Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7DBA7ACAFB2711EFB54C0151762E951A.roa
File: 7DBA7ACAFB2711EFB54C0151762E951A.roa (raw, json)
Hash identifier: 1Qm8k8o7J9OQt1ulrB8PFvXyWJ7b7Xqo4XJvnk8KcrU=
Subject key identifier: 2E:DD:C8:2B:AE:89:C8:05:77:F4:EF:15:8D:71:1A:3B:3D:BF:C5:47
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0143CC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7DBA7ACAFB2711EFB54C0151762E951A.roa
Signing time: Fri 07 Mar 2025 07:40:50 +0000
ROA not before: Fri 07 Mar 2025 07:40:47 +0000
ROA not after: Mon 14 Apr 2025 07:40:47 +0000
asID: 20473
IP address blocks: 45.194.116.0/23 maxlen: 24
45.194.119.0/24 maxlen: 24
45.200.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82892 (0x143cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 7 07:40:47 2025 GMT
Not After : Apr 14 07:40:47 2025 GMT
Subject: CN=67caa302-f96c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8a:d2:c0:7e:ce:bf:6e:3d:44:b3:cd:a0:28:
98:87:07:ff:5a:09:e8:5d:36:24:a0:ae:95:4e:69:
72:f9:a1:0f:6b:7e:17:86:09:e9:db:86:77:5f:4d:
54:af:df:89:64:12:31:d8:a6:91:b2:68:25:af:ae:
bc:d0:9f:5c:b7:ef:fc:fe:d8:dd:21:ab:60:2f:fc:
78:6d:4a:be:ab:15:2d:85:0a:83:2f:b5:77:22:ce:
3c:f9:96:cb:6c:a0:66:7f:25:8c:98:6f:ee:c9:00:
54:81:19:9c:a4:c4:2f:78:1d:2e:fd:14:60:25:d3:
ee:36:90:f5:c3:db:bd:32:89:0a:0d:e1:bd:6b:5d:
4d:57:a2:73:b3:b3:29:2f:42:7d:99:0d:b6:17:81:
14:9b:0c:73:fb:9c:af:51:73:7a:c6:0f:69:0f:bf:
08:ab:81:0b:ae:8f:f7:ab:b9:7c:91:27:a4:8e:48:
96:94:cb:72:a8:38:d0:ea:64:f1:d2:eb:a0:27:75:
59:9a:46:3e:81:31:bb:b3:f0:a3:8e:a5:2d:fc:e1:
0b:f3:31:b3:cf:37:b4:8e:73:a6:41:24:28:f6:71:
98:13:bf:70:5a:9c:e3:d1:f2:cc:73:01:6e:44:dc:
02:f0:44:65:66:84:9f:77:f3:46:f6:d3:77:b1:98:
ab:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:DD:C8:2B:AE:89:C8:05:77:F4:EF:15:8D:71:1A:3B:3D:BF:C5:47
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7DBA7ACAFB2711EFB54C0151762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.116.0/23
45.194.119.0/24
45.200.121.0/24
Signature Algorithm: sha256WithRSAEncryption
86:a6:b0:6d:aa:fb:f3:ec:1a:15:12:8d:0b:7f:c1:fa:da:7b:
f0:2c:d8:a0:b2:20:18:f2:07:c5:fe:07:04:33:1d:ab:a0:b9:
f8:4e:13:d4:f0:86:c9:cc:6f:a5:68:2b:6a:a7:80:27:2a:50:
f0:35:d8:a8:eb:47:11:ca:be:03:94:93:ec:cf:6a:58:56:af:
da:76:76:ad:24:fb:6f:bd:3e:4a:a1:46:57:a7:69:35:e3:1c:
3a:01:2f:7e:72:b8:16:68:24:b3:95:ac:6e:31:38:bc:16:7f:
36:ad:25:aa:76:4b:d0:13:9f:7c:d6:c9:60:d7:30:26:f0:45:
b4:5e:0b:1d:02:fa:bd:63:11:54:22:d8:86:08:9c:7c:14:90:
22:e8:81:5f:30:4d:00:e3:34:61:ec:e1:b7:0b:d6:74:7c:09:
ec:90:c7:b4:38:ac:65:a8:ca:14:af:19:8b:ca:9c:62:3b:95:
3a:b2:64:31:21:8f:15:2e:f3:eb:69:53:ff:b7:76:d4:0d:10:
bb:20:0d:88:2b:c5:4b:c4:37:1e:69:a2:12:86:71:25:c9:14:
14:98:7f:6e:ef:71:68:d9:b2:fe:3a:34:e0:65:bc:73:e7:82:
94:70:73:54:81:e2:b7:5d:98:69:b7:54:62:91:62:94:a3:52:
0b:67:5a:ac
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAUPMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA3MDc0MDQ3WhcNMjUwNDE0MDc0MDQ3WjAYMRYw
FAYDVQQDEw02N2NhYTMwMi1mOTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzorSwH7Ov249RLPNoCiYhwf/WgnoXTYkoK6VTmly+aEPa34Xhgnp24Z3
X01Ur9+JZBIx2KaRsmglr6680J9ct+/8/tjdIatgL/x4bUq+qxUthQqDL7V3Is48
+ZbLbKBmfyWMmG/uyQBUgRmcpMQveB0u/RRgJdPuNpD1w9u9MokKDeG9a11NV6Jz
s7MpL0J9mQ22F4EUmwxz+5yvUXN6xg9pD78Iq4ELro/3q7l8kSekjkiWlMtyqDjQ
6mTx0uugJ3VZmkY+gTG7s/CjjqUt/OEL8zGzzze0jnOmQSQo9nGYE79wWpzj0fLM
cwFuRNwC8ERlZoSfd/NG9tN3sZir1QIDAQABo4ICrjCCAqowHQYDVR0OBBYEFC7d
yCuuicgFd/TvFY1xGjs9v8VHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83REJBN0FDQUZCMjcxMUVGQjU0QzAxNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLcJ0AwQALcJ3AwQALch5MA0G
CSqGSIb3DQEBCwUAA4IBAQCGprBtqvvz7BoVEo0Lf8H62nvwLNigsiAY8gfF/gcE
Mx2roLn4ThPU8IbJzG+laCtqp4AnKlDwNdio60cRyr4DlJPsz2pYVq/adnatJPtv
vT5KoUZXp2k14xw6AS9+crgWaCSzlaxuMTi8Fn82rSWqdkvQE5981slg1zAm8EW0
XgsdAvq9YxFUItiGCJx8FJAi6IFfME0A4zRh7OG3C9Z0fAnskMe0OKxlqMoUrxmL
ypxiO5U6smQxIY8VLvPraVP/t3bUDRC7IA2IK8VLxDceaaIShnElyRQUmH9u73Fo
2bL+OjTgZbxz54KUcHNUgeK3XZhpt1RikWKUo1ILZ1qs
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:00 2025 by rpki-client