Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/27E38024151211F0812EE11F6EB8BCC6.roa
File: 27E38024151211F0812EE11F6EB8BCC6.roa (raw, json)
Hash identifier: BZ6bbAEZJOsDMNFO9vpL7tbbVW6wGi0g0ohCuSTbnbw=
Subject key identifier: FE:0A:FB:12:15:F9:85:E4:47:F0:D0:56:5D:F3:37:25:47:4B:4A:27
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014B16
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/27E38024151211F0812EE11F6EB8BCC6.roa
Signing time: Wed 09 Apr 2025 07:13:37 +0000
ROA not before: Wed 09 Apr 2025 07:13:33 +0000
ROA not after: Thu 09 Apr 2026 07:13:33 +0000
asID: 132513
IP address blocks: 45.207.164.0/24 maxlen: 24
45.207.165.0/24 maxlen: 24
45.207.166.0/24 maxlen: 24
45.207.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 16 Apr 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84758 (0x14b16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 9 07:13:33 2025 GMT
Not After : Apr 9 07:13:33 2026 GMT
Subject: CN=67f61e21-b62e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c9:c7:11:53:da:de:76:bc:92:f7:b7:d1:63:
45:68:d8:40:57:4f:0d:02:ee:c4:a2:77:1d:54:b4:
ba:e4:97:78:ef:ff:d7:e5:7b:7c:8b:e1:81:4c:de:
ed:ee:94:8d:75:15:27:70:c9:f4:9d:93:22:53:bc:
e0:ce:69:53:a6:4d:e8:6d:17:ed:4a:5a:fc:c5:1b:
cd:9d:4e:0e:4e:6b:7e:f2:67:26:a7:6c:2b:00:8a:
a6:31:97:9b:aa:37:ec:47:8d:b9:73:67:d2:f3:30:
04:af:71:72:7a:95:56:28:6c:1b:f7:38:ff:89:93:
4b:fb:9e:a3:f0:34:36:8c:d6:0f:98:12:fa:b9:1e:
c3:52:30:f9:50:e1:04:32:89:b5:4b:b2:74:50:d5:
2c:eb:fe:71:4f:32:b9:3b:18:c6:8d:63:ff:f8:74:
61:20:3f:48:0a:ce:4b:b0:a9:1f:76:2d:a3:94:62:
32:8d:30:1f:54:cc:58:97:a3:b3:b0:23:82:18:cb:
93:ac:6a:1b:15:99:ad:96:da:b9:b2:2f:54:ed:dd:
8c:2b:e9:0b:c3:45:fb:4d:11:d0:bf:fd:4a:68:c9:
a3:b3:7a:78:2f:d0:43:c8:44:b6:1f:30:c9:27:9e:
a0:ac:ff:33:70:16:3c:86:6f:6b:6d:21:6a:3a:81:
2c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:0A:FB:12:15:F9:85:E4:47:F0:D0:56:5D:F3:37:25:47:4B:4A:27
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/27E38024151211F0812EE11F6EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.164.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:e0:00:24:07:2a:fe:87:93:34:3e:c5:2a:5f:a2:9c:6f:cb:
ad:34:fc:89:69:7b:24:a7:cd:ee:c1:74:62:ed:f9:93:3c:7d:
6c:4a:ec:a4:7d:d9:ef:1a:5e:ad:32:fd:bb:c2:ce:3f:da:08:
65:f2:22:dc:aa:92:e6:a0:95:a1:14:4a:a9:23:7d:21:46:b7:
ff:e3:72:2a:ec:7a:1d:db:ce:2c:d2:2f:33:56:5a:42:64:6c:
33:9f:c6:19:69:9e:38:5f:5f:c8:f7:db:51:0a:ad:8d:b7:3b:
ad:9a:31:ed:36:e9:fc:1a:70:77:8e:ea:45:88:3d:cd:3f:2b:
34:30:08:21:79:9a:ba:30:f8:ca:9b:93:b9:6e:91:d1:41:d3:
7d:68:1e:1a:d4:d4:95:d6:dd:e2:81:16:3e:e3:81:26:2b:f6:
19:26:c8:55:af:6c:16:f0:5a:72:91:9c:6f:09:ce:aa:76:b1:
e1:bd:8c:0a:85:89:34:d0:7a:21:c5:80:5e:97:92:9b:ad:ff:
9a:f0:c3:1e:1a:4b:90:fb:92:79:ce:12:74:28:6d:1f:84:1e:
95:1a:75:88:85:9d:b7:1f:57:7f:45:0d:35:f6:50:51:72:61:
36:53:d4:12:67:2c:50:69:7b:83:f4:db:f8:21:c7:f7:9f:0b:
7d:1b:2a:2c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUsWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA5MDcxMzMzWhcNMjYwNDA5MDcxMzMzWjAYMRYw
FAYDVQQDEw02N2Y2MWUyMS1iNjJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmcnHEVPa3na8kve30WNFaNhAV08NAu7EoncdVLS65Jd47//X5Xt8i+GB
TN7t7pSNdRUncMn0nZMiU7zgzmlTpk3obRftSlr8xRvNnU4OTmt+8mcmp2wrAIqm
MZebqjfsR425c2fS8zAEr3FyepVWKGwb9zj/iZNL+56j8DQ2jNYPmBL6uR7DUjD5
UOEEMom1S7J0UNUs6/5xTzK5OxjGjWP/+HRhID9ICs5LsKkfdi2jlGIyjTAfVMxY
l6OzsCOCGMuTrGobFZmtltq5si9U7d2MK+kLw0X7TRHQv/1KaMmjs3p4L9BDyES2
HzDJJ56grP8zcBY8hm9rbSFqOoEsXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP4K
+xIV+YXkR/DQVl3zNyVHS0onMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yN0UzODAyNDE1MTIxMUYwODEyRUUxMUY2RUI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLc+kMA0GCSqGSIb3DQEBCwUA
A4IBAQBd4AAkByr+h5M0PsUqX6Kcb8utNPyJaXskp83uwXRi7fmTPH1sSuykfdnv
Gl6tMv27ws4/2ghl8iLcqpLmoJWhFEqpI30hRrf/43Iq7Hod284s0i8zVlpCZGwz
n8YZaZ44X1/I99tRCq2NtzutmjHtNun8GnB3jupFiD3NPys0MAgheZq6MPjKm5O5
bpHRQdN9aB4a1NSV1t3igRY+44EmK/YZJshVr2wW8FpykZxvCc6qdrHhvYwKhYk0
0HohxYBel5Kbrf+a8MMeGkuQ+5J5zhJ0KG0fhB6VGnWIhZ23H1d/RQ019lBRcmE2
U9QSZyxQaXuD9Nv4Icf3nwt9Gyos
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:00:04 2025 by rpki-client