Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85B429BAF4A111EFBB36F564762E951A.roa
File: 85B429BAF4A111EFBB36F564762E951A.roa (raw, json)
Hash identifier: UEWeEusn6C50R8AUiPMbpOO79K8izY7xF2IrDhSuUYY=
Subject key identifier: F5:C6:EA:3D:EF:1F:D3:2C:17:17:1A:F0:58:B2:47:EE:0B:38:02:76
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01386E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85B429BAF4A111EFBB36F564762E951A.roa
Signing time: Thu 27 Feb 2025 00:26:44 +0000
ROA not before: Thu 27 Feb 2025 00:00:40 +0000
ROA not after: Thu 19 Feb 2026 00:00:40 +0000
asID: 984
IP address blocks: 45.201.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79982 (0x1386e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 27 00:00:40 2025 GMT
Not After : Feb 19 00:00:40 2026 GMT
Subject: CN=67bfb144-7a1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:0d:0b:5a:83:3b:45:79:aa:5b:88:14:be:8a:
b8:b8:4c:c0:ac:14:b3:19:8d:80:44:e9:5d:98:9e:
d0:d4:e6:23:83:ef:eb:65:0e:a3:03:24:60:4b:ae:
fa:9a:5c:67:7f:76:86:6c:99:a1:92:ab:1a:4e:42:
21:3f:80:69:f7:cf:d0:77:05:95:e2:9b:ab:21:6e:
fd:7b:78:f1:aa:71:42:0b:b0:0f:00:78:bc:e0:6d:
fc:e4:99:53:1e:7e:b3:3a:f0:af:b8:0c:6c:25:65:
06:43:37:39:60:6d:3f:a6:be:ad:77:23:f7:84:24:
39:ed:ad:f3:e5:05:61:3c:0e:ef:f9:4d:0b:bf:fd:
53:04:9e:0c:7e:a3:97:67:3d:4e:86:10:52:e9:4a:
14:00:b1:58:19:18:5c:18:b0:7e:2b:77:27:af:4b:
24:ce:38:a9:47:40:23:bd:4d:70:0b:b9:f4:ff:00:
aa:59:e3:b0:a6:2e:47:08:5c:83:9a:e3:5f:d6:4e:
6a:42:27:f0:15:48:bd:1e:ee:c2:87:fe:db:53:78:
98:f1:cd:b6:1f:ab:40:d5:32:9d:38:0c:92:5a:2a:
64:2b:08:a5:03:ed:3e:13:18:8d:c0:70:3f:10:9d:
1c:b9:98:e6:11:02:6c:da:52:bb:10:13:b7:56:1a:
f9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C6:EA:3D:EF:1F:D3:2C:17:17:1A:F0:58:B2:47:EE:0B:38:02:76
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85B429BAF4A111EFBB36F564762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.127.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:62:0e:f9:b9:5e:77:48:a8:ef:8d:9f:8a:1b:43:03:2c:eb:
a3:31:90:11:36:81:1b:49:a2:19:6b:03:4a:f2:25:3e:d8:71:
ae:b3:9a:ae:b2:4f:59:47:11:e2:b1:6c:b2:0f:f6:7f:af:2a:
b2:9b:6e:87:fb:c9:1c:7a:36:21:d5:0e:74:14:0e:23:36:83:
93:03:f2:d9:df:7a:84:d5:50:de:72:29:b3:7e:8c:39:78:98:
30:10:6f:63:51:db:4a:ba:57:7c:50:e3:e0:12:a4:01:a6:e5:
48:4c:ce:f0:17:dd:b4:bb:79:03:64:00:07:1f:9d:95:00:15:
d3:f8:04:24:96:99:fb:22:d4:5b:75:fd:4e:d3:8f:b0:87:84:
33:40:12:fd:01:b7:1e:0a:8a:8e:66:0d:2f:97:0c:91:8c:49:
7e:00:89:ec:0a:98:e5:79:36:2d:2e:0b:78:f5:bd:3b:d4:e0:
d4:c3:27:38:78:4b:f1:00:8f:47:2b:50:32:a8:40:1f:03:44:
20:9b:c6:55:a5:da:89:df:d0:fe:38:f8:cc:3b:10:ed:a0:6b:
db:d3:47:fe:4e:13:53:d8:1a:17:2d:16:2d:5c:6e:68:24:5e:
ef:c4:ef:e0:db:d3:a9:74:c7:b6:dd:94:02:a4:dc:bf:33:e5:
79:17:33:1e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAThuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI3MDAwMDQwWhcNMjYwMjE5MDAwMDQwWjAYMRYw
FAYDVQQDEw02N2JmYjE0NC03YTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+A0LWoM7RXmqW4gUvoq4uEzArBSzGY2AROldmJ7Q1OYjg+/rZQ6jAyRg
S676mlxnf3aGbJmhkqsaTkIhP4Bp98/QdwWV4purIW79e3jxqnFCC7APAHi84G38
5JlTHn6zOvCvuAxsJWUGQzc5YG0/pr6tdyP3hCQ57a3z5QVhPA7v+U0Lv/1TBJ4M
fqOXZz1OhhBS6UoUALFYGRhcGLB+K3cnr0skzjipR0AjvU1wC7n0/wCqWeOwpi5H
CFyDmuNf1k5qQifwFUi9Hu7Ch/7bU3iY8c22H6tA1TKdOAySWipkKwilA+0+ExiN
wHA/EJ0cuZjmEQJs2lK7EBO3Vhr5LQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPXG
6j3vH9MsFxca8FiyR+4LOAJ2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NUI0MjlCQUY0QTExMUVGQkIzNkY1NjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcl/MA0GCSqGSIb3DQEBCwUA
A4IBAQCKYg75uV53SKjvjZ+KG0MDLOujMZARNoEbSaIZawNK8iU+2HGus5qusk9Z
RxHisWyyD/Z/ryqym26H+8kcejYh1Q50FA4jNoOTA/LZ33qE1VDecimzfow5eJgw
EG9jUdtKuld8UOPgEqQBpuVITM7wF920u3kDZAAHH52VABXT+AQklpn7ItRbdf1O
04+wh4QzQBL9AbceCoqOZg0vlwyRjEl+AInsCpjleTYtLgt49b071ODUwyc4eEvx
AI9HK1AyqEAfA0Qgm8ZVpdqJ39D+OPjMOxDtoGvb00f+ThNT2BoXLRYtXG5oJF7v
xO/g29OpdMe23ZQCpNy/M+V5FzMe
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:30:44 2025 by rpki-client