Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F27D42EF05411EF9C4A0E44762E951A.roa
File: 9F27D42EF05411EF9C4A0E44762E951A.roa (raw, json)
Hash identifier: 3TCvr7bwZ2D/OqT000SWxbUyAEbm90sHjp/tJKGR8hw=
Subject key identifier: 4F:89:84:09:0E:CC:1A:10:E4:15:DE:2C:68:DD:4B:51:C5:16:1D:FF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012819
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F27D42EF05411EF9C4A0E44762E951A.roa
Signing time: Fri 21 Feb 2025 13:06:11 +0000
ROA not before: Fri 21 Feb 2025 13:06:07 +0000
ROA not after: Fri 21 Mar 2025 13:06:07 +0000
asID: 25160
IP address blocks: 45.201.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 15 Mar 2025 00:26:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75801 (0x12819)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 21 13:06:07 2025 GMT
Not After : Mar 21 13:06:07 2025 GMT
Subject: CN=67b87a43-b3c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:95:4d:aa:2b:9d:61:93:5a:73:e5:29:d7:51:
c3:17:c1:04:e8:6b:cb:39:fb:fb:cf:58:be:6f:d8:
bd:3e:18:48:40:57:c3:79:ac:11:9a:3a:63:1b:b1:
78:c1:03:3f:26:8e:e4:73:aa:24:72:93:ff:b6:8d:
44:b3:a1:13:46:a2:f3:04:5f:f3:cc:42:6a:4a:e5:
ac:60:db:ac:00:b6:5f:35:b8:e7:03:54:40:ea:75:
39:0c:b3:2d:02:eb:5a:6f:28:9a:be:90:9d:b5:3c:
98:9e:47:0b:27:92:66:85:44:73:b2:c5:78:99:52:
2f:4d:08:d4:2a:5c:df:0e:6a:18:7a:f5:4a:4a:cf:
89:01:61:ca:87:57:65:b1:13:15:d0:d4:8a:77:66:
95:66:7d:65:b8:cf:70:cd:58:c4:8e:17:ac:1d:d3:
c4:2f:2e:89:91:20:cc:47:3c:2c:d0:d8:0e:76:1b:
bd:78:6a:40:84:20:19:2d:35:8f:f9:b1:bc:b7:a1:
84:4f:89:2d:e8:4b:23:3c:8b:e5:6f:8a:cb:d5:22:
a7:fe:95:59:b0:c1:1e:81:3f:31:83:20:28:df:8d:
b8:68:df:bf:b5:18:e3:37:19:62:a9:a4:be:5c:92:
3d:6b:24:06:a0:9f:a6:82:3c:fa:37:77:44:ae:2d:
85:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:89:84:09:0E:CC:1A:10:E4:15:DE:2C:68:DD:4B:51:C5:16:1D:FF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F27D42EF05411EF9C4A0E44762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.12.0/22
Signature Algorithm: sha256WithRSAEncryption
15:0f:07:43:69:43:1f:c4:e9:c6:c5:85:a7:02:e0:0f:51:e1:
f3:ad:50:d2:e7:25:72:b4:92:92:1c:0e:fb:30:63:c3:a2:14:
0d:61:c0:b2:cd:90:51:dc:d6:10:c9:7a:09:fb:f6:b2:e1:4d:
d6:cf:17:ac:e1:55:f0:66:86:63:25:ab:b1:07:63:41:62:37:
b4:ad:43:80:52:ef:6c:ed:a8:e4:e5:87:62:4f:53:19:a8:87:
bb:a4:ca:4f:02:15:03:1f:07:3f:99:43:86:bc:4c:bb:56:da:
c9:b3:2d:b7:db:6d:3c:6c:f5:0d:b9:e2:6c:9a:dc:d6:75:17:
7b:9c:f7:7a:52:9f:d7:09:15:53:be:4a:f6:1e:23:4d:b7:ec:
88:52:0f:40:91:52:c4:05:bb:ba:2e:13:3f:31:f3:ff:58:31:
2e:d9:ef:b1:6a:21:27:18:88:3b:3e:78:ac:05:6f:97:12:40:
36:c4:f0:67:15:81:57:83:96:96:44:ee:29:28:37:8b:a0:3f:
32:d4:8b:13:96:cb:c1:c8:02:67:fe:02:58:ec:cb:c3:72:aa:
df:3f:d2:69:6f:55:5a:12:13:87:ef:84:22:7f:1e:48:80:c9:
57:c1:bc:52:9d:e8:00:3f:ac:cb:16:12:23:d6:c9:92:18:b8:
0f:e1:5e:ce
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASgZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjIxMTMwNjA3WhcNMjUwMzIxMTMwNjA3WjAYMRYw
FAYDVQQDEw02N2I4N2E0My1iM2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8ZVNqiudYZNac+Up11HDF8EE6GvLOfv7z1i+b9i9PhhIQFfDeawRmjpj
G7F4wQM/Jo7kc6okcpP/to1Es6ETRqLzBF/zzEJqSuWsYNusALZfNbjnA1RA6nU5
DLMtAutabyiavpCdtTyYnkcLJ5JmhURzssV4mVIvTQjUKlzfDmoYevVKSs+JAWHK
h1dlsRMV0NSKd2aVZn1luM9wzVjEjhesHdPELy6JkSDMRzws0NgOdhu9eGpAhCAZ
LTWP+bG8t6GET4kt6EsjPIvlb4rL1SKn/pVZsMEegT8xgyAo3424aN+/tRjjNxli
qaS+XJI9ayQGoJ+mgjz6N3dEri2F9QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE+J
hAkOzBoQ5BXeLGjdS1HFFh3/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RjI3RDQyRUYwNTQxMUVGOUM0QTBFNDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLckMMA0GCSqGSIb3DQEBCwUA
A4IBAQAVDwdDaUMfxOnGxYWnAuAPUeHzrVDS5yVytJKSHA77MGPDohQNYcCyzZBR
3NYQyXoJ+/ay4U3Wzxes4VXwZoZjJauxB2NBYje0rUOAUu9s7ajk5YdiT1MZqIe7
pMpPAhUDHwc/mUOGvEy7VtrJsy232208bPUNueJsmtzWdRd7nPd6Up/XCRVTvkr2
HiNNt+yIUg9AkVLEBbu6LhM/MfP/WDEu2e+xaiEnGIg7PnisBW+XEkA2xPBnFYFX
g5aWRO4pKDeLoD8y1IsTlsvByAJn/gJY7MvDcqrfP9Jpb1VaEhOH74Qifx5IgMlX
wbxSnegAP6zLFhIj1smSGLgP4V7O
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:16:41 2025 by rpki-client