Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F4F2B70F41F11EFB9F77F5F762E951A.roa
File: 1F4F2B70F41F11EFB9F77F5F762E951A.roa (raw, json)
Hash identifier: EuOKguC5nE253pTsYdq6TfAwItjuVC6sxCGka4euork=
Subject key identifier: E8:9A:6B:37:49:38:F4:75:E8:2B:FE:5C:3B:B7:B3:C3:45:78:E7:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01302E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F4F2B70F41F11EFB9F77F5F762E951A.roa
Signing time: Wed 26 Feb 2025 08:53:18 +0000
ROA not before: Wed 26 Feb 2025 08:53:14 +0000
ROA not after: Sat 19 Feb 2028 08:53:14 +0000
asID: 17561
IP address blocks: 45.202.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77870 (0x1302e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 08:53:14 2025 GMT
Not After : Feb 19 08:53:14 2028 GMT
Subject: CN=67bed67e-5633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f7:40:77:78:b1:21:03:ee:23:28:15:26:2c:
cd:b9:35:97:93:f7:2d:1b:b0:aa:b1:72:35:e0:94:
70:47:f5:a2:06:e6:7c:03:90:34:e3:07:01:ae:7f:
fc:88:9d:8c:93:20:02:7f:d4:04:42:17:27:9b:a4:
a2:3b:56:cb:6e:43:66:c2:4d:57:54:08:72:ad:25:
8e:7c:7e:b3:0e:70:7a:19:45:8f:86:14:e9:ef:90:
f1:c4:91:a5:4f:b9:a4:51:9e:9f:9b:26:12:f0:15:
5a:eb:60:6f:94:8f:cd:46:1b:b5:92:c8:30:6b:74:
e3:18:9f:d9:06:27:e5:05:8f:81:ae:af:e0:fc:d9:
be:64:60:c4:a4:de:66:9e:5f:4e:c0:ed:59:05:b3:
8a:2b:19:20:ad:0e:9c:74:24:ed:13:4b:a6:fa:ac:
9e:76:25:f0:71:1b:91:f7:d6:d1:b7:e0:62:2c:bd:
26:48:9c:98:82:42:4b:dd:00:8b:05:ad:b8:08:e4:
3b:72:d0:5e:89:51:3e:35:40:c9:0c:aa:7a:a1:e5:
61:c9:14:91:d6:d9:62:dc:a0:8f:38:90:10:52:c7:
c4:44:59:45:f9:99:b7:a7:c4:27:4f:23:76:fc:78:
61:4a:ee:b5:55:7b:7b:13:12:73:65:cd:d9:5d:32:
f3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:9A:6B:37:49:38:F4:75:E8:2B:FE:5C:3B:B7:B3:C3:45:78:E7:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F4F2B70F41F11EFB9F77F5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.193.0/24
Signature Algorithm: sha256WithRSAEncryption
af:df:7c:0b:e0:c5:6e:4f:d0:e6:d9:b0:65:31:0e:73:9e:8b:
ca:9f:a4:43:36:3d:22:65:60:af:bd:38:d5:1f:2e:d6:9f:4e:
57:e1:f6:d8:28:e2:1f:76:65:0a:a7:dc:7e:e1:7c:d9:5a:8e:
38:4c:ce:6b:7f:50:67:dd:83:fe:01:0e:24:4c:08:c2:94:54:
2a:be:27:05:da:41:ed:d0:27:7b:7b:44:91:27:e1:fd:5d:5c:
d1:1c:23:92:a3:4d:f8:de:08:29:d2:b2:af:54:8a:0e:96:9a:
7f:f2:57:00:63:00:5f:71:be:0f:4c:6e:ae:1f:a2:4e:6e:44:
3f:a3:b6:a3:cc:e9:55:9a:25:9b:8a:e6:42:9c:29:44:51:ac:
4f:f6:c5:bf:49:8b:cb:cb:a1:3d:e3:cb:31:ca:c0:e4:cc:79:
f2:bd:a6:06:d0:c3:11:f8:16:db:06:a3:62:3d:3b:8e:34:03:
76:d2:87:7e:ad:34:ce:49:e5:d5:e6:3f:cd:16:ff:a9:58:3d:
81:66:9f:c0:b6:6d:d2:a9:d0:02:33:45:0f:99:c3:1f:1d:3a:
38:19:6d:c4:b6:41:bd:8c:2d:c7:60:99:d2:1d:c9:90:e9:80:
f0:3e:42:bd:ea:35:de:ac:a8:18:5b:40:79:25:20:1e:31:5c:
57:4d:3e:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATAuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MDg1MzE0WhcNMjgwMjE5MDg1MzE0WjAYMRYw
FAYDVQQDEw02N2JlZDY3ZS01NjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1fdAd3ixIQPuIygVJizNuTWXk/ctG7CqsXI14JRwR/WiBuZ8A5A04wcB
rn/8iJ2MkyACf9QEQhcnm6SiO1bLbkNmwk1XVAhyrSWOfH6zDnB6GUWPhhTp75Dx
xJGlT7mkUZ6fmyYS8BVa62BvlI/NRhu1ksgwa3TjGJ/ZBiflBY+Brq/g/Nm+ZGDE
pN5mnl9OwO1ZBbOKKxkgrQ6cdCTtE0um+qyediXwcRuR99bRt+BiLL0mSJyYgkJL
3QCLBa24COQ7ctBeiVE+NUDJDKp6oeVhyRSR1tli3KCPOJAQUsfERFlF+Zm3p8Qn
TyN2/HhhSu61VXt7ExJzZc3ZXTLz9wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOia
azdJOPR16Cv+XDu3s8NFeOeoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRjRGMkI3MEY0MUYxMUVGQjlGNzdGNUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcrBMA0GCSqGSIb3DQEBCwUA
A4IBAQCv33wL4MVuT9Dm2bBlMQ5znovKn6RDNj0iZWCvvTjVHy7Wn05X4fbYKOIf
dmUKp9x+4XzZWo44TM5rf1Bn3YP+AQ4kTAjClFQqvicF2kHt0Cd7e0SRJ+H9XVzR
HCOSo0343ggp0rKvVIoOlpp/8lcAYwBfcb4PTG6uH6JObkQ/o7ajzOlVmiWbiuZC
nClEUaxP9sW/SYvLy6E948sxysDkzHnyvaYG0MMR+BbbBqNiPTuONAN20od+rTTO
SeXV5j/NFv+pWD2BZp/Atm3SqdACM0UPmcMfHTo4GW3EtkG9jC3HYJnSHcmQ6YDw
PkK96jXerKgYW0B5JSAeMVxXTT5j
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:06 2025 by rpki-client