Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86A6E522FF2A11EF8F8D5595762E951A.roa
File: 86A6E522FF2A11EF8F8D5595762E951A.roa (raw, json)
Hash identifier: Pf+BPinIWAx59B23xklXncWovE3E6cBdGIiqbA26ggQ=
Subject key identifier: 7D:1D:A4:04:F1:0C:5F:C9:6B:0D:8F:21:9E:CE:1F:17:A6:B8:C4:12
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01453C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86A6E522FF2A11EF8F8D5595762E951A.roa
Signing time: Wed 12 Mar 2025 10:12:39 +0000
ROA not before: Wed 12 Mar 2025 10:12:35 +0000
ROA not after: Wed 30 Apr 2025 10:12:35 +0000
asID: 398478
IP address blocks: 45.192.192.0/20 maxlen: 24
45.200.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:26:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83260 (0x1453c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 12 10:12:35 2025 GMT
Not After : Apr 30 10:12:35 2025 GMT
Subject: CN=67d15e16-4000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6f:99:6f:98:cc:92:3b:45:89:b6:a1:61:38:
aa:c5:f8:b5:36:d9:9b:7c:f8:1c:81:fa:2d:8c:b4:
c0:0e:f0:f9:95:91:61:fe:66:4b:f8:15:dd:88:82:
8b:ed:9e:2b:2c:bb:42:3b:3c:89:a7:92:c3:85:21:
1c:13:ce:b6:88:49:e7:54:a3:5e:ea:09:4f:47:c2:
22:30:d7:90:4d:1b:36:6e:28:c4:28:84:30:cc:64:
da:e0:5c:63:13:a9:f2:98:33:d5:15:89:b4:52:61:
34:c9:61:b3:ad:eb:ab:be:73:29:05:b1:c5:80:fb:
d7:c7:9a:81:bd:21:ee:dd:b0:4a:cd:26:de:38:c5:
b8:5e:aa:03:79:23:78:74:d1:e5:75:9d:6c:11:54:
ab:b4:4b:49:ed:d7:11:64:34:fe:29:bc:6c:ae:5f:
6b:37:ee:9a:18:ef:bf:99:cf:0d:28:a4:5f:a3:86:
1e:41:54:87:3b:65:f4:9b:5d:84:4f:88:12:1d:d3:
12:40:6a:f4:bf:72:e7:32:f9:91:cf:0f:10:4f:44:
d2:be:53:2c:88:84:4a:69:b8:b2:36:c2:f1:d5:a0:
e3:77:99:44:6d:a9:02:1f:08:41:e4:3c:71:c5:b3:
f1:03:6e:27:8d:fc:82:4e:52:b7:a5:8e:53:46:86:
34:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1D:A4:04:F1:0C:5F:C9:6B:0D:8F:21:9E:CE:1F:17:A6:B8:C4:12
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86A6E522FF2A11EF8F8D5595762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.192.0/20
45.200.192.0/18
Signature Algorithm: sha256WithRSAEncryption
98:7f:d2:92:a8:a3:35:43:77:b9:dc:67:c2:b1:c1:66:45:4e:
0c:87:a1:06:0d:1a:92:71:a7:d0:21:7a:bb:16:59:7e:a7:98:
39:6e:e6:ef:34:24:5d:9b:6a:9f:b3:95:b1:9f:dc:2c:40:d3:
46:3c:e8:f8:22:95:32:8e:52:d3:21:fe:ca:8f:64:03:69:d0:
6d:bd:bb:72:da:83:85:9e:0c:7f:35:e4:1e:60:45:7e:86:f4:
5e:d5:e4:a5:f0:e8:45:7c:06:fb:89:a0:45:a2:6c:f5:f6:d8:
cd:09:a4:91:c1:ed:f2:4c:a7:fb:b1:a2:ca:6f:91:61:29:f1:
1c:9c:fa:2e:ff:64:f5:5a:42:0a:1a:53:1e:5e:ac:5c:33:bd:
fa:1d:a9:92:8d:e4:a3:0e:be:6c:3f:36:5d:ae:49:92:7c:bc:
47:31:f2:8c:5c:25:b7:7c:8d:8d:46:ed:da:d8:cc:08:4f:fc:
41:25:42:ea:21:fc:bd:d1:d4:c4:04:35:4e:d4:9e:3f:40:f4:
93:78:23:8e:a6:7d:c5:31:e9:a4:39:88:70:5e:4e:9d:e2:cb:
a2:42:b8:d5:2d:53:e5:e2:16:70:ae:b1:60:a9:19:ca:05:06:
e6:de:64:5b:ba:86:97:b1:00:ae:bb:c0:1b:73:42:3c:c0:d4:
00:e9:08:4e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUU8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzEyMTAxMjM1WhcNMjUwNDMwMTAxMjM1WjAYMRYw
FAYDVQQDEw02N2QxNWUxNi00MDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw2+Zb5jMkjtFibahYTiqxfi1NtmbfPgcgfotjLTADvD5lZFh/mZL+BXd
iIKL7Z4rLLtCOzyJp5LDhSEcE862iEnnVKNe6glPR8IiMNeQTRs2bijEKIQwzGTa
4FxjE6nymDPVFYm0UmE0yWGzreurvnMpBbHFgPvXx5qBvSHu3bBKzSbeOMW4XqoD
eSN4dNHldZ1sEVSrtEtJ7dcRZDT+Kbxsrl9rN+6aGO+/mc8NKKRfo4YeQVSHO2X0
m12ET4gSHdMSQGr0v3LnMvmRzw8QT0TSvlMsiIRKabiyNsLx1aDjd5lEbakCHwhB
5DxxxbPxA24njfyCTlK3pY5TRoY0vQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH0d
pATxDF/Jaw2PIZ7OHxemuMQSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NkE2RTUyMkZGMkExMUVGOEY4RDU1OTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQELcDAAwQGLcjAMA0GCSqGSIb3
DQEBCwUAA4IBAQCYf9KSqKM1Q3e53GfCscFmRU4Mh6EGDRqScafQIXq7Fll+p5g5
bubvNCRdm2qfs5Wxn9wsQNNGPOj4IpUyjlLTIf7Kj2QDadBtvbty2oOFngx/NeQe
YEV+hvRe1eSl8OhFfAb7iaBFomz19tjNCaSRwe3yTKf7saLKb5FhKfEcnPou/2T1
WkIKGlMeXqxcM736HamSjeSjDr5sPzZdrkmSfLxHMfKMXCW3fI2NRu3a2MwIT/xB
JULqIfy90dTEBDVO1J4/QPSTeCOOpn3FMemkOYhwXk6d4suiQrjVLVPl4hZwrrFg
qRnKBQbm3mRbuoaXsQCuu8Abc0I8wNQA6QhO
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:47:27 2025 by rpki-client