Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7606E500F46C11EFB2B4627E762E951A.roa
File: 7606E500F46C11EFB2B4627E762E951A.roa (raw, json)
Hash identifier: LyoR0HO+7zt4YBfwxXMOR0zSzkqsYbU+zx0huXJ2bOs=
Subject key identifier: F4:F4:59:C9:5D:FC:B4:F4:6C:0B:67:D1:2B:FD:D3:78:E8:E4:1F:82
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01361E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7606E500F46C11EFB2B4627E762E951A.roa
Signing time: Wed 26 Feb 2025 18:06:55 +0000
ROA not before: Wed 26 Feb 2025 18:06:51 +0000
ROA not after: Thu 19 Feb 2026 18:06:51 +0000
asID: 984
IP address blocks: 45.201.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79390 (0x1361e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 18:06:51 2025 GMT
Not After : Feb 19 18:06:51 2026 GMT
Subject: CN=67bf583e-d71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:1d:d7:dc:a2:a3:88:cd:16:af:7e:23:e6:e5:
b3:a3:dd:61:60:15:f6:97:7f:13:90:1f:8a:ce:df:
53:6c:bc:fa:18:b1:a4:81:52:d6:b4:10:d1:43:23:
b5:93:5d:7b:4a:e1:92:59:d0:7f:3b:d5:77:39:85:
75:66:47:a1:7d:38:1c:98:e3:59:e0:cd:35:3f:6b:
10:ca:60:80:49:ae:14:f9:d2:ba:2b:da:b5:d0:75:
ba:50:ad:ff:f7:97:c3:62:da:3f:df:0e:c9:73:4a:
3c:9b:e5:fe:ef:db:39:e0:c4:9d:73:7e:ff:f9:b3:
ba:0f:a5:19:b4:71:51:0e:b6:b4:71:c8:8b:9c:87:
09:ab:e7:7d:85:31:6d:96:f0:ed:c2:8a:a8:4a:a2:
48:69:e8:af:c7:9e:e5:1e:ba:72:2d:df:78:8e:2f:
57:57:03:e9:10:58:f6:f5:76:fc:f1:fd:52:bb:6b:
fa:a8:2c:e7:89:20:f8:07:70:3d:42:e6:d8:93:c1:
1a:87:3d:f5:83:50:cb:ac:b4:84:b7:f2:6d:4f:5b:
c5:ec:17:1d:e4:ac:b6:e6:52:4f:34:2b:56:7b:bf:
47:b6:50:ef:c7:30:dd:c3:42:0d:47:aa:65:f1:c2:
87:43:13:ff:20:c3:fc:e9:71:c0:90:62:dc:d2:2d:
94:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F4:59:C9:5D:FC:B4:F4:6C:0B:67:D1:2B:FD:D3:78:E8:E4:1F:82
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7606E500F46C11EFB2B4627E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.61.0/24
Signature Algorithm: sha256WithRSAEncryption
83:94:5a:18:2d:67:ba:1d:62:89:71:57:1c:46:c8:95:51:fa:
54:4f:75:be:74:11:2e:6e:fd:2e:ec:3c:6b:71:e5:36:39:d2:
b4:a3:70:50:d1:a5:7e:1d:47:ec:5d:0a:2b:d6:e6:9e:fb:6b:
be:86:f6:2a:65:f2:a7:df:0a:f9:ef:42:15:af:a6:f4:9f:8c:
ee:d2:dc:db:74:1a:e8:0f:3c:c8:52:ec:1d:9f:59:86:4f:84:
01:02:12:a1:bd:99:d3:89:7b:82:95:a8:34:32:ec:da:ba:fe:
07:7c:86:7d:d3:7a:08:10:c2:cb:bf:da:d9:88:46:e2:a5:09:
a1:c7:fa:0f:4b:3a:c1:9f:91:fe:6f:ba:00:3a:22:84:c3:a7:
6f:25:15:fd:bf:45:ce:ef:14:c7:78:72:7e:d8:4f:14:6a:e6:
e3:83:fb:86:53:8f:6f:8b:0e:85:eb:25:a6:6a:7a:b7:50:5e:
a4:dc:63:6f:b4:8a:4b:2b:1d:9f:01:b1:d4:e0:6b:9b:96:92:
0f:f0:0e:8a:7c:b2:b0:73:16:ea:14:35:c3:93:0e:a1:ee:56:
66:7d:4f:c5:78:8b:cf:d0:bd:9a:ee:69:99:81:8a:6a:a0:bd:
42:49:5b:0a:e7:e0:09:7f:9f:d8:ac:b1:91:3a:a8:36:ae:9a:
7e:2d:c1:57
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATYeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTgwNjUxWhcNMjYwMjE5MTgwNjUxWjAYMRYw
FAYDVQQDEw02N2JmNTgzZS1kNzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9h3X3KKjiM0Wr34j5uWzo91hYBX2l38TkB+Kzt9TbLz6GLGkgVLWtBDR
QyO1k117SuGSWdB/O9V3OYV1ZkehfTgcmONZ4M01P2sQymCASa4U+dK6K9q10HW6
UK3/95fDYto/3w7Jc0o8m+X+79s54MSdc37/+bO6D6UZtHFRDra0cciLnIcJq+d9
hTFtlvDtwoqoSqJIaeivx57lHrpyLd94ji9XVwPpEFj29Xb88f1Su2v6qCzniSD4
B3A9QubYk8Eahz31g1DLrLSEt/JtT1vF7Bcd5Ky25lJPNCtWe79HtlDvxzDdw0IN
R6pl8cKHQxP/IMP86XHAkGLc0i2U0QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPT0
Wcld/LT0bAtn0Sv903jo5B+CMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NjA2RTUwMEY0NkMxMUVGQjJCNDYyN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALck9MA0GCSqGSIb3DQEBCwUA
A4IBAQCDlFoYLWe6HWKJcVccRsiVUfpUT3W+dBEubv0u7DxrceU2OdK0o3BQ0aV+
HUfsXQor1uae+2u+hvYqZfKn3wr570IVr6b0n4zu0tzbdBroDzzIUuwdn1mGT4QB
AhKhvZnTiXuClag0Muzauv4HfIZ903oIEMLLv9rZiEbipQmhx/oPSzrBn5H+b7oA
OiKEw6dvJRX9v0XO7xTHeHJ+2E8Uaubjg/uGU49viw6F6yWmanq3UF6k3GNvtIpL
Kx2fAbHU4GublpIP8A6KfLKwcxbqFDXDkw6h7lZmfU/FeIvP0L2a7mmZgYpqoL1C
SVsK5+AJf5/YrLGROqg2rpp+LcFX
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:25 2025 by rpki-client