Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80377E7AFF2711EF8EEE1382762E951A.roa
File: 80377E7AFF2711EF8EEE1382762E951A.roa (raw, json)
Hash identifier: F2feV+9ZFNYYoFJmsfb1l4XGhvybzSZVLriiM0y1i8U=
Subject key identifier: 0C:E6:01:4F:BB:60:A7:B3:1F:80:AC:1E:F6:66:E3:5B:9D:4A:00:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014532
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80377E7AFF2711EF8EEE1382762E951A.roa
Signing time: Wed 12 Mar 2025 09:50:59 +0000
ROA not before: Wed 12 Mar 2025 09:50:55 +0000
ROA not after: Thu 17 Apr 2025 09:50:55 +0000
asID: 394432
IP address blocks: 45.200.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83250 (0x14532)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 12 09:50:55 2025 GMT
Not After : Apr 17 09:50:55 2025 GMT
Subject: CN=67d15903-7e0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:29:46:81:ca:85:36:88:8b:65:c3:6e:38:ac:
54:cb:97:e5:02:12:4f:f7:06:1b:f9:14:d5:52:17:
91:04:fc:30:8a:dd:16:a0:da:0a:eb:37:3f:5e:29:
ff:e4:60:e2:20:1d:e9:0d:aa:a2:f4:b8:bd:7e:17:
b3:00:18:3b:45:9d:57:4c:7a:66:02:50:93:e1:97:
a2:7b:aa:71:62:73:2e:59:ee:0e:85:6e:1a:f6:7c:
42:54:1b:23:5a:e5:86:c0:ce:6e:eb:ee:62:bb:3a:
23:d8:cf:43:9b:92:f4:28:8f:56:ea:f2:88:67:21:
1c:6e:75:77:ed:66:16:ff:c9:a5:5b:66:d0:90:a1:
9c:b7:fd:e5:c4:3f:86:b6:da:de:bf:a7:71:06:2a:
6c:18:e7:bb:e8:25:26:db:91:49:aa:3c:7a:8f:79:
26:c6:03:47:ab:82:c2:0a:92:52:66:6d:ba:c8:af:
66:1d:ba:00:1f:da:be:f6:79:7c:3c:d1:1b:f2:08:
ee:77:34:75:d0:95:f8:da:09:a9:e7:6f:44:31:67:
64:db:d4:cc:10:8b:e5:8e:b9:f7:2d:1b:39:84:d4:
cc:5c:04:57:18:9e:d7:f6:62:7c:c7:77:75:5b:72:
25:bc:87:14:7b:fd:5f:fd:fa:2d:a1:be:ac:f0:9f:
cd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E6:01:4F:BB:60:A7:B3:1F:80:AC:1E:F6:66:E3:5B:9D:4A:00:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80377E7AFF2711EF8EEE1382762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.192.0/18
Signature Algorithm: sha256WithRSAEncryption
2d:54:bf:ca:e6:9d:54:0d:1b:42:e8:c4:a7:e5:41:3e:6a:ad:
f4:3b:76:a7:0a:12:cc:91:72:af:30:b9:16:84:f0:f6:96:03:
b0:8b:85:52:19:5a:b7:85:40:49:2b:67:4a:0d:27:dd:43:46:
20:ba:6e:f1:7c:90:1a:8d:e2:71:2f:38:e4:e7:be:d7:b2:18:
ca:86:db:d3:f6:66:36:54:ab:83:8e:69:92:f1:9e:80:7f:78:
ed:8c:fd:13:9c:ab:d0:e6:72:39:c2:1c:41:dd:b1:eb:eb:ac:
48:09:11:83:0b:5d:c4:ef:0d:50:37:07:fa:6d:e3:c9:63:11:
0e:a7:c6:cf:74:ad:f0:65:2d:af:9d:ca:ff:4d:7a:0b:0f:fe:
37:fe:93:31:a7:0b:39:e2:52:c2:13:1b:90:c2:7d:c3:17:8c:
99:46:fc:ee:7f:25:da:90:e9:b4:27:0b:69:3f:cb:ca:d8:c7:
50:11:9a:e4:f5:4c:f8:65:d9:1b:e9:53:23:85:83:53:e5:91:
84:69:88:30:76:93:ca:aa:e8:07:01:5b:3f:90:25:31:0d:d0:
b6:e6:41:08:44:00:cc:35:ef:52:7c:12:7b:80:e8:9b:c6:f3:
7f:0c:46:25:37:34:fe:3b:df:cf:98:8b:87:1e:05:7b:f1:47:
30:05:87:30
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUUyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzEyMDk1MDU1WhcNMjUwNDE3MDk1MDU1WjAYMRYw
FAYDVQQDEw02N2QxNTkwMy03ZTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtylGgcqFNoiLZcNuOKxUy5flAhJP9wYb+RTVUheRBPwwit0WoNoK6zc/
Xin/5GDiIB3pDaqi9Li9fhezABg7RZ1XTHpmAlCT4Zeie6pxYnMuWe4OhW4a9nxC
VBsjWuWGwM5u6+5iuzoj2M9Dm5L0KI9W6vKIZyEcbnV37WYW/8mlW2bQkKGct/3l
xD+Gttrev6dxBipsGOe76CUm25FJqjx6j3kmxgNHq4LCCpJSZm26yK9mHboAH9q+
9nl8PNEb8gjudzR10JX42gmp529EMWdk29TMEIvljrn3LRs5hNTMXARXGJ7X9mJ8
x3d1W3IlvIcUe/1f/fotob6s8J/NSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAzm
AU+7YKezH4CsHvZm41udSgCMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MDM3N0U3QUZGMjcxMUVGOEVFRTEzODI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGLcjAMA0GCSqGSIb3DQEBCwUA
A4IBAQAtVL/K5p1UDRtC6MSn5UE+aq30O3anChLMkXKvMLkWhPD2lgOwi4VSGVq3
hUBJK2dKDSfdQ0Ygum7xfJAajeJxLzjk577XshjKhtvT9mY2VKuDjmmS8Z6Af3jt
jP0TnKvQ5nI5whxB3bHr66xICRGDC13E7w1QNwf6bePJYxEOp8bPdK3wZS2vncr/
TXoLD/43/pMxpws54lLCExuQwn3DF4yZRvzufyXakOm0JwtpP8vK2MdQEZrk9Uz4
Zdkb6VMjhYNT5ZGEaYgwdpPKqugHAVs/kCUxDdC25kEIRADMNe9SfBJ7gOibxvN/
DEYlNzT+O9/PmIuHHgV78UcwBYcw
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:33 2025 by rpki-client