Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EF13F22F48211EFB35F1195762E951A.roa
File: 9EF13F22F48211EFB35F1195762E951A.roa (raw, json)
Hash identifier: z7bj6jNZK8MYrpKVjFusWw8ceQhamtWR9Ly/YgrP22Y=
Subject key identifier: FD:60:76:65:B0:7A:B6:C3:92:1E:35:EA:C6:6C:AC:B6:CD:F3:CE:3D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01379C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EF13F22F48211EFB35F1195762E951A.roa
Signing time: Wed 26 Feb 2025 20:45:32 +0000
ROA not before: Wed 26 Feb 2025 20:45:28 +0000
ROA not after: Sat 19 Feb 2028 20:45:28 +0000
asID: 17561
IP address blocks: 45.200.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79772 (0x1379c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 20:45:28 2025 GMT
Not After : Feb 19 20:45:28 2028 GMT
Subject: CN=67bf7d6c-3ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:af:b3:e6:d8:f4:8d:20:24:fc:fe:1b:f9:ad:
11:12:1e:aa:05:51:63:ae:cf:7b:47:51:03:4b:cc:
a6:d5:38:39:03:37:5b:c1:9d:81:77:5d:c9:41:cd:
2d:8d:f1:50:a6:ae:14:b4:d8:09:b5:d3:e7:49:f7:
45:c4:96:77:8b:c3:3c:72:a9:9b:aa:c2:4e:80:ef:
61:20:c5:b2:82:1f:df:78:55:21:50:b5:23:c2:79:
17:c1:e8:a4:6c:71:2f:6d:7e:77:ec:99:08:9d:2d:
f6:e9:1a:3d:47:5b:1d:21:30:2b:d0:c5:67:18:02:
61:ea:61:12:66:cb:86:5e:90:4b:47:6b:97:68:52:
59:58:8e:60:d7:11:89:6c:f0:4a:a9:64:77:54:8f:
67:88:5f:3e:47:3f:a1:73:7b:1b:03:b9:1f:e3:8e:
0f:af:42:69:e4:04:40:98:5e:5d:2a:7c:f9:b3:d5:
98:8d:cf:fa:de:81:04:dc:ac:db:b4:37:bd:c4:cf:
58:e4:3e:c6:bd:5c:87:7e:59:7d:95:21:c1:43:a1:
0b:97:44:25:03:eb:04:7b:cd:be:2f:41:d5:31:90:
f8:ea:ef:71:06:7c:4e:1d:f1:4d:b4:50:fe:7a:14:
39:ac:f1:5a:4b:97:a5:e3:f6:e7:df:5b:af:af:ac:
a4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:60:76:65:B0:7A:B6:C3:92:1E:35:EA:C6:6C:AC:B6:CD:F3:CE:3D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EF13F22F48211EFB35F1195762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.133.0/24
Signature Algorithm: sha256WithRSAEncryption
56:79:93:a4:e1:ed:28:c6:7a:ef:63:fb:8a:5a:59:fd:05:2d:
bd:1b:25:ca:15:1d:2e:e2:02:d7:6d:c8:6f:37:ed:27:d9:fc:
6d:a9:22:c1:5c:38:bf:7c:cb:e5:d2:46:8a:cb:6d:26:8b:21:
92:9b:65:30:29:d3:13:6f:76:bf:6e:ac:d8:b1:51:98:25:8c:
6e:4a:70:ad:3e:b1:8a:b4:4b:85:c6:8f:f4:dd:7c:c1:49:e4:
94:77:f1:ff:ba:cd:a4:93:46:9a:5d:b1:8d:59:f3:d3:6c:11:
ef:3e:64:28:bf:b7:c9:c1:c2:dc:14:39:19:01:6f:c6:e0:22:
f8:a1:17:fb:a5:44:dd:28:47:9e:a4:ab:34:a8:e8:c1:14:cd:
d3:8b:63:4d:41:a7:1b:7c:3f:1d:10:7b:2f:06:d4:ac:cc:10:
1c:8e:9a:ad:32:7b:eb:5a:17:9d:68:b4:14:70:e4:8f:08:d1:
3a:87:46:32:4d:2c:8c:50:4d:dc:b7:86:cd:71:c3:9a:a1:03:
fc:e0:8b:7c:c9:c0:31:72:14:87:9d:37:ff:cc:47:3a:1e:21:
02:69:c5:e0:4a:1b:c3:8b:b5:55:d3:53:6a:c3:5f:5c:ed:cf:
87:9b:67:c3:2e:ca:9a:d9:30:cb:2d:d2:7f:74:81:8e:c5:45:
3b:e6:ea:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATecMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MjA0NTI4WhcNMjgwMjE5MjA0NTI4WjAYMRYw
FAYDVQQDEw02N2JmN2Q2Yy0zZWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApa+z5tj0jSAk/P4b+a0REh6qBVFjrs97R1EDS8ym1Tg5AzdbwZ2Bd13J
Qc0tjfFQpq4UtNgJtdPnSfdFxJZ3i8M8cqmbqsJOgO9hIMWygh/feFUhULUjwnkX
weikbHEvbX537JkInS326Ro9R1sdITAr0MVnGAJh6mESZsuGXpBLR2uXaFJZWI5g
1xGJbPBKqWR3VI9niF8+Rz+hc3sbA7kf444Pr0Jp5ARAmF5dKnz5s9WYjc/63oEE
3KzbtDe9xM9Y5D7GvVyHfll9lSHBQ6ELl0QlA+sEe82+L0HVMZD46u9xBnxOHfFN
tFD+ehQ5rPFaS5el4/bn31uvr6ykFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP1g
dmWwerbDkh416sZsrLbN8849MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RUYxM0YyMkY0ODIxMUVGQjM1RjExOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALciFMA0GCSqGSIb3DQEBCwUA
A4IBAQBWeZOk4e0oxnrvY/uKWln9BS29GyXKFR0u4gLXbchvN+0n2fxtqSLBXDi/
fMvl0kaKy20miyGSm2UwKdMTb3a/bqzYsVGYJYxuSnCtPrGKtEuFxo/03XzBSeSU
d/H/us2kk0aaXbGNWfPTbBHvPmQov7fJwcLcFDkZAW/G4CL4oRf7pUTdKEeepKs0
qOjBFM3Ti2NNQacbfD8dEHsvBtSszBAcjpqtMnvrWhedaLQUcOSPCNE6h0YyTSyM
UE3ct4bNccOaoQP84It8ycAxchSHnTf/zEc6HiECacXgShvDi7VV01Nqw19c7c+H
m2fDLsqa2TDLLdJ/dIGOxUU75up/
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:27:15 2025 by rpki-client