Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3475E020088311F0828E72BF762E951A.roa
File: 3475E020088311F0828E72BF762E951A.roa (raw, json)
Hash identifier: jGc6ExkXdsiJlDozu2Hnq9an+Xsicew8lc1YJDQBRTs=
Subject key identifier: 35:0A:9D:5D:8A:E0:30:BE:75:8D:C3:57:71:F7:F3:44:BD:59:D9:9C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0147CB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3475E020088311F0828E72BF762E951A.roa
Signing time: Mon 24 Mar 2025 07:40:06 +0000
ROA not before: Mon 24 Mar 2025 07:40:02 +0000
ROA not after: Mon 07 Apr 2025 07:40:02 +0000
asID: 213570
IP address blocks: 45.195.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83915 (0x147cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 24 07:40:02 2025 GMT
Not After : Apr 7 07:40:02 2025 GMT
Subject: CN=67e10c56-a7a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:4e:3d:da:29:3c:b0:53:8e:16:b8:be:d7:4d:
9c:35:50:0e:4f:bf:77:c9:9b:fb:a4:ce:d7:28:66:
57:dc:e7:da:ce:50:26:93:4e:a4:c9:36:5d:fc:9d:
77:13:8b:08:64:e2:8d:5f:41:fb:27:28:65:9a:b6:
dd:d0:f8:48:68:4e:6e:e8:70:1f:31:74:28:5a:ec:
b9:b0:8e:c1:92:71:d2:1b:41:25:cf:87:81:1d:ca:
e4:e3:a0:22:24:56:63:61:11:b7:6a:49:6e:31:03:
7b:5a:da:02:01:1b:b9:30:ce:2d:22:61:3b:89:3a:
19:ba:de:31:ff:9f:de:c6:a5:2e:0f:89:5a:b9:24:
2a:45:3c:47:98:92:20:28:a6:ec:ec:15:1d:c9:c6:
c8:e8:1f:2b:83:e3:63:22:cf:06:82:96:ac:6c:24:
1b:36:5b:f6:a5:a6:b0:14:a6:ad:bd:e5:4b:f6:7d:
fa:89:ca:36:af:df:74:6e:a3:70:55:82:07:c2:32:
64:37:30:73:bf:85:0b:1b:74:fd:99:08:bc:b8:b9:
a9:9c:7f:21:30:a0:f2:ee:53:18:2a:4e:23:f8:aa:
ec:f2:8a:1f:13:b5:72:b2:06:d3:9b:e9:46:cb:07:
8f:23:e7:47:bf:dc:8a:8b:77:ff:18:5a:b3:90:4d:
70:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0A:9D:5D:8A:E0:30:BE:75:8D:C3:57:71:F7:F3:44:BD:59:D9:9C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3475E020088311F0828E72BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.14.0/24
Signature Algorithm: sha256WithRSAEncryption
95:a5:63:50:1a:e3:d9:50:7f:98:3d:45:8b:29:60:21:90:6f:
84:d7:24:63:7f:59:23:e2:27:ab:8e:5b:65:a8:9d:4a:e1:81:
8f:74:d8:dc:0a:af:15:9b:dc:25:1f:1a:e1:d8:35:eb:f7:58:
58:b8:7e:6b:1d:59:31:a9:1c:78:81:37:f5:da:a0:6f:c8:d6:
b1:c3:07:0a:84:fc:59:7f:b5:65:02:80:19:5d:47:7d:ce:09:
f1:22:a0:fb:c2:85:c1:d6:d1:ad:a6:b2:d2:e4:c6:40:de:df:
4c:76:05:8b:76:8b:61:ed:b1:d8:06:94:a7:b2:f3:28:ff:6e:
bd:e8:95:5e:56:54:55:4a:d9:b3:88:23:49:9e:a2:e3:7a:34:
3d:3f:bf:d5:02:9c:a4:38:5f:ae:3d:9e:1c:a3:3e:0e:c1:6e:
3d:2b:45:45:b9:94:82:68:05:43:4d:b1:3d:2c:56:38:c9:54:
0e:fc:75:c9:7c:81:59:72:89:57:aa:53:62:ca:65:89:4f:38:
f3:ed:73:84:12:39:bb:94:b3:71:55:e2:6e:67:ec:81:f7:1d:
43:69:33:6e:c3:e7:b2:18:b1:ca:22:13:4b:eb:72:3d:20:92:
f4:12:f3:3c:95:1e:4c:1d:5d:6d:22:a1:e1:ed:b8:8a:74:71:
8e:33:8f:58
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUfLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI0MDc0MDAyWhcNMjUwNDA3MDc0MDAyWjAYMRYw
FAYDVQQDEw02N2UxMGM1Ni1hN2ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5E492ik8sFOOFri+102cNVAOT793yZv7pM7XKGZX3OfazlAmk06kyTZd
/J13E4sIZOKNX0H7Jyhlmrbd0PhIaE5u6HAfMXQoWuy5sI7BknHSG0Elz4eBHcrk
46AiJFZjYRG3akluMQN7WtoCARu5MM4tImE7iToZut4x/5/exqUuD4lauSQqRTxH
mJIgKKbs7BUdycbI6B8rg+NjIs8GgpasbCQbNlv2paawFKatveVL9n36ico2r990
bqNwVYIHwjJkNzBzv4ULG3T9mQi8uLmpnH8hMKDy7lMYKk4j+Krs8oofE7VysgbT
m+lGywePI+dHv9yKi3f/GFqzkE1wQwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDUK
nV2K4DC+dY3DV3H380S9WdmcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNDc1RTAyMDA4ODMxMUYwODI4RTcyQkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcMOMA0GCSqGSIb3DQEBCwUA
A4IBAQCVpWNQGuPZUH+YPUWLKWAhkG+E1yRjf1kj4ierjltlqJ1K4YGPdNjcCq8V
m9wlHxrh2DXr91hYuH5rHVkxqRx4gTf12qBvyNaxwwcKhPxZf7VlAoAZXUd9zgnx
IqD7woXB1tGtprLS5MZA3t9MdgWLdoth7bHYBpSnsvMo/2696JVeVlRVStmziCNJ
nqLjejQ9P7/VApykOF+uPZ4coz4OwW49K0VFuZSCaAVDTbE9LFY4yVQO/HXJfIFZ
colXqlNiymWJTzjz7XOEEjm7lLNxVeJuZ+yB9x1DaTNuw+eyGLHKIhNL63I9IJL0
EvM8lR5MHV1tIqHh7biKdHGOM49Y
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:56 2025 by rpki-client