Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/450DA8A8F5B611EF87A91161762E951A.roa
File: 450DA8A8F5B611EF87A91161762E951A.roa (raw, json)
Hash identifier: jAMoYyi1RDvAe99TrgWGd93C1lvG2Hlbj1cNPhikx4c=
Subject key identifier: 13:EE:0F:20:C2:15:57:0A:E6:80:83:05:E5:32:8A:61:43:20:35:84
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013CE2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/450DA8A8F5B611EF87A91161762E951A.roa
Signing time: Fri 28 Feb 2025 09:27:46 +0000
ROA not before: Fri 28 Feb 2025 09:27:42 +0000
ROA not after: Tue 20 Jan 2026 09:27:42 +0000
asID: 135097
IP address blocks: 45.195.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81122 (0x13ce2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 09:27:42 2025 GMT
Not After : Jan 20 09:27:42 2026 GMT
Subject: CN=67c18192-609e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:2d:3a:ca:ee:b9:d1:97:47:f7:8f:5b:c9:e8:
3e:c8:ed:8a:e8:f4:f7:13:9a:c6:f6:f5:50:21:b4:
cc:7f:ec:43:2a:a4:8e:20:87:15:71:ce:68:9f:ff:
a0:a6:28:dd:e6:f2:3c:39:60:1f:8f:03:12:02:d9:
ae:c5:5b:c3:2c:64:61:9f:51:37:be:91:3f:d8:3c:
c5:58:f1:f9:74:c4:c2:7b:80:03:9c:6d:13:33:49:
e9:ce:83:37:94:43:0c:27:4b:3c:6d:bc:3c:72:78:
94:aa:77:d5:42:e0:f1:b1:26:29:81:dd:76:a5:59:
d0:2f:e3:16:08:4b:e6:75:e9:7a:b9:35:bb:a1:22:
62:dd:39:c2:f2:07:ec:96:6e:fd:c7:59:a4:dd:b2:
ac:f3:07:07:d9:a4:8e:71:08:9e:7a:22:bc:49:33:
a0:df:d2:91:0f:0a:6c:f8:9d:8d:11:d6:9e:35:e5:
33:be:35:67:3f:3c:45:93:83:dd:c6:ed:27:2f:7c:
3b:bf:b8:66:71:f1:12:2f:82:f9:21:a8:47:42:dd:
fa:87:8b:d1:60:3b:2b:8d:13:26:6c:b7:63:95:1b:
a5:c9:d4:13:9e:42:bc:30:a7:5a:13:62:d6:b4:5a:
19:95:10:91:16:bb:63:78:3e:99:66:7d:2e:2a:53:
76:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:EE:0F:20:C2:15:57:0A:E6:80:83:05:E5:32:8A:61:43:20:35:84
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/450DA8A8F5B611EF87A91161762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.140.0/22
Signature Algorithm: sha256WithRSAEncryption
07:10:1f:9a:fa:73:b1:60:48:3f:62:5c:1e:b8:41:6f:d2:ad:
a4:70:84:50:16:b7:22:de:7b:8e:42:0d:3e:62:71:36:d3:3f:
19:5b:5c:f3:ae:ee:40:af:e5:39:51:39:92:00:78:28:c6:66:
e2:cd:45:16:cd:37:58:6b:70:35:f1:c7:8c:2b:eb:8f:98:93:
ba:cb:88:6a:08:72:ff:3c:c3:b0:b5:68:e9:86:47:64:fe:d9:
96:69:60:55:a4:b4:aa:90:23:df:b4:c9:a1:03:4c:ab:1e:7a:
c5:09:1f:08:30:92:c9:62:fb:3c:8c:b6:f2:ed:79:fd:c6:b7:
db:8f:1c:fe:7a:a2:e7:86:c9:43:27:bc:4d:13:01:ba:33:26:
43:f6:e7:5d:57:ab:08:23:95:9c:a4:e1:66:03:90:f1:58:1c:
31:ca:21:d1:a4:ba:e0:38:87:61:0e:86:81:71:19:06:eb:7b:
51:85:dd:cd:86:65:e2:c6:9e:5d:5b:03:7e:26:63:e9:0a:e2:
44:0d:69:f2:c2:5e:b6:26:c4:a8:3c:af:63:6b:08:56:dc:ea:
88:55:0f:f3:2a:55:b7:d1:7a:15:3b:a0:54:13:07:94:8e:76:
c0:52:a7:8a:b4:7b:85:55:be:4e:35:31:04:2b:00:fa:5b:30:
4b:f4:33:9c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATziMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MDkyNzQyWhcNMjYwMTIwMDkyNzQyWjAYMRYw
FAYDVQQDEw02N2MxODE5Mi02MDllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7i06yu650ZdH949byeg+yO2K6PT3E5rG9vVQIbTMf+xDKqSOIIcVcc5o
n/+gpijd5vI8OWAfjwMSAtmuxVvDLGRhn1E3vpE/2DzFWPH5dMTCe4ADnG0TM0np
zoM3lEMMJ0s8bbw8cniUqnfVQuDxsSYpgd12pVnQL+MWCEvmdel6uTW7oSJi3TnC
8gfslm79x1mk3bKs8wcH2aSOcQieeiK8STOg39KRDwps+J2NEdaeNeUzvjVnPzxF
k4Pdxu0nL3w7v7hmcfESL4L5IahHQt36h4vRYDsrjRMmbLdjlRulydQTnkK8MKda
E2LWtFoZlRCRFrtjeD6ZZn0uKlN2yQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBPu
DyDCFVcK5oCDBeUyimFDIDWEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NTBEQThBOEY1QjYxMUVGODdBOTExNjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcOMMA0GCSqGSIb3DQEBCwUA
A4IBAQAHEB+a+nOxYEg/YlweuEFv0q2kcIRQFrci3nuOQg0+YnE20z8ZW1zzru5A
r+U5UTmSAHgoxmbizUUWzTdYa3A18ceMK+uPmJO6y4hqCHL/PMOwtWjphkdk/tmW
aWBVpLSqkCPftMmhA0yrHnrFCR8IMJLJYvs8jLby7Xn9xrfbjxz+eqLnhslDJ7xN
EwG6MyZD9uddV6sII5WcpOFmA5DxWBwxyiHRpLrgOIdhDoaBcRkG63tRhd3NhmXi
xp5dWwN+JmPpCuJEDWnywl62JsSoPK9jawhW3OqIVQ/zKlW30XoVO6BUEweUjnbA
UqeKtHuFVb5ONTEEKwD6WzBL9DOc
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:27:17 2025 by rpki-client