Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AEC7ECF6F1A911EF99DB4E63762E951A.roa
File: AEC7ECF6F1A911EF99DB4E63762E951A.roa (raw, json)
Hash identifier: Q6FQh0cwxTevnuUm6GtZCAWKFko3DBdqXi3yKz7yKsI=
Subject key identifier: 01:B3:C7:A8:FB:A7:C3:B1:67:31:81:92:11:70:0D:0D:46:8E:D0:35
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0129E6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AEC7ECF6F1A911EF99DB4E63762E951A.roa
Signing time: Sun 23 Feb 2025 05:47:36 +0000
ROA not before: Sun 23 Feb 2025 05:47:32 +0000
ROA not after: Sun 23 Mar 2025 05:47:32 +0000
asID: 137899
IP address blocks: 45.204.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 15 Mar 2025 00:26:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76262 (0x129e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 23 05:47:32 2025 GMT
Not After : Mar 23 05:47:32 2025 GMT
Subject: CN=67bab677-8df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0f:14:46:ce:c9:43:2c:b5:29:33:e9:43:62:
08:49:39:52:63:3b:06:38:43:3f:5c:44:b0:dc:fd:
e7:b0:32:93:d8:b9:a3:59:2c:28:e8:62:e7:d3:d3:
38:96:41:f0:82:45:d4:26:bf:2c:5d:d1:5c:5d:3a:
7c:26:b1:25:9a:4c:6b:44:ea:1a:37:2f:b8:4f:e7:
31:66:b7:3c:d4:bf:5e:cc:aa:df:f6:a5:16:0e:b5:
08:09:3a:d2:08:1d:db:40:db:d3:eb:fe:b0:f7:cf:
2a:8d:51:8d:27:82:f2:4b:41:d4:fc:23:a7:63:f9:
6d:0c:19:7e:02:54:d7:9c:dd:de:e0:0c:a0:55:02:
d1:ef:c3:6c:d2:5e:19:8a:b6:50:1a:80:3b:bd:b1:
74:71:34:a2:b6:33:88:2a:e1:8d:e5:be:c7:3a:8b:
14:9f:57:18:88:85:eb:b1:db:61:e6:d9:98:ca:9e:
61:03:60:dd:71:b9:8e:cc:19:49:34:e2:15:0e:47:
60:30:f6:d0:ef:3f:dc:54:17:07:f5:02:df:fb:ff:
e8:87:96:81:99:6d:37:1f:63:69:4d:cc:64:f1:cf:
14:69:5d:7f:1a:04:9c:95:a6:07:ce:0d:57:f5:f2:
7f:74:37:43:a6:20:91:17:6a:69:82:e4:05:05:3f:
3a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B3:C7:A8:FB:A7:C3:B1:67:31:81:92:11:70:0D:0D:46:8E:D0:35
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AEC7ECF6F1A911EF99DB4E63762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.32.0/19
Signature Algorithm: sha256WithRSAEncryption
2b:6f:a5:98:ce:09:28:0a:b5:81:96:db:60:3c:2f:b9:7b:06:
80:a5:83:51:75:6e:f8:51:9f:c2:28:2c:e1:3d:60:a3:38:f8:
78:89:a4:d7:62:3b:ec:ac:55:e4:4c:25:b0:88:40:38:dd:89:
e2:1f:fa:1d:43:26:84:6b:05:ce:96:d7:21:aa:21:93:11:59:
11:61:46:24:30:16:6e:9e:3a:cf:36:e9:4b:15:64:66:62:e9:
69:8a:dd:97:37:42:49:8a:77:5a:e3:dc:f5:bd:be:6f:a0:7e:
d9:86:2c:aa:27:b7:f4:92:fe:7d:03:09:de:d8:e3:f6:1c:c2:
40:e6:b5:3e:f3:83:1a:b3:ee:31:aa:b4:23:fb:3f:85:2d:71:
16:48:db:16:66:23:fd:02:1c:c3:9e:51:29:3f:a7:74:36:40:
a2:05:8c:ca:1b:4f:d4:13:9b:d0:31:7a:72:76:7b:09:20:5f:
17:04:7a:45:50:7c:6d:77:be:cf:3d:fe:a0:81:f6:87:d1:d7:
d2:07:09:2f:f1:d0:bb:65:bc:6a:4d:7d:4a:23:b6:f6:4b:b7:
07:d4:4d:cb:95:b5:47:53:c4:11:5d:2f:05:40:1f:a7:dd:aa:
c5:26:6b:92:ac:49:c1:35:9f:d8:c1:65:62:34:7c:2d:df:f2:
d3:0f:cf:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASnmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjIzMDU0NzMyWhcNMjUwMzIzMDU0NzMyWjAYMRYw
FAYDVQQDEw02N2JhYjY3Ny04ZGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2A8URs7JQyy1KTPpQ2IISTlSYzsGOEM/XESw3P3nsDKT2LmjWSwo6GLn
09M4lkHwgkXUJr8sXdFcXTp8JrElmkxrROoaNy+4T+cxZrc81L9ezKrf9qUWDrUI
CTrSCB3bQNvT6/6w988qjVGNJ4LyS0HU/COnY/ltDBl+AlTXnN3e4AygVQLR78Ns
0l4ZirZQGoA7vbF0cTSitjOIKuGN5b7HOosUn1cYiIXrsdth5tmYyp5hA2DdcbmO
zBlJNOIVDkdgMPbQ7z/cVBcH9QLf+//oh5aBmW03H2NpTcxk8c8UaV1/GgSclaYH
zg1X9fJ/dDdDpiCRF2ppguQFBT86mwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAGz
x6j7p8OxZzGBkhFwDQ1GjtA1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRUM3RUNGNkYxQTkxMUVGOTlEQjRFNjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLcwgMA0GCSqGSIb3DQEBCwUA
A4IBAQArb6WYzgkoCrWBlttgPC+5ewaApYNRdW74UZ/CKCzhPWCjOPh4iaTXYjvs
rFXkTCWwiEA43YniH/odQyaEawXOltchqiGTEVkRYUYkMBZunjrPNulLFWRmYulp
it2XN0JJinda49z1vb5voH7ZhiyqJ7f0kv59Awne2OP2HMJA5rU+84Mas+4xqrQj
+z+FLXEWSNsWZiP9AhzDnlEpP6d0NkCiBYzKG0/UE5vQMXpydnsJIF8XBHpFUHxt
d77PPf6ggfaH0dfSBwkv8dC7ZbxqTX1KI7b2S7cH1E3LlbVHU8QRXS8FQB+n3arF
JmuSrEnBNZ/YwWViNHwt3/LTD88a
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:56:15 2025 by rpki-client