Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/63B299F0F43D11EF8BE144B1762E951A.roa
File: 63B299F0F43D11EF8BE144B1762E951A.roa (raw, json)
Hash identifier: eXwtN/n8gjzXwHaFKAqNORFT0bvKycb0P2tpfDYtMwQ=
Subject key identifier: C7:C9:1F:59:AF:4D:4A:80:F1:56:00:26:C2:47:B5:E1:BA:A1:74:F5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01327B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/63B299F0F43D11EF8BE144B1762E951A.roa
Signing time: Wed 26 Feb 2025 12:29:57 +0000
ROA not before: Wed 26 Feb 2025 12:29:54 +0000
ROA not after: Thu 19 Feb 2026 12:29:54 +0000
asID: 984
IP address blocks: 45.206.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78459 (0x1327b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 12:29:54 2025 GMT
Not After : Feb 19 12:29:54 2026 GMT
Subject: CN=67bf0945-94b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e5:12:dd:d0:61:36:8c:92:61:85:d7:86:dc:
88:89:a1:65:e1:93:5c:a3:c8:d8:e2:7a:ea:5f:43:
13:23:34:11:91:31:04:ab:a0:24:e8:ab:fe:f6:55:
7c:de:91:bf:da:1a:7a:16:19:be:a3:7a:7f:33:d1:
2c:37:2f:62:21:4a:b7:f9:75:42:2a:b9:76:bf:a8:
eb:d3:ee:e2:2e:eb:71:3b:00:22:49:03:5f:92:1a:
7c:de:16:b9:d9:04:64:87:7d:38:ea:99:31:5c:84:
2e:9d:7f:ac:7d:1c:34:f2:7e:6f:0f:dd:3e:5c:18:
e8:8a:2d:91:19:a0:8b:58:7d:c9:20:5f:77:c6:af:
41:65:fd:0b:17:02:72:df:56:51:24:32:a1:8d:7a:
2d:94:e4:6b:6c:b7:47:7d:73:ae:a0:13:69:34:41:
b4:cd:00:05:a2:0b:4a:76:b6:78:b2:5f:2e:f0:41:
7e:d7:5b:bb:3d:60:4b:85:46:3b:81:74:d7:56:77:
55:7e:3c:68:ad:99:b0:c3:a9:c4:05:84:4a:32:92:
22:74:e6:da:15:5c:91:47:72:09:24:61:ee:f1:0e:
0c:00:6b:00:de:e6:fc:32:0e:21:f6:c1:05:48:5e:
ab:6a:df:0f:5b:b2:33:71:28:56:28:77:0d:4a:c1:
0a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C9:1F:59:AF:4D:4A:80:F1:56:00:26:C2:47:B5:E1:BA:A1:74:F5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/63B299F0F43D11EF8BE144B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.14.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:27:65:f2:45:9f:c8:35:92:84:55:10:71:1b:16:1a:42:a2:
96:33:fd:cd:28:61:e8:00:2c:a5:c7:18:29:fd:bb:34:86:be:
4a:ec:e2:01:ba:3d:4a:ca:3a:76:76:31:0d:35:71:33:4d:14:
f4:20:a1:f0:25:02:00:27:c5:78:5b:fa:bb:aa:b8:d2:1a:14:
ea:82:78:4e:82:46:5f:63:d4:64:bc:1f:80:33:18:d9:55:68:
f6:fb:c4:d9:61:48:b3:c4:7e:80:ff:12:f3:14:b0:1d:00:2a:
33:25:f2:2e:44:c2:7f:3e:a1:64:93:76:4c:38:ff:e1:ee:7d:
cd:42:fc:8f:48:55:d9:6b:d7:9a:48:9b:3a:1e:d8:21:c5:b4:
84:8d:c4:50:e1:ea:59:8d:0b:b2:7c:ea:bf:c1:48:5e:a4:4f:
6a:83:6a:6a:a6:c3:a2:2d:3d:bc:7d:08:97:70:92:05:51:ff:
45:7b:e3:33:ab:bd:1f:f0:d8:5e:cf:9f:07:c7:ca:63:bf:80:
98:5e:a3:3d:74:94:82:69:3d:6f:0a:f7:87:e8:26:a4:18:49:
6c:6a:32:aa:43:fd:25:86:dd:19:93:ee:55:f5:4f:e4:a1:92:
46:d8:3c:6d:b4:03:fd:61:a1:68:0f:8a:6e:6a:0a:98:37:0e:
e9:b6:4a:b3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATJ7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTIyOTU0WhcNMjYwMjE5MTIyOTU0WjAYMRYw
FAYDVQQDEw02N2JmMDk0NS05NGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAueUS3dBhNoySYYXXhtyIiaFl4ZNco8jY4nrqX0MTIzQRkTEEq6Ak6Kv+
9lV83pG/2hp6Fhm+o3p/M9EsNy9iIUq3+XVCKrl2v6jr0+7iLutxOwAiSQNfkhp8
3ha52QRkh3046pkxXIQunX+sfRw08n5vD90+XBjoii2RGaCLWH3JIF93xq9BZf0L
FwJy31ZRJDKhjXotlORrbLdHfXOuoBNpNEG0zQAFogtKdrZ4sl8u8EF+11u7PWBL
hUY7gXTXVndVfjxorZmww6nEBYRKMpIidObaFVyRR3IJJGHu8Q4MAGsA3ub8Mg4h
9sEFSF6rat8PW7IzcShWKHcNSsEKcQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMfJ
H1mvTUqA8VYAJsJHteG6oXT1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82M0IyOTlGMEY0M0QxMUVGOEJFMTQ0QjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc4OMA0GCSqGSIb3DQEBCwUA
A4IBAQC1J2XyRZ/INZKEVRBxGxYaQqKWM/3NKGHoACylxxgp/bs0hr5K7OIBuj1K
yjp2djENNXEzTRT0IKHwJQIAJ8V4W/q7qrjSGhTqgnhOgkZfY9RkvB+AMxjZVWj2
+8TZYUizxH6A/xLzFLAdACozJfIuRMJ/PqFkk3ZMOP/h7n3NQvyPSFXZa9eaSJs6
HtghxbSEjcRQ4epZjQuyfOq/wUhepE9qg2pqpsOiLT28fQiXcJIFUf9Fe+Mzq70f
8Nhez58Hx8pjv4CYXqM9dJSCaT1vCveH6CakGElsajKqQ/0lht0Zk+5V9U/koZJG
2DxttAP9YaFoD4puagqYNw7ptkqz
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:30:46 2025 by rpki-client