Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D57AC840CBE11F0970048A5762E951A.roa
File: 8D57AC840CBE11F0970048A5762E951A.roa (raw, json)
Hash identifier: 5PnrQaQmDYpTJb5lbUJ0R8SlfQSXuMqAbYU68Tsh8Kw=
Subject key identifier: 92:97:D4:0B:27:95:83:93:3D:85:2F:07:4B:24:72:3A:D1:FB:2B:13
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0148BE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D57AC840CBE11F0970048A5762E951A.roa
Signing time: Sat 29 Mar 2025 16:55:00 +0000
ROA not before: Sat 29 Mar 2025 16:54:56 +0000
ROA not after: Mon 05 May 2025 16:54:56 +0000
asID: 137897
IP address blocks: 45.196.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84158 (0x148be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 29 16:54:56 2025 GMT
Not After : May 5 16:54:56 2025 GMT
Subject: CN=67e825e4-3a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:94:4a:99:97:b1:35:68:33:28:0e:00:bf:59:
3d:88:76:09:bb:a8:38:42:c9:4c:00:1f:bd:6e:d6:
98:a5:fd:57:fc:06:e5:f7:1f:8e:55:f3:36:be:79:
c5:ac:a8:25:9b:36:ee:a2:6e:a1:b7:dc:24:d6:98:
d0:53:fc:cb:f5:bb:bf:07:ee:df:52:f5:c9:63:59:
cb:1f:db:38:b1:e3:27:2b:23:11:fb:16:96:14:18:
a1:90:b4:7d:13:f1:d6:8b:aa:63:22:47:93:31:c7:
40:99:5b:d4:51:3e:86:b1:76:d7:19:45:35:e4:dc:
31:13:6a:28:6b:fa:e9:48:f9:ff:a2:e5:b4:5c:20:
25:52:ad:3b:df:2d:0c:f5:05:22:1a:f0:5b:90:8d:
47:54:f7:38:e2:ab:ae:0d:1f:2e:ad:64:61:08:19:
72:fe:ef:98:ed:fe:39:58:83:f5:59:d9:56:7a:ae:
0d:b2:2a:00:5e:98:df:0b:7f:b8:51:14:64:25:a7:
07:c8:73:f2:9b:35:c4:8a:dc:7e:24:b0:77:b9:ed:
d9:c9:6f:6b:b8:44:e0:b9:b6:6f:83:09:e2:1d:74:
28:65:d1:89:f1:df:0c:67:ed:2b:bf:75:25:3b:b1:
d6:f9:06:85:90:ee:47:dd:05:9a:dc:47:28:ef:c4:
8b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:97:D4:0B:27:95:83:93:3D:85:2F:07:4B:24:72:3A:D1:FB:2B:13
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D57AC840CBE11F0970048A5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.224.0/24
Signature Algorithm: sha256WithRSAEncryption
12:2b:3b:a7:ab:3a:c0:3b:93:b9:a9:81:e8:ca:a3:ed:ef:07:
23:a1:71:87:40:51:1a:50:38:34:62:c2:05:b3:f5:00:7e:b7:
9e:da:0b:51:57:ce:c1:e8:36:ca:14:ca:22:e3:21:85:41:1c:
f0:f3:7c:6d:27:0f:b1:18:4b:8b:0c:c2:9a:45:2c:13:d9:89:
31:53:45:c2:29:84:1a:d6:db:b9:86:89:e5:44:60:14:09:dd:
d9:f1:68:e6:ea:5e:fc:ab:91:a9:40:a8:1a:e4:3b:83:3a:9c:
7b:4c:bf:c1:07:ee:39:85:6e:79:3b:9e:a4:16:ef:32:9f:53:
29:cd:ee:49:34:68:8c:b4:84:a3:67:b3:a8:5d:24:ce:76:24:
2b:30:e1:0c:d6:4d:f8:0c:4b:b8:a8:a5:b8:2b:49:e7:d2:91:
3b:ad:e1:46:c4:25:94:66:99:b1:dd:8e:93:c1:b3:e0:67:81:
8e:5b:7c:e9:c9:8a:75:1c:d9:43:f4:2b:c3:75:8f:9f:84:7b:
bd:dc:42:99:00:6d:fb:0a:84:35:40:15:76:c7:2e:34:db:21:
c1:9e:e2:96:99:40:ab:19:ce:dd:04:70:43:c4:2c:cf:8a:15:
37:a9:a3:63:7b:55:d5:40:bd:ef:d4:48:e3:51:ec:35:b0:14:
81:1c:74:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUi+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MTY1NDU2WhcNMjUwNTA1MTY1NDU2WjAYMRYw
FAYDVQQDEw02N2U4MjVlNC0zYTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7JRKmZexNWgzKA4Av1k9iHYJu6g4QslMAB+9btaYpf1X/Abl9x+OVfM2
vnnFrKglmzbuom6ht9wk1pjQU/zL9bu/B+7fUvXJY1nLH9s4seMnKyMR+xaWFBih
kLR9E/HWi6pjIkeTMcdAmVvUUT6GsXbXGUU15NwxE2ooa/rpSPn/ouW0XCAlUq07
3y0M9QUiGvBbkI1HVPc44quuDR8urWRhCBly/u+Y7f45WIP1WdlWeq4NsioAXpjf
C3+4URRkJacHyHPymzXEitx+JLB3ue3ZyW9ruETgubZvgwniHXQoZdGJ8d8MZ+0r
v3UlO7HW+QaFkO5H3QWa3Eco78SLTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJKX
1AsnlYOTPYUvB0skcjrR+ysTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RDU3QUM4NDBDQkUxMUYwOTcwMDQ4QTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTgMA0GCSqGSIb3DQEBCwUA
A4IBAQASKzunqzrAO5O5qYHoyqPt7wcjoXGHQFEaUDg0YsIFs/UAfree2gtRV87B
6DbKFMoi4yGFQRzw83xtJw+xGEuLDMKaRSwT2YkxU0XCKYQa1tu5honlRGAUCd3Z
8Wjm6l78q5GpQKga5DuDOpx7TL/BB+45hW55O56kFu8yn1Mpze5JNGiMtISjZ7Oo
XSTOdiQrMOEM1k34DEu4qKW4K0nn0pE7reFGxCWUZpmx3Y6TwbPgZ4GOW3zpyYp1
HNlD9CvDdY+fhHu93EKZAG37CoQ1QBV2xy402yHBnuKWmUCrGc7dBHBDxCzPihU3
qaNje1XVQL3v1EjjUew1sBSBHHSL
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:07 2025 by rpki-client