Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A289A5A00B811F0B3BFCC91762E951A.roa
File: 1A289A5A00B811F0B3BFCC91762E951A.roa (raw, json)
Hash identifier: wBg1rBy+bZJdUn5tGFVfcGV+vgTQZSiLjH0XDxX7+wE=
Subject key identifier: 30:41:9A:EA:14:73:2B:D4:E5:B1:61:D7:3F:27:E6:3E:47:AD:29:93
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0145C8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A289A5A00B811F0B3BFCC91762E951A.roa
Signing time: Fri 14 Mar 2025 09:38:36 +0000
ROA not before: Fri 14 Mar 2025 09:38:32 +0000
ROA not after: Tue 22 Apr 2025 09:38:32 +0000
asID: 273222
IP address blocks: 45.194.7.0/24 maxlen: 24
45.194.8.0/23 maxlen: 24
45.194.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83400 (0x145c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 14 09:38:32 2025 GMT
Not After : Apr 22 09:38:32 2025 GMT
Subject: CN=67d3f91c-10df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:89:d9:0b:d9:25:75:aa:1c:de:5b:ab:29:12:
d5:c1:77:7b:32:83:52:e2:93:67:76:54:67:0b:71:
dc:4e:8b:59:d4:c1:4e:0f:57:56:9a:93:aa:49:15:
db:9c:e3:bb:2d:2d:5a:ae:a1:f1:d3:22:84:6d:38:
66:da:44:b4:32:db:82:8a:7b:67:3b:9c:6a:09:71:
0b:cf:06:c2:70:e0:28:fc:d0:09:54:38:0c:31:7c:
d4:91:ee:de:52:a7:d7:42:b7:1f:61:de:f6:33:08:
43:89:49:e6:41:70:6c:84:be:20:80:25:22:51:df:
0f:72:c6:50:b3:a4:fe:e4:af:5f:cd:9a:e8:b5:40:
16:e4:a7:ed:31:0c:f7:b9:fd:43:0a:e0:48:26:98:
35:74:a2:8b:95:5c:16:85:94:b9:d9:cb:23:1c:19:
c7:3c:b9:e2:29:ab:4b:7d:7e:fb:f6:b1:69:ef:41:
81:33:cd:78:89:6d:99:cc:d8:83:f8:fb:f3:ca:da:
92:4f:c8:57:b7:0c:d0:b5:01:c9:e7:13:40:99:d2:
fd:5a:08:26:a3:1b:b3:9f:70:e5:5e:7b:9c:77:99:
77:51:90:e5:be:b3:e3:d9:ab:b7:22:3d:02:b8:02:
f2:d9:c4:72:77:ac:ba:26:5e:85:89:93:7f:4f:24:
a6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:41:9A:EA:14:73:2B:D4:E5:B1:61:D7:3F:27:E6:3E:47:AD:29:93
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A289A5A00B811F0B3BFCC91762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.7.0-45.194.10.255
Signature Algorithm: sha256WithRSAEncryption
bb:cf:27:19:3d:d1:81:da:4b:fb:88:46:e7:84:c8:df:ac:81:
85:f0:f1:96:9b:fa:6c:49:07:09:d7:b5:46:d9:c4:98:50:3b:
88:8b:6d:16:e5:37:c3:78:0a:7d:25:2b:54:9f:e4:48:e8:ee:
4b:5e:d7:63:a8:aa:ad:56:d3:3a:8b:0b:c2:2e:64:19:79:c3:
e9:74:7f:0b:88:ee:44:53:b7:81:e5:ec:a2:64:a1:07:09:3b:
22:90:cb:0a:8d:57:27:70:80:c5:8a:e5:78:78:ba:e7:e3:fb:
b3:6d:a5:15:f7:b1:d6:f6:c2:cd:68:6c:e7:a1:16:af:22:23:
67:0b:c1:6f:51:12:a9:dc:ce:b6:46:69:e6:f4:dd:89:bc:ab:
ef:b0:28:09:c0:3e:0d:60:04:04:6f:a4:4c:56:a0:c4:36:86:
4b:b7:1f:28:d4:ac:62:d7:ec:3c:85:d3:f7:c6:b2:29:69:be:
29:c6:f0:6b:b2:8d:d5:29:94:0d:c1:0e:6b:6c:10:49:67:b7:
04:1c:77:21:0c:eb:83:5b:79:59:87:3d:ee:c5:59:3c:bc:4e:
86:99:65:8b:88:79:71:b5:04:2e:65:dc:6c:f7:bf:8b:6d:89:
07:d3:7d:ac:ba:76:96:74:52:70:8c:25:be:d3:d9:f9:f4:83:
54:82:22:3c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUXIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE0MDkzODMyWhcNMjUwNDIyMDkzODMyWjAYMRYw
FAYDVQQDEw02N2QzZjkxYy0xMGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9YnZC9kldaoc3lurKRLVwXd7MoNS4pNndlRnC3HcTotZ1MFOD1dWmpOq
SRXbnOO7LS1arqHx0yKEbThm2kS0MtuCintnO5xqCXELzwbCcOAo/NAJVDgMMXzU
ke7eUqfXQrcfYd72MwhDiUnmQXBshL4ggCUiUd8PcsZQs6T+5K9fzZrotUAW5Kft
MQz3uf1DCuBIJpg1dKKLlVwWhZS52csjHBnHPLniKatLfX779rFp70GBM814iW2Z
zNiD+PvzytqST8hXtwzQtQHJ5xNAmdL9Wggmoxuzn3DlXnucd5l3UZDlvrPj2au3
Ij0CuALy2cRyd6y6Jl6FiZN/TySmhQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDBB
muoUcyvU5bFh1z8n5j5HrSmTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQTI4OUE1QTAwQjgxMUYwQjNCRkNDOTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtwgcDBAAtwgowDQYJKoZI
hvcNAQELBQADggEBALvPJxk90YHaS/uIRueEyN+sgYXw8Zab+mxJBwnXtUbZxJhQ
O4iLbRblN8N4Cn0lK1Sf5Ejo7kte12Ooqq1W0zqLC8IuZBl5w+l0fwuI7kRTt4Hl
7KJkoQcJOyKQywqNVydwgMWK5Xh4uufj+7NtpRX3sdb2ws1obOehFq8iI2cLwW9R
EqnczrZGaeb03Ym8q++wKAnAPg1gBARvpExWoMQ2hku3HyjUrGLX7DyF0/fGsilp
vinG8GuyjdUplA3BDmtsEElntwQcdyEM64NbeVmHPe7FWTy8ToaZZYuIeXG1BC5l
3Gz3v4ttiQfTfay6dpZ0UnCMJb7T2fn0g1SCIjw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:50 2025 by rpki-client