Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D90B59EF43811EF99F74F8F762E951A.roa
File: 4D90B59EF43811EF99F74F8F762E951A.roa (raw, json)
Hash identifier: iXNHoUXj9cykkc4rWtrQuptKk9GUPpZsp8Wt/l+Tpzg=
Subject key identifier: C6:CD:5A:92:96:10:51:B3:8D:DF:2A:7F:67:3F:1C:20:85:8A:49:7C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013201
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D90B59EF43811EF99F74F8F762E951A.roa
Signing time: Wed 26 Feb 2025 11:53:33 +0000
ROA not before: Wed 26 Feb 2025 11:53:29 +0000
ROA not after: Sat 19 Feb 2028 11:53:29 +0000
asID: 17561
IP address blocks: 45.196.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78337 (0x13201)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 11:53:29 2025 GMT
Not After : Feb 19 11:53:29 2028 GMT
Subject: CN=67bf00bd-4798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ce:e1:b5:33:0e:b9:6b:24:c2:42:53:66:0b:
cb:f9:b0:41:f1:e0:35:e4:d2:c4:c8:1e:2b:9f:7a:
cc:84:9b:e6:34:e6:e3:74:f4:23:07:34:03:a1:6a:
5a:85:02:71:a9:83:fd:df:9f:d5:c1:34:c0:df:91:
3c:d7:89:a6:11:89:b2:d7:98:4d:b9:30:60:d8:e9:
b1:d7:82:0e:db:31:0b:ab:b5:f3:15:93:41:8d:85:
10:11:9e:84:9b:8e:1c:4f:53:0a:1a:31:69:f9:3d:
e5:f0:10:dc:31:bc:c7:b5:3b:c3:f3:79:b0:5b:b7:
1b:52:0d:4c:58:58:f1:40:38:2d:56:08:59:b9:58:
7d:f9:fa:92:80:b8:da:37:d4:88:3e:62:0c:bf:b0:
51:fb:b1:56:40:77:75:a1:e0:63:9f:6e:8f:1e:aa:
ad:fd:71:8d:69:89:5b:23:58:8d:04:0f:8a:4f:0d:
fd:bb:e8:ac:77:f7:90:40:a7:75:44:ab:80:15:8a:
89:d7:bb:93:e3:8e:f9:ae:78:68:c5:67:fa:70:3c:
55:50:88:ce:92:d4:73:6a:62:da:24:aa:6c:c9:79:
c1:95:4f:38:83:73:ca:c5:19:ae:3e:9c:ea:d1:af:
7b:9a:c4:4b:9f:ae:ab:2c:a3:6b:65:67:8f:cc:74:
ff:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:CD:5A:92:96:10:51:B3:8D:DF:2A:7F:67:3F:1C:20:85:8A:49:7C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D90B59EF43811EF99F74F8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.14.0/24
Signature Algorithm: sha256WithRSAEncryption
55:4a:33:83:25:ef:7c:32:f4:60:48:4d:db:b3:5a:e2:df:ec:
3e:94:09:71:59:36:2c:c2:11:41:ef:c2:c8:0e:36:fe:92:36:
d2:b3:dc:e1:9e:e4:49:d3:f3:a8:54:f1:58:5c:95:51:66:13:
08:42:33:e3:9d:51:1a:2d:e9:be:07:4f:28:bf:7d:fa:b0:b8:
32:b7:2b:55:1c:fd:37:bf:5a:39:1d:1c:25:f7:2d:4e:f8:9e:
76:8b:18:c9:37:25:cc:9e:7f:3d:95:0b:d9:f9:c9:4d:e2:37:
9b:0b:45:4d:77:1c:31:48:59:38:c0:49:d0:71:e5:98:64:ab:
6f:93:c8:dd:cb:51:1a:a3:f2:f4:41:3b:3d:83:54:f8:ba:ab:
d4:1f:f0:6f:a8:a6:52:38:34:6d:3e:d4:60:a9:1a:72:5e:69:
01:f3:02:4b:83:88:63:2c:17:59:a9:f2:b4:20:8c:d8:a2:3b:
75:f1:4a:45:73:2d:19:8a:73:58:ac:c1:8d:68:eb:17:c1:a5:
00:ac:d9:1e:9c:2f:59:28:f2:54:ee:2c:40:a0:4e:76:91:95:
45:9c:c1:da:30:c2:32:d2:be:6e:ae:a4:50:81:60:98:db:73:
7b:df:ee:f3:20:bc:90:55:fc:c6:bf:ac:46:95:1f:eb:1c:50:
61:a1:dd:a7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATIBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTE1MzI5WhcNMjgwMjE5MTE1MzI5WjAYMRYw
FAYDVQQDEw02N2JmMDBiZC00Nzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA487htTMOuWskwkJTZgvL+bBB8eA15NLEyB4rn3rMhJvmNObjdPQjBzQD
oWpahQJxqYP935/VwTTA35E814mmEYmy15hNuTBg2Omx14IO2zELq7XzFZNBjYUQ
EZ6Em44cT1MKGjFp+T3l8BDcMbzHtTvD83mwW7cbUg1MWFjxQDgtVghZuVh9+fqS
gLjaN9SIPmIMv7BR+7FWQHd1oeBjn26PHqqt/XGNaYlbI1iNBA+KTw39u+isd/eQ
QKd1RKuAFYqJ17uT4475rnhoxWf6cDxVUIjOktRzamLaJKpsyXnBlU84g3PKxRmu
Ppzq0a97msRLn66rLKNrZWePzHT/cQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMbN
WpKWEFGzjd8qf2c/HCCFikl8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RDkwQjU5RUY0MzgxMUVGOTlGNzRGOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcQOMA0GCSqGSIb3DQEBCwUA
A4IBAQBVSjODJe98MvRgSE3bs1ri3+w+lAlxWTYswhFB78LIDjb+kjbSs9zhnuRJ
0/OoVPFYXJVRZhMIQjPjnVEaLem+B08ov336sLgytytVHP03v1o5HRwl9y1O+J52
ixjJNyXMnn89lQvZ+clN4jebC0VNdxwxSFk4wEnQceWYZKtvk8jdy1Eao/L0QTs9
g1T4uqvUH/BvqKZSODRtPtRgqRpyXmkB8wJLg4hjLBdZqfK0IIzYojt18UpFcy0Z
inNYrMGNaOsXwaUArNkenC9ZKPJU7ixAoE52kZVFnMHaMMIy0r5urqRQgWCY23N7
3+7zILyQVfzGv6xGlR/rHFBhod2n
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:11 2025 by rpki-client