0GCSqGSIb3DQEBCwUA
A4IBAQCU3fdS0I4L65MzcRt4lsccX9EjibiqmrTNEafMdiHFChZnqpwszVtpj/sV
CCxYLh3gUmJT9ks50sJzaE9JA/ebMJYtoLvEQ9qh3amvwKXXobpHCGG6rH5jc2sU
rCxHYgKmW8rlujJUWcK6h9VZ6x3+VqO23AEmzpmxLqoiQyNBF87FPY5Qc9dWan+D
fowPKXJJwQGcZ4GoZhQFxOFT6CeiGuMoaNx9bM1QcNYkNB0rmyJV2S5zVaTnxQJB
DRlL7vW8ss+G1tHWtH88RWNxlmGswSgvE3TIFuJCcTQ/bxDS+avtedqzw6pczQg5
M7lb38l95lkUwBeW5om8CSo4Vzjn
-----END CERTIFICATE-----
Generated at Tue Jun 17 20:29:06 2025 by rpki-client