Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6D25F32CF43F11EFA82EE740762E951A.roa
File: 6D25F32CF43F11EFA82EE740762E951A.roa (raw, json)
Hash identifier: TfOEh5t9VmRSv/2IGzOitnCMYYJJftJiZAUOowaqD5c=
Subject key identifier: D9:89:3B:1F:26:5B:A1:A2:64:32:21:A9:03:70:49:85:C0:ED:DB:32
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0132AA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6D25F32CF43F11EFA82EE740762E951A.roa
Signing time: Wed 26 Feb 2025 12:44:32 +0000
ROA not before: Wed 26 Feb 2025 12:44:29 +0000
ROA not after: Sat 19 Feb 2028 12:44:29 +0000
asID: 17561
IP address blocks: 45.198.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78506 (0x132aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 12:44:29 2025 GMT
Not After : Feb 19 12:44:29 2028 GMT
Subject: CN=67bf0cb0-019c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e7:e2:4c:ec:61:53:f7:08:4b:e4:48:f6:7f:
e1:cb:0d:e7:dc:24:ac:7a:64:d7:56:d6:18:42:fd:
6d:80:da:7d:90:aa:73:35:89:2d:8b:91:01:f7:4a:
8b:e6:70:25:4c:f8:fc:5d:2a:9d:4f:00:93:d8:69:
28:86:ba:85:43:fb:32:21:d8:42:df:bf:5b:ef:86:
71:e0:39:a8:3c:5b:a0:dd:88:e7:e4:e0:b2:7d:f1:
11:1c:ff:4b:18:09:41:ea:15:11:f7:8f:bf:c7:4e:
60:c1:c6:b1:73:24:8e:85:33:95:24:31:e5:d6:cd:
bf:4b:0c:cd:99:9d:23:b6:af:4b:7f:e0:fa:a1:7e:
4d:db:4a:2e:a6:88:72:b2:56:74:1a:88:7e:35:77:
1e:b1:f6:08:26:1f:b1:2b:92:88:37:f7:16:b3:42:
8a:68:6a:d5:3b:56:84:6b:a0:bc:43:0b:9f:d0:c2:
d5:bc:3b:51:92:94:81:ae:5d:14:0a:e2:c1:d1:ec:
b4:45:7b:ac:5c:a3:1c:bc:e2:75:d3:26:90:56:51:
06:e7:87:d5:6d:71:25:5a:99:e7:79:4c:36:7f:1c:
a9:9d:d6:e7:60:a3:93:62:b9:12:c8:7a:bd:0b:1d:
f6:22:e8:a0:c2:04:7c:3f:c5:a0:7b:93:89:35:62:
ce:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:89:3B:1F:26:5B:A1:A2:64:32:21:A9:03:70:49:85:C0:ED:DB:32
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6D25F32CF43F11EFA82EE740762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.255.0/24
Signature Algorithm: sha256WithRSAEncryption
04:97:7b:28:da:21:19:3e:5d:b7:81:48:b2:57:ba:12:fa:2b:
22:b7:2e:2f:bb:5b:ac:46:4c:76:4b:11:c8:85:bf:3e:1e:51:
52:3c:a0:25:34:6f:ec:05:01:6c:39:e9:e4:f0:b1:56:7f:3d:
9d:0b:ef:6a:db:10:17:02:55:e2:69:3f:75:75:2a:c9:13:96:
b6:0d:6d:90:b7:95:5e:6b:0a:5e:ab:32:bb:3a:ed:1a:01:a1:
88:a7:64:3c:5f:be:3e:a6:c5:40:87:99:7a:3c:7f:0f:85:a2:
2e:cf:31:58:2e:8f:b2:0c:df:b2:dd:a1:b7:a2:eb:38:ca:b8:
9e:7d:65:a7:c9:b1:6c:08:cd:2d:0d:f4:d3:f9:39:5f:dc:e6:
c7:d7:b3:e4:30:80:15:b6:8e:2d:1c:78:fe:92:c1:38:20:24:
97:32:65:65:19:d3:bf:a7:94:a0:0e:8b:81:10:48:76:57:5e:
b7:2f:14:87:09:6d:47:5e:de:56:34:22:a1:9f:b6:c0:8f:e4:
af:2e:cc:fe:bd:b2:49:14:ba:53:64:77:95:6f:17:0e:43:43:
84:20:e4:30:60:d5:8f:7d:67:2d:e0:35:44:c3:c9:84:53:09:
d8:97:96:72:b1:8d:bd:48:cb:3a:2d:d7:98:49:4c:bf:11:56:
37:f3:b9:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATKqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTI0NDI5WhcNMjgwMjE5MTI0NDI5WjAYMRYw
FAYDVQQDEw02N2JmMGNiMC0wMTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv+fiTOxhU/cIS+RI9n/hyw3n3CSsemTXVtYYQv1tgNp9kKpzNYkti5EB
90qL5nAlTPj8XSqdTwCT2GkohrqFQ/syIdhC379b74Zx4DmoPFug3Yjn5OCyffER
HP9LGAlB6hUR94+/x05gwcaxcySOhTOVJDHl1s2/SwzNmZ0jtq9Lf+D6oX5N20ou
pohyslZ0Goh+NXcesfYIJh+xK5KIN/cWs0KKaGrVO1aEa6C8Qwuf0MLVvDtRkpSB
rl0UCuLB0ey0RXusXKMcvOJ10yaQVlEG54fVbXElWpnneUw2fxypndbnYKOTYrkS
yHq9Cx32IuigwgR8P8Wge5OJNWLOhQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNmJ
Ox8mW6GiZDIhqQNwSYXA7dsyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RDI1RjMyQ0Y0M0YxMUVGQTgyRUU3NDA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcb/MA0GCSqGSIb3DQEBCwUA
A4IBAQAEl3so2iEZPl23gUiyV7oS+isity4vu1usRkx2SxHIhb8+HlFSPKAlNG/s
BQFsOenk8LFWfz2dC+9q2xAXAlXiaT91dSrJE5a2DW2Qt5VeawpeqzK7Ou0aAaGI
p2Q8X74+psVAh5l6PH8PhaIuzzFYLo+yDN+y3aG3ous4yriefWWnybFsCM0tDfTT
+Tlf3ObH17PkMIAVto4tHHj+ksE4ICSXMmVlGdO/p5SgDouBEEh2V163LxSHCW1H
Xt5WNCKhn7bAj+SvLsz+vbJJFLpTZHeVbxcOQ0OEIOQwYNWPfWct4DVEw8mEUwnY
l5ZysY29SMs6LdeYSUy/EVY387lS
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:01 2025 by rpki-client