Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6AA6D048040311F0AC39C0AC762E951A.roa
File: 6AA6D048040311F0AC39C0AC762E951A.roa (raw, json)
Hash identifier: 8QzJqCv+c2DO7Ekv9JqhRHaq3qPaHUFk1mEzEve9hYs=
Subject key identifier: 21:23:17:6B:BF:9C:C6:44:C8:96:53:37:9B:51:5B:34:B3:C3:75:DB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0146C7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6AA6D048040311F0AC39C0AC762E951A.roa
Signing time: Tue 18 Mar 2025 14:15:17 +0000
ROA not before: Tue 18 Mar 2025 14:15:13 +0000
ROA not after: Mon 23 Jun 2025 14:15:13 +0000
asID: 140403
IP address blocks: 45.198.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:26:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83655 (0x146c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 18 14:15:13 2025 GMT
Not After : Jun 23 14:15:13 2025 GMT
Subject: CN=67d97ff5-a57d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f6:f3:32:28:15:4a:24:6d:c1:50:48:53:e2:
9c:1d:83:ae:e0:da:59:22:03:17:82:63:9a:50:89:
26:75:5f:92:17:95:13:b6:dd:ef:b1:76:af:e4:d8:
63:ad:85:de:81:d8:f8:0a:5f:d0:61:db:bc:ea:7c:
83:c4:5f:98:80:f0:5b:b2:c6:40:3f:f2:0a:47:8a:
c9:3f:86:da:27:1a:dd:b3:87:a7:5b:a2:03:e0:33:
43:31:8a:9f:da:fb:2c:a5:e0:a6:fc:a6:b2:8b:1f:
a1:ce:bb:51:b0:8c:94:a4:8c:ce:9c:f3:04:c5:d4:
88:0b:5c:c9:12:c1:d0:93:78:51:e6:1b:cd:88:14:
94:6a:ba:58:8a:d0:73:34:b5:83:16:f9:63:13:46:
3a:6e:f1:6c:f0:16:ec:87:4d:45:bd:b8:d3:79:8f:
12:56:42:88:77:37:62:ec:09:f4:a4:c1:de:71:4a:
fa:a4:d0:b3:1e:1e:59:e0:ba:c9:83:59:73:76:98:
ff:7c:58:a4:59:aa:12:2f:e4:1a:70:f7:cc:dc:38:
3d:00:5e:2b:85:68:9c:5e:b1:1f:67:77:17:1a:a3:
c2:79:33:94:b1:d4:b1:9c:8a:29:c5:bc:5f:1d:0f:
a0:13:79:6b:d2:1d:9f:f5:f7:2e:65:99:d5:16:43:
98:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:23:17:6B:BF:9C:C6:44:C8:96:53:37:9B:51:5B:34:B3:C3:75:DB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6AA6D048040311F0AC39C0AC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.1.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:11:6d:7b:60:8c:83:05:16:bc:97:53:ea:08:71:33:40:15:
d1:e8:ec:80:b5:88:92:b5:36:2e:cc:06:7b:c7:89:ee:a0:52:
05:85:f8:4f:c3:1a:04:66:2a:7a:f1:1f:7d:cb:34:76:00:d0:
8f:99:19:ea:60:c0:87:ce:cf:fa:38:31:1f:38:a3:49:fb:9d:
e6:8d:3f:6c:57:70:4b:6e:88:c1:1e:5b:b5:02:2c:7b:4a:d3:
a1:74:54:7d:2d:df:89:e7:9a:3c:23:4d:19:00:89:ab:d8:a9:
8c:97:f7:95:8f:4f:56:fd:1a:6e:01:98:97:2e:a2:ee:c4:92:
43:02:53:c4:5d:a8:0f:6d:d1:85:b9:e2:43:5e:60:40:07:d9:
a4:31:8d:03:40:ba:71:df:3e:6c:37:8a:d9:26:a8:9b:01:51:
80:ee:54:25:16:fb:58:07:93:d9:ed:11:6a:c7:d9:ce:6a:ff:
1f:9c:25:a7:81:9c:b0:db:bb:ec:46:37:9f:d9:bc:10:02:dc:
e6:e1:cd:b7:40:cf:1d:51:71:67:3b:99:30:cf:c0:6c:c2:e8:
4f:60:9d:90:0b:84:3b:a5:17:33:b5:09:64:fd:0a:03:65:80:
a1:6b:a8:0a:af:25:d4:c4:cd:7a:06:0a:d5:d9:ab:42:32:be:
ff:da:ac:d2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUbHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE4MTQxNTEzWhcNMjUwNjIzMTQxNTEzWjAYMRYw
FAYDVQQDEw02N2Q5N2ZmNS1hNTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3fbzMigVSiRtwVBIU+KcHYOu4NpZIgMXgmOaUIkmdV+SF5UTtt3vsXav
5NhjrYXegdj4Cl/QYdu86nyDxF+YgPBbssZAP/IKR4rJP4baJxrds4enW6ID4DND
MYqf2vsspeCm/Kayix+hzrtRsIyUpIzOnPMExdSIC1zJEsHQk3hR5hvNiBSUarpY
itBzNLWDFvljE0Y6bvFs8Bbsh01FvbjTeY8SVkKIdzdi7An0pMHecUr6pNCzHh5Z
4LrJg1lzdpj/fFikWaoSL+QacPfM3Dg9AF4rhWicXrEfZ3cXGqPCeTOUsdSxnIop
xbxfHQ+gE3lr0h2f9fcuZZnVFkOYYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCEj
F2u/nMZEyJZTN5tRWzSzw3XbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82QUE2RDA0ODA0MDMxMUYwQUMzOUMwQUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcYBMA0GCSqGSIb3DQEBCwUA
A4IBAQAfEW17YIyDBRa8l1PqCHEzQBXR6OyAtYiStTYuzAZ7x4nuoFIFhfhPwxoE
Zip68R99yzR2ANCPmRnqYMCHzs/6ODEfOKNJ+53mjT9sV3BLbojBHlu1Aix7StOh
dFR9Ld+J55o8I00ZAImr2KmMl/eVj09W/RpuAZiXLqLuxJJDAlPEXagPbdGFueJD
XmBAB9mkMY0DQLpx3z5sN4rZJqibAVGA7lQlFvtYB5PZ7RFqx9nOav8fnCWngZyw
27vsRjef2bwQAtzm4c23QM8dUXFnO5kwz8BswuhPYJ2QC4Q7pRcztQlk/QoDZYCh
a6gKryXUxM16BgrV2atCMr7/2qzS
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:48:55 2025 by rpki-client