Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CDCE9B20CBF11F0BBD7DAA9762E951A.roa
File: 8CDCE9B20CBF11F0BBD7DAA9762E951A.roa (raw, json)
Hash identifier: WxmY11v3ouLTLXgVMp01jZL2a8CQsOhU53+qdq7aQyA=
Subject key identifier: B2:2C:35:70:21:EF:C1:5D:5B:CA:DC:1C:F9:D2:F6:01:69:08:74:CF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0148C2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CDCE9B20CBF11F0BBD7DAA9762E951A.roa
Signing time: Sat 29 Mar 2025 17:02:09 +0000
ROA not before: Sat 29 Mar 2025 17:02:05 +0000
ROA not after: Mon 07 Apr 2025 17:02:05 +0000
asID: 401434
IP address blocks: 45.196.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84162 (0x148c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 29 17:02:05 2025 GMT
Not After : Apr 7 17:02:05 2025 GMT
Subject: CN=67e82791-c8e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:55:8c:17:bf:f6:02:e8:cf:12:94:8b:08:a5:
9f:49:05:22:7b:3b:c8:d6:9c:f8:20:d2:83:d3:01:
ad:a5:82:62:b8:0a:28:ac:17:12:84:26:95:4c:7e:
82:79:f5:6f:36:4c:af:b1:db:e7:77:5f:20:b8:62:
5e:71:f1:6e:12:79:ff:d3:8a:a1:9e:ce:46:e1:c6:
a1:a5:a3:48:02:9a:88:3f:ad:e8:70:d7:60:11:0d:
e2:e0:d6:bf:a3:d0:be:c2:3d:55:c2:bf:ea:fd:0d:
77:89:9a:1e:7e:28:a5:28:29:af:b2:17:41:16:7e:
b5:2b:3f:e1:48:48:2c:a3:35:1c:76:e0:80:b8:85:
a2:b3:41:8a:e6:93:2a:4d:f1:37:3e:43:8a:95:9c:
3b:40:1a:53:7e:f9:b4:d8:4b:e6:cf:1a:bd:9b:56:
4c:8b:f1:f6:b4:96:f5:78:bd:2a:c9:27:3e:c3:b3:
49:16:57:78:ff:05:37:bc:86:e2:87:a6:04:05:b0:
b9:46:42:0c:0d:00:c2:9b:24:70:3d:5a:c5:98:d2:
8c:50:2a:30:ed:a5:a4:93:2d:2a:1a:57:73:37:54:
f6:76:94:63:f7:e0:18:49:e7:b2:d7:af:72:d9:76:
35:67:3d:6e:30:0e:92:c1:e5:98:70:9e:e9:35:46:
29:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2C:35:70:21:EF:C1:5D:5B:CA:DC:1C:F9:D2:F6:01:69:08:74:CF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CDCE9B20CBF11F0BBD7DAA9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.216.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:bf:9c:f6:ec:7d:c1:c9:81:7d:d7:6b:7a:3a:f5:c4:b3:5d:
a2:94:4c:40:5e:79:7d:dc:bc:2e:eb:56:24:74:33:f0:d9:84:
9a:17:40:72:04:d0:5b:60:0e:36:90:ef:ba:06:3c:c9:7b:8e:
2d:4c:65:40:a4:a7:89:ab:59:bb:0f:10:e5:ef:b1:6e:9a:cf:
eb:d0:d0:ac:6e:2a:37:a4:68:ac:5c:f6:a8:45:5a:ed:a8:9f:
ab:8a:38:60:b1:16:10:d2:d8:3a:a5:f8:f3:f8:7d:a7:04:60:
84:eb:85:0e:3d:71:78:ac:be:f0:79:03:31:a8:5b:2b:cc:e4:
62:56:d8:63:a3:3e:4c:a1:69:0a:71:f5:02:77:1b:18:df:37:
23:07:16:22:f4:f1:9b:89:cf:ce:d7:50:6c:1e:fe:6a:1c:41:
b8:f4:bb:c6:8e:b6:be:31:cc:ee:b4:8c:19:a3:44:cb:0e:e5:
c3:c1:16:2c:eb:1a:9f:d4:ba:ae:ff:0a:95:41:39:90:4a:25:
44:16:f6:53:29:42:a4:b0:87:85:e5:2f:b5:b5:d3:a2:fe:9a:
8d:46:98:03:a9:c3:4c:ba:36:8e:2e:eb:0b:47:08:3e:8f:32:
d3:64:55:96:b3:2b:ee:66:6b:12:c2:3d:56:10:5f:5f:ff:d1:
61:f8:1e:40
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUjCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MTcwMjA1WhcNMjUwNDA3MTcwMjA1WjAYMRYw
FAYDVQQDEw02N2U4Mjc5MS1jOGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvlWMF7/2AujPEpSLCKWfSQUiezvI1pz4INKD0wGtpYJiuAoorBcShCaV
TH6CefVvNkyvsdvnd18guGJecfFuEnn/04qhns5G4cahpaNIApqIP63ocNdgEQ3i
4Na/o9C+wj1Vwr/q/Q13iZoefiilKCmvshdBFn61Kz/hSEgsozUcduCAuIWis0GK
5pMqTfE3PkOKlZw7QBpTfvm02Evmzxq9m1ZMi/H2tJb1eL0qySc+w7NJFld4/wU3
vIbih6YEBbC5RkIMDQDCmyRwPVrFmNKMUCow7aWkky0qGldzN1T2dpRj9+AYSeey
169y2XY1Zz1uMA6SweWYcJ7pNUYpRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLIs
NXAh78FdW8rcHPnS9gFpCHTPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84Q0RDRTlCMjBDQkYxMUYwQkJEN0RBQTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcTYMA0GCSqGSIb3DQEBCwUA
A4IBAQCgv5z27H3ByYF912t6OvXEs12ilExAXnl93Lwu61YkdDPw2YSaF0ByBNBb
YA42kO+6BjzJe44tTGVApKeJq1m7DxDl77Fums/r0NCsbio3pGisXPaoRVrtqJ+r
ijhgsRYQ0tg6pfjz+H2nBGCE64UOPXF4rL7weQMxqFsrzORiVthjoz5MoWkKcfUC
dxsY3zcjBxYi9PGbic/O11BsHv5qHEG49LvGjra+MczutIwZo0TLDuXDwRYs6xqf
1Lqu/wqVQTmQSiVEFvZTKUKksIeF5S+1tdOi/pqNRpgDqcNMujaOLusLRwg+jzLT
ZFWWsyvuZmsSwj1WEF9f/9Fh+B5A
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:50 2025 by rpki-client