Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/620C830C1C5311F0A41A5AF3DAE4EC9C.roa
File: 620C830C1C5311F0A41A5AF3DAE4EC9C.roa (raw, json)
Hash identifier: 6apcHB+YC64/f10Enu67XmoCqy6iqbTdd/YQtOIyhAs=
Subject key identifier: B6:16:A5:25:BB:29:11:CE:A6:D7:1F:20:A5:DE:F1:A5:04:37:15:28
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014CE4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/620C830C1C5311F0A41A5AF3DAE4EC9C.roa
Signing time: Fri 18 Apr 2025 12:48:10 +0000
ROA not before: Fri 18 Apr 2025 12:48:06 +0000
ROA not after: Sun 26 Apr 2026 12:48:06 +0000
asID: 18233
IP address blocks: 45.200.6.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85220 (0x14ce4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 18 12:48:06 2025 GMT
Not After : Apr 26 12:48:06 2026 GMT
Subject: CN=68024a0a-31ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ea:37:e1:a9:50:07:82:bc:73:34:6a:00:48:
1d:d0:c2:e5:ef:3e:e9:36:3f:54:93:51:08:ec:a4:
da:19:6c:2d:d0:09:0e:de:4d:87:f2:56:70:33:df:
af:4a:09:53:3b:75:a6:48:c7:c8:77:b2:01:94:91:
9c:f2:6e:4c:bb:8c:1b:a7:cc:d5:e1:8e:2e:b5:9b:
e2:70:ae:b3:a7:9a:21:62:c9:d5:7c:fb:d6:0f:bc:
9a:35:c5:77:47:21:80:23:2a:7d:53:83:be:02:9d:
9a:90:12:ad:f9:78:d5:45:8c:e4:05:44:73:7a:c1:
2d:23:75:78:f3:2d:97:b0:2d:3b:6b:5c:45:38:03:
0e:3a:e4:0e:f7:bf:b6:3b:4d:32:22:98:13:e5:18:
ab:ab:fe:02:50:5e:5a:8e:78:33:5d:a7:d2:8d:5d:
5c:a0:94:a5:56:4e:a1:23:25:8a:f2:e3:51:0a:4f:
55:f5:e4:9f:37:67:8d:79:4d:5e:95:36:95:51:22:
3a:2d:26:d8:c9:e1:b2:83:df:fa:25:05:ad:cd:34:
22:d7:76:1e:01:8e:1f:c5:93:d8:4c:4a:34:5c:84:
73:e7:5c:66:6b:d4:a6:41:65:35:a2:9b:ca:08:6b:
0e:3a:bd:a0:20:18:1f:50:16:b0:ce:b1:8a:28:82:
7c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:16:A5:25:BB:29:11:CE:A6:D7:1F:20:A5:DE:F1:A5:04:37:15:28
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/620C830C1C5311F0A41A5AF3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.6.0/23
Signature Algorithm: sha256WithRSAEncryption
46:c8:d2:9f:db:bc:1b:9a:d2:f7:4f:19:7b:75:12:4a:00:96:
20:cc:52:5e:74:3d:da:76:2c:f1:f9:16:9a:9a:20:4b:fe:b8:
70:ad:29:66:8f:c4:d6:ec:d4:6c:e0:e4:e6:2a:ae:95:cd:37:
64:7c:b5:87:56:4d:b0:5c:e0:dd:39:ec:87:66:a6:63:e5:45:
9c:db:31:cc:7d:76:7f:a3:40:94:0f:c2:08:a4:86:82:e6:6c:
13:39:31:08:d7:7e:ab:01:5d:9b:31:36:fd:ce:fd:12:e7:69:
29:9c:32:bb:f3:eb:d3:a0:81:77:8f:b1:e6:15:59:77:28:bc:
3b:bb:70:76:97:c3:73:a4:d9:5d:f6:40:33:9f:fe:12:51:40:
12:24:7f:f9:1b:77:fd:ef:c7:3e:08:50:aa:cf:11:47:3a:b7:
64:3d:b9:2e:83:54:07:7c:0c:54:17:b7:09:8b:8d:10:1a:d3:
07:69:d5:c9:b5:e4:63:cd:0b:4b:17:10:04:6e:89:10:70:fc:
be:fc:3c:6f:ea:10:38:11:82:7b:87:e1:1f:77:42:69:80:5e:
3d:ac:51:8c:5f:20:68:31:90:ad:46:ad:69:98:8e:2b:8d:85:
60:27:7a:6d:fa:c9:19:01:cf:4b:09:21:98:bc:65:e0:3a:a9:
f9:f3:f1:09
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUzkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE4MTI0ODA2WhcNMjYwNDI2MTI0ODA2WjAYMRYw
FAYDVQQDEw02ODAyNGEwYS0zMWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtOo34alQB4K8czRqAEgd0MLl7z7pNj9Uk1EI7KTaGWwt0AkO3k2H8lZw
M9+vSglTO3WmSMfId7IBlJGc8m5Mu4wbp8zV4Y4utZvicK6zp5ohYsnVfPvWD7ya
NcV3RyGAIyp9U4O+Ap2akBKt+XjVRYzkBURzesEtI3V48y2XsC07a1xFOAMOOuQO
97+2O00yIpgT5Rirq/4CUF5ajngzXafSjV1coJSlVk6hIyWK8uNRCk9V9eSfN2eN
eU1elTaVUSI6LSbYyeGyg9/6JQWtzTQi13YeAY4fxZPYTEo0XIRz51xma9SmQWU1
opvKCGsOOr2gIBgfUBawzrGKKIJ8KQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLYW
pSW7KRHOptcfIKXe8aUENxUoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MjBDODMwQzFDNTMxMUYwQTQxQTVBRjNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcgGMA0GCSqGSIb3DQEBCwUA
A4IBAQBGyNKf27wbmtL3Txl7dRJKAJYgzFJedD3adizx+RaamiBL/rhwrSlmj8TW
7NRs4OTmKq6VzTdkfLWHVk2wXODdOeyHZqZj5UWc2zHMfXZ/o0CUD8IIpIaC5mwT
OTEI136rAV2bMTb9zv0S52kpnDK78+vToIF3j7HmFVl3KLw7u3B2l8NzpNld9kAz
n/4SUUASJH/5G3f978c+CFCqzxFHOrdkPbkug1QHfAxUF7cJi40QGtMHadXJteRj
zQtLFxAEbokQcPy+/Dxv6hA4EYJ7h+Efd0JpgF49rFGMXyBoMZCtRq1pmI4rjYVg
J3pt+skZAc9LCSGYvGXgOqn58/EJ
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:54:49 2025 by rpki-client on console.sobornost.net