Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/83388E26F47711EF9E9FA848762E951A.roa
File: 83388E26F47711EF9E9FA848762E951A.roa (raw, json)
Hash identifier: sGedSr3mKYGhscI7DKd2Im/dtN1UNMu7aszt7ZoMaoc=
Subject key identifier: 93:53:B0:87:C7:31:20:F6:11:1E:5C:E0:19:34:1C:4B:BD:5D:99:FF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013705
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/83388E26F47711EF9E9FA848762E951A.roa
Signing time: Wed 26 Feb 2025 19:26:01 +0000
ROA not before: Wed 26 Feb 2025 19:25:58 +0000
ROA not after: Thu 19 Feb 2026 19:25:58 +0000
asID: 984
IP address blocks: 45.201.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79621 (0x13705)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 19:25:58 2025 GMT
Not After : Feb 19 19:25:58 2026 GMT
Subject: CN=67bf6ac9-3cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fb:ba:dd:7d:d1:da:c8:b2:64:7c:39:85:5b:
4e:af:f9:10:1f:90:44:ea:df:7a:be:1c:8c:c6:6d:
d7:36:8f:5d:c1:4f:d1:53:bb:e2:dd:28:7f:ea:4c:
15:8b:7f:8b:f0:4f:a2:24:93:c1:a0:10:b0:43:70:
17:a2:0c:60:29:92:fa:d2:f3:a0:b6:e9:6f:64:32:
f4:21:22:72:d7:bc:b6:39:7a:81:e4:43:d5:c4:9f:
5a:99:7d:ed:16:31:63:9e:a4:c4:97:39:0c:40:72:
89:31:d9:9a:36:3d:d2:9d:28:77:16:cc:21:02:eb:
37:76:96:56:b7:0c:b5:49:7e:05:f8:f0:2b:bf:22:
a3:2f:5e:c8:9c:f1:dd:93:28:62:11:9b:62:55:b5:
3f:4f:e7:14:49:01:f3:75:6d:b6:ff:47:c8:89:76:
0d:93:1b:34:03:3f:df:d7:85:ec:43:50:1a:1f:7f:
72:8e:15:1f:cb:c7:fd:ff:1e:28:63:71:51:c4:2e:
6e:03:43:b4:08:16:54:41:b6:5a:6f:d1:e9:d6:57:
77:4a:69:8c:d9:2d:0a:85:58:98:d8:5e:db:4f:10:
f7:cc:3b:03:66:b3:d1:5a:5c:cb:d1:23:07:22:27:
5d:1c:36:30:35:3f:9a:bc:0f:29:c4:81:de:89:48:
02:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:53:B0:87:C7:31:20:F6:11:1E:5C:E0:19:34:1C:4B:BD:5D:99:FF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/83388E26F47711EF9E9FA848762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.96.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:b6:08:0b:76:74:dd:2b:09:f8:e3:6b:ad:de:36:36:4a:2c:
85:f5:97:c4:a3:b5:f8:5c:08:36:25:0a:ad:fe:27:3f:55:5f:
9e:02:da:25:ba:58:0b:71:6d:84:50:a4:85:d6:f0:17:27:e8:
cb:86:2c:4a:52:e4:a1:0f:91:b9:d5:28:4a:36:21:af:4e:4b:
c3:69:ed:4b:90:16:d2:24:8e:60:1b:9b:0e:19:6e:31:b8:1c:
05:15:aa:b3:86:16:bb:2a:08:60:ab:a0:d1:72:a2:20:4d:24:
79:c1:1f:98:c0:a5:65:bf:db:14:bf:4e:66:a1:c1:d5:c2:4e:
3c:84:ee:65:3f:64:6a:f6:1c:6c:a1:da:cf:bc:56:36:46:1f:
55:cc:28:69:f8:76:cb:6c:5c:c1:aa:34:6e:28:11:11:58:8e:
fe:b1:5d:22:51:10:46:7f:71:88:8a:58:4b:1a:de:e0:5c:9f:
89:68:8d:8f:2f:0f:8a:1b:e7:40:83:6d:f0:6c:ba:33:51:da:
6f:fe:e9:98:69:f4:e9:52:7c:8c:4d:75:19:96:e8:11:85:a1:
74:0e:2e:e2:1e:1b:98:95:90:80:83:26:3e:ef:3a:e8:9f:32:
29:f4:89:ff:25:52:05:b9:66:2c:f9:fe:ac:c4:c1:93:83:85:
a0:b3:63:9c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATcFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTkyNTU4WhcNMjYwMjE5MTkyNTU4WjAYMRYw
FAYDVQQDEw02N2JmNmFjOS0zY2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwvu63X3R2siyZHw5hVtOr/kQH5BE6t96vhyMxm3XNo9dwU/RU7vi3Sh/
6kwVi3+L8E+iJJPBoBCwQ3AXogxgKZL60vOgtulvZDL0ISJy17y2OXqB5EPVxJ9a
mX3tFjFjnqTElzkMQHKJMdmaNj3SnSh3FswhAus3dpZWtwy1SX4F+PArvyKjL17I
nPHdkyhiEZtiVbU/T+cUSQHzdW22/0fIiXYNkxs0Az/f14XsQ1AaH39yjhUfy8f9
/x4oY3FRxC5uA0O0CBZUQbZab9Hp1ld3SmmM2S0KhViY2F7bTxD3zDsDZrPRWlzL
0SMHIiddHDYwNT+avA8pxIHeiUgChwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJNT
sIfHMSD2ER5c4Bk0HEu9XZn/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MzM4OEUyNkY0NzcxMUVGOUU5RkE4NDg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALclgMA0GCSqGSIb3DQEBCwUA
A4IBAQCytggLdnTdKwn442ut3jY2SiyF9ZfEo7X4XAg2JQqt/ic/VV+eAtolulgL
cW2EUKSF1vAXJ+jLhixKUuShD5G51ShKNiGvTkvDae1LkBbSJI5gG5sOGW4xuBwF
Faqzhha7Kghgq6DRcqIgTSR5wR+YwKVlv9sUv05mocHVwk48hO5lP2Rq9hxsodrP
vFY2Rh9VzChp+HbLbFzBqjRuKBERWI7+sV0iURBGf3GIilhLGt7gXJ+JaI2PLw+K
G+dAg23wbLozUdpv/umYafTpUnyMTXUZlugRhaF0Di7iHhuYlZCAgyY+7zronzIp
9In/JVIFuWYs+f6sxMGTg4Wgs2Oc
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:27:28 2025 by rpki-client