Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C9FA1E2F46711EF99A1EB57762E951A.roa
File: 0C9FA1E2F46711EF99A1EB57762E951A.roa (raw, json)
Hash identifier: T5+jusMxcpD19Kf/DqXyQeMboqMXJMpedUxfm4cjfik=
Subject key identifier: 2E:71:E6:57:15:1A:0A:55:10:30:D1:0D:34:49:36:10:C0:67:58:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013598
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C9FA1E2F46711EF99A1EB57762E951A.roa
Signing time: Wed 26 Feb 2025 17:28:10 +0000
ROA not before: Wed 26 Feb 2025 17:28:06 +0000
ROA not after: Thu 19 Feb 2026 17:28:06 +0000
asID: 984
IP address blocks: 45.201.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79256 (0x13598)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 17:28:06 2025 GMT
Not After : Feb 19 17:28:06 2026 GMT
Subject: CN=67bf4f2a-6dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c6:7c:92:a5:2b:a6:33:80:56:02:f3:bd:9f:
c5:b4:85:b9:15:7b:98:ab:9c:03:69:5b:10:3b:f2:
f1:6c:9b:83:c9:d4:2e:f9:b1:6a:60:04:3e:cb:1f:
93:8d:6c:d9:c8:b3:7c:6d:d3:c2:9c:c6:47:26:1a:
40:5f:7b:6d:0e:8e:6b:79:de:2e:f1:e4:fa:da:45:
0c:db:af:8d:5f:67:53:31:0a:e5:52:44:27:92:90:
44:96:00:15:4a:86:ad:53:1b:6c:fb:4c:76:5f:56:
50:84:3c:f9:f2:99:24:44:27:2d:90:43:40:fc:e0:
c2:d5:ec:c4:f5:cd:28:bf:1e:3c:1f:34:bb:49:63:
1d:51:c5:38:fb:de:0c:ef:d5:c5:c1:54:30:2f:cb:
93:52:1a:6e:a4:27:b9:d7:87:e0:1b:ef:5a:10:26:
84:7c:28:80:ef:0c:26:e8:fe:6c:4f:0e:1c:7d:40:
cc:a6:e8:e1:29:7f:34:7a:7e:f9:f0:f5:d7:e1:2f:
2d:88:3f:fc:9f:e6:1c:14:c1:e0:c7:06:13:11:b7:
0f:bc:05:a7:65:12:ec:b7:07:40:eb:45:d8:89:3b:
38:55:7c:24:69:ee:ea:22:66:4e:89:ee:d6:86:31:
ea:c1:33:4b:ee:96:8e:2b:5c:ba:ca:b4:34:b9:48:
79:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:71:E6:57:15:1A:0A:55:10:30:D1:0D:34:49:36:10:C0:67:58:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C9FA1E2F46711EF99A1EB57762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.44.0/24
Signature Algorithm: sha256WithRSAEncryption
67:45:1d:88:28:96:33:64:87:46:e1:0c:1e:6d:71:4b:e1:b6:
22:37:05:55:dc:90:fe:fb:fe:fd:cf:5f:58:34:4b:6b:ad:b5:
b4:15:bb:b9:ae:89:e4:99:d7:15:8e:3a:f6:43:8b:08:3d:db:
1c:b9:40:b2:5a:4b:7f:a0:1c:97:5b:0e:b8:5f:93:97:43:46:
2c:55:2d:01:9d:4d:fa:ce:ca:a8:1f:f8:a3:63:27:88:4b:b8:
f8:ee:6a:c8:81:9e:41:1d:91:b5:55:af:9b:9c:c4:e5:fa:f8:
f2:3b:eb:36:9b:ee:15:73:73:ab:cd:c5:64:df:45:ed:f5:02:
36:c9:c4:50:36:14:fe:52:d3:a9:0b:d6:32:1c:77:06:c3:83:
cf:cd:7c:6d:d8:89:a0:a5:0c:4e:ba:1a:9d:8b:a6:45:3c:a7:
85:e3:4f:c3:12:97:34:e4:6f:13:ac:c7:6f:5f:b2:0e:f8:38:
7f:17:6b:6d:f6:4e:c0:89:9b:51:22:1c:15:a8:74:52:80:1e:
fb:a6:d4:90:a4:36:ea:c8:00:50:f7:4f:d6:14:ec:b1:2f:41:
ca:12:9b:ec:69:2c:44:4b:b3:5d:48:fb:c1:92:8a:a4:46:d9:
e2:29:7a:e8:67:b7:29:19:10:c4:9a:bb:62:63:d4:31:09:f0:
74:46:66:26
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATWYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTcyODA2WhcNMjYwMjE5MTcyODA2WjAYMRYw
FAYDVQQDEw02N2JmNGYyYS02ZGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoMZ8kqUrpjOAVgLzvZ/FtIW5FXuYq5wDaVsQO/LxbJuDydQu+bFqYAQ+
yx+TjWzZyLN8bdPCnMZHJhpAX3ttDo5red4u8eT62kUM26+NX2dTMQrlUkQnkpBE
lgAVSoatUxts+0x2X1ZQhDz58pkkRCctkENA/ODC1ezE9c0ovx48HzS7SWMdUcU4
+94M79XFwVQwL8uTUhpupCe514fgG+9aECaEfCiA7wwm6P5sTw4cfUDMpujhKX80
en758PXX4S8tiD/8n+YcFMHgxwYTEbcPvAWnZRLstwdA60XYiTs4VXwkae7qImZO
ie7WhjHqwTNL7paOK1y6yrQ0uUh5QwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC5x
5lcVGgpVEDDRDTRJNhDAZ1gGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQzlGQTFFMkY0NjcxMUVGOTlBMUVCNTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcksMA0GCSqGSIb3DQEBCwUA
A4IBAQBnRR2IKJYzZIdG4QwebXFL4bYiNwVV3JD++/79z19YNEtrrbW0Fbu5ronk
mdcVjjr2Q4sIPdscuUCyWkt/oByXWw64X5OXQ0YsVS0BnU36zsqoH/ijYyeIS7j4
7mrIgZ5BHZG1Va+bnMTl+vjyO+s2m+4Vc3OrzcVk30Xt9QI2ycRQNhT+UtOpC9Yy
HHcGw4PPzXxt2ImgpQxOuhqdi6ZFPKeF40/DEpc05G8TrMdvX7IO+Dh/F2tt9k7A
iZtRIhwVqHRSgB77ptSQpDbqyABQ90/WFOyxL0HKEpvsaSxES7NdSPvBkoqkRtni
KXroZ7cpGRDEmrtiY9QxCfB0RmYm
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:47 2025 by rpki-client