Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42FDEE86FB3011EFB086DD8B762E951A.roa
File: 42FDEE86FB3011EFB086DD8B762E951A.roa (raw, json)
Hash identifier: ehwKPSppPN3fuYjFWZx3ctRCzHvZH+74a9muPWYRtSw=
Subject key identifier: B5:22:88:A3:28:6D:AB:95:61:EF:FB:85:E9:CD:8E:71:69:1C:49:FF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0143EA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42FDEE86FB3011EFB086DD8B762E951A.roa
Signing time: Fri 07 Mar 2025 08:43:37 +0000
ROA not before: Fri 07 Mar 2025 08:43:33 +0000
ROA not after: Sat 12 Apr 2025 08:43:33 +0000
asID: 8796
IP address blocks: 45.207.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82922 (0x143ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 7 08:43:33 2025 GMT
Not After : Apr 12 08:43:33 2025 GMT
Subject: CN=67cab1b9-34ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ce:91:18:28:7a:33:fa:87:40:55:f9:01:ec:
ee:a7:6e:7d:e6:d8:d7:66:58:b9:e3:b8:f5:c2:9e:
8c:09:56:2c:ca:3a:4f:9d:17:6a:e0:9a:79:4f:8a:
16:52:1c:cd:30:01:2c:ea:4d:c4:d1:18:d2:f8:ca:
37:e9:90:3d:ff:aa:2e:8d:ff:db:6d:2c:a2:44:7b:
f2:be:2e:f7:21:42:db:41:f2:b5:23:a4:c0:f9:15:
d5:14:69:50:ed:de:14:7f:b2:8f:79:8e:1d:1a:b6:
50:4b:a5:c3:05:98:1e:b4:76:14:c6:7a:e9:55:53:
c1:d0:48:ec:65:3e:bf:bc:30:86:06:76:fe:e3:5c:
ba:cf:57:07:72:80:02:59:3a:0a:b7:29:cb:b3:cc:
33:cd:37:20:6a:7b:4f:9d:3e:a8:66:c3:11:60:4e:
83:57:3d:cb:d7:cc:68:6d:1b:40:84:b5:04:cb:65:
b3:f6:38:92:ec:f7:18:d7:aa:ee:28:4c:ca:0b:8e:
74:68:f6:01:66:39:ce:66:ce:fd:62:54:ce:35:56:
fa:38:60:d5:81:a3:14:08:b9:92:57:a9:b0:58:14:
f7:6a:ec:f7:57:95:1e:40:c7:7e:85:f0:f1:41:13:
a7:67:39:b0:cc:67:2d:95:b0:cf:51:33:1c:17:8a:
9c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:22:88:A3:28:6D:AB:95:61:EF:FB:85:E9:CD:8E:71:69:1C:49:FF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42FDEE86FB3011EFB086DD8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
9f:98:64:df:c6:54:d9:f8:62:0f:5f:20:b8:f6:50:7a:ca:ef:
fc:c9:7a:6a:dd:a7:4c:95:ec:73:fe:20:f4:29:be:d4:4f:99:
68:33:ac:55:7e:06:9c:0b:2e:3c:f7:a6:cb:c5:d6:bd:26:d8:
29:2f:da:e9:50:94:ad:9b:4e:ec:69:ee:a3:2a:43:33:bf:38:
c7:e8:f5:c9:a9:24:b6:06:f3:37:58:af:30:2b:37:11:c6:d1:
46:2d:3f:2f:30:8b:b6:a5:58:9a:97:b3:26:55:12:59:bb:8a:
cb:e5:0a:3a:dc:18:3d:7a:3c:4d:05:58:01:84:78:fb:18:2c:
d6:80:9a:ab:01:bc:e7:0a:03:f3:27:c5:0c:85:63:ea:39:c8:
fe:32:f2:4a:39:f6:92:ba:a7:15:c0:61:0b:6c:31:30:e3:69:
21:84:cb:40:a5:4d:b9:90:4b:bf:ed:e4:77:11:62:14:be:86:
1b:10:e8:10:21:1b:bf:9b:3e:4d:1b:39:27:cf:23:96:47:f7:
f4:f0:44:1d:6e:24:69:ca:5e:1b:4f:a7:4c:78:c3:1d:a3:8d:
d1:60:13:7b:c8:8f:7b:7c:7f:49:5a:aa:e2:ee:74:0b:11:f7:
c9:99:db:3e:a3:87:4b:19:11:50:81:69:15:a5:00:12:da:22:
97:99:16:4c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUPqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA3MDg0MzMzWhcNMjUwNDEyMDg0MzMzWjAYMRYw
FAYDVQQDEw02N2NhYjFiOS0zNGZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuc6RGCh6M/qHQFX5Aezup2595tjXZli547j1wp6MCVYsyjpPnRdq4Jp5
T4oWUhzNMAEs6k3E0RjS+Mo36ZA9/6oujf/bbSyiRHvyvi73IULbQfK1I6TA+RXV
FGlQ7d4Uf7KPeY4dGrZQS6XDBZgetHYUxnrpVVPB0EjsZT6/vDCGBnb+41y6z1cH
coACWToKtynLs8wzzTcgantPnT6oZsMRYE6DVz3L18xobRtAhLUEy2Wz9jiS7PcY
16ruKEzKC450aPYBZjnOZs79YlTONVb6OGDVgaMUCLmSV6mwWBT3auz3V5UeQMd+
hfDxQROnZzmwzGctlbDPUTMcF4qcdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLUi
iKMobauVYe/7henNjnFpHEn/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MkZERUU4NkZCMzAxMUVGQjA4NkREOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLc/AMA0GCSqGSIb3DQEBCwUA
A4IBAQCfmGTfxlTZ+GIPXyC49lB6yu/8yXpq3adMlexz/iD0Kb7UT5loM6xVfgac
Cy4896bLxda9JtgpL9rpUJStm07sae6jKkMzvzjH6PXJqSS2BvM3WK8wKzcRxtFG
LT8vMIu2pVial7MmVRJZu4rL5Qo63Bg9ejxNBVgBhHj7GCzWgJqrAbznCgPzJ8UM
hWPqOcj+MvJKOfaSuqcVwGELbDEw42khhMtApU25kEu/7eR3EWIUvoYbEOgQIRu/
mz5NGzknzyOWR/f08EQdbiRpyl4bT6dMeMMdo43RYBN7yI97fH9JWqri7nQLEffJ
mds+o4dLGRFQgWkVpQAS2iKXmRZM
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:42 2025 by rpki-client