Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81FCA078E55A11EF9571184F762E951A.roa
File: 81FCA078E55A11EF9571184F762E951A.roa (raw, json)
Hash identifier: Ey0xO4/JW3Xi6DXnmQ/ZgWZj0ioOhiDqDVpgLMFwNkE=
Subject key identifier: FC:D2:9E:4E:B6:38:3E:D1:D0:35:71:19:44:0A:D7:A4:88:BC:56:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011DD4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81FCA078E55A11EF9571184F762E951A.roa
Signing time: Fri 07 Feb 2025 13:50:36 +0000
ROA not before: Fri 07 Feb 2025 13:50:32 +0000
ROA not after: Fri 21 Jan 2028 13:50:32 +0000
asID: 17561
IP address blocks: 45.196.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73172 (0x11dd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 7 13:50:32 2025 GMT
Not After : Jan 21 13:50:32 2028 GMT
Subject: CN=67a60fac-3666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:46:26:f0:5f:4a:20:d4:18:94:2d:80:fe:76:
e5:01:19:4c:ee:7d:90:eb:cc:dc:7f:bf:ea:ef:90:
69:17:d7:04:ee:ed:98:23:76:1f:e6:9f:9b:45:d2:
67:8b:5f:46:52:91:53:3c:00:66:02:41:bd:45:20:
01:2e:1c:d6:e8:30:cb:43:ea:b7:86:5a:25:08:f0:
07:a9:d8:86:54:6a:69:ce:ce:43:14:c2:6c:c6:02:
61:b1:a0:6b:2a:51:cc:2a:46:8f:7a:b2:2d:cf:9e:
81:8e:65:65:8e:5d:87:7d:b8:51:b7:91:ad:0a:15:
78:55:39:21:43:62:68:af:3c:99:4d:e4:45:77:4e:
fd:77:18:97:90:63:ae:68:77:89:ca:82:5b:3f:27:
15:ae:a2:a3:93:2c:e1:13:95:ab:4c:b8:c4:0e:8e:
c9:de:c5:8a:e3:41:f0:05:eb:77:af:47:97:9a:25:
a1:34:f8:79:d6:4d:08:9b:e0:93:56:d4:fb:70:8b:
b4:f9:d7:52:88:94:9e:12:4c:2a:52:49:55:61:f8:
d7:c7:1d:99:13:44:6c:d4:1c:96:4f:d2:32:6b:b0:
ab:e9:53:99:78:61:e7:ec:62:59:98:c4:cf:b8:9b:
ff:0f:e4:84:e8:0f:4c:ac:b3:b7:59:85:2f:20:a6:
7f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D2:9E:4E:B6:38:3E:D1:D0:35:71:19:44:0A:D7:A4:88:BC:56:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81FCA078E55A11EF9571184F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.74.0/24
Signature Algorithm: sha256WithRSAEncryption
18:83:0a:99:63:e2:48:0d:99:27:62:a1:01:49:e1:86:81:b0:
34:9a:9b:41:7c:5f:15:9e:09:ce:57:c7:8e:9e:45:6b:94:ac:
cf:34:5d:c2:3e:af:93:8b:9a:fb:f1:c7:34:88:74:4b:4a:f0:
d4:d7:84:ce:5a:2d:c9:41:47:df:7a:6d:d7:0c:0c:82:ba:a0:
13:7e:d8:d6:4e:ac:91:0a:df:fa:ab:41:87:b1:71:da:e9:69:
a2:e9:47:79:81:15:60:be:af:50:8f:77:cd:17:7a:cb:43:46:
f5:44:a6:de:76:77:0a:c0:8c:52:26:fd:7c:66:f3:a8:de:f8:
d6:ea:49:01:6c:ca:14:55:1d:8a:d6:c7:0e:83:36:4b:85:20:
55:23:28:fb:5c:67:95:d0:e9:75:3a:63:4b:ba:dc:8c:da:76:
95:32:ca:47:5c:48:84:97:19:a9:a0:be:58:6f:f2:9e:43:e8:
ff:c7:a1:7b:9b:a5:67:69:b3:da:3b:ea:8a:e2:7c:18:1a:6d:
2a:a3:18:71:26:f6:f0:58:79:b7:97:80:0a:71:ca:54:9b:ba:
5b:70:07:62:ec:01:cf:d7:88:8f:58:39:d3:71:1c:30:b6:ba:
07:8e:0e:69:6a:5c:aa:26:a1:39:0b:e6:fa:f6:5f:bd:39:c5:
67:19:66:c1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAR3UMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjA3MTM1MDMyWhcNMjgwMTIxMTM1MDMyWjAYMRYw
FAYDVQQDEw02N2E2MGZhYy0zNjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz0Ym8F9KINQYlC2A/nblARlM7n2Q68zcf7/q75BpF9cE7u2YI3Yf5p+b
RdJni19GUpFTPABmAkG9RSABLhzW6DDLQ+q3hlolCPAHqdiGVGppzs5DFMJsxgJh
saBrKlHMKkaPerItz56BjmVljl2HfbhRt5GtChV4VTkhQ2JorzyZTeRFd079dxiX
kGOuaHeJyoJbPycVrqKjkyzhE5WrTLjEDo7J3sWK40HwBet3r0eXmiWhNPh51k0I
m+CTVtT7cIu0+ddSiJSeEkwqUklVYfjXxx2ZE0Rs1ByWT9Iya7Cr6VOZeGHn7GJZ
mMTPuJv/D+SE6A9MrLO3WYUvIKZ/wQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPzS
nk62OD7R0DVxGUQK16SIvFZyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MUZDQTA3OEU1NUExMUVGOTU3MTE4NEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcRKMA0GCSqGSIb3DQEBCwUA
A4IBAQAYgwqZY+JIDZknYqEBSeGGgbA0mptBfF8VngnOV8eOnkVrlKzPNF3CPq+T
i5r78cc0iHRLSvDU14TOWi3JQUffem3XDAyCuqATftjWTqyRCt/6q0GHsXHa6Wmi
6Ud5gRVgvq9Qj3fNF3rLQ0b1RKbedncKwIxSJv18ZvOo3vjW6kkBbMoUVR2K1scO
gzZLhSBVIyj7XGeV0Ol1OmNLutyM2naVMspHXEiElxmpoL5Yb/KeQ+j/x6F7m6Vn
abPaO+qK4nwYGm0qoxhxJvbwWHm3l4AKccpUm7pbcAdi7AHP14iPWDnTcRwwtroH
jg5palyqJqE5C+b69l+9OcVnGWbB
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:22 2025 by rpki-client