Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF8371A0F46611EFA7F5D853762E951A.roa
File: AF8371A0F46611EFA7F5D853762E951A.roa (raw, json)
Hash identifier: UO6nDxPoRK0bXaVR4Kc9dRKj4Dr5s5GqSwMgyui9kwo=
Subject key identifier: 76:AC:13:C1:3C:84:34:F4:EE:DE:88:F5:79:DF:EB:44:6C:F3:36:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013590
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF8371A0F46611EFA7F5D853762E951A.roa
Signing time: Wed 26 Feb 2025 17:25:34 +0000
ROA not before: Wed 26 Feb 2025 17:25:30 +0000
ROA not after: Thu 19 Feb 2026 17:25:30 +0000
asID: 984
IP address blocks: 45.201.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79248 (0x13590)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 17:25:30 2025 GMT
Not After : Feb 19 17:25:30 2026 GMT
Subject: CN=67bf4e8e-918c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:33:2b:d0:7f:9d:0a:11:f0:8e:4d:68:d8:15:
e1:e2:a6:49:0b:03:85:94:0e:3a:fc:ac:70:d6:4a:
57:fe:13:d9:65:bd:ac:c8:04:ce:f3:e8:cf:93:b8:
26:b3:7b:de:bf:f0:ba:60:8f:f1:21:12:73:8f:07:
9c:36:c8:54:71:49:b6:f2:6f:ae:59:23:a4:87:2a:
2e:2a:06:b0:ab:83:0c:90:5b:20:83:0a:fe:31:09:
97:8b:3e:cc:22:ea:d0:88:30:40:22:39:41:96:80:
53:84:68:db:ae:5c:a8:28:6a:49:0d:14:5b:a8:9d:
52:32:1a:18:47:43:80:c8:e6:ad:31:1e:ee:bf:f9:
63:8b:5c:39:09:62:de:95:e7:2f:f2:df:51:ee:6b:
c8:d0:51:1f:f2:53:48:08:d1:4c:48:11:11:c6:e3:
ed:32:cb:6b:0f:51:49:d7:9a:c8:87:bd:b7:77:14:
4e:d6:64:75:ae:ba:a3:aa:eb:6b:ae:f0:07:d1:a9:
20:62:4b:45:5e:50:64:4f:cb:3c:bb:0b:b2:99:85:
df:18:17:9f:a8:ee:34:51:f4:57:04:73:41:b2:48:
a3:95:ed:13:9b:51:9d:9d:3c:4a:22:70:42:26:4b:
76:8a:62:53:aa:9e:85:ee:59:eb:9d:2d:dc:68:3f:
39:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:AC:13:C1:3C:84:34:F4:EE:DE:88:F5:79:DF:EB:44:6C:F3:36:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF8371A0F46611EFA7F5D853762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.43.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:c8:af:7b:f6:ff:d9:d6:14:5b:a0:ea:fd:c6:51:a2:a4:70:
0d:c0:f8:6e:bc:5f:83:11:31:9a:83:50:79:55:a5:9e:9c:eb:
84:fa:86:59:0a:5d:03:c4:99:2d:f2:bb:2f:7c:6a:6f:9e:b3:
08:ca:22:39:45:c5:cd:08:a0:c2:6c:1b:c2:b0:56:ce:f9:92:
1a:ca:ed:85:45:7f:40:6d:34:27:68:6c:2a:dd:2f:24:b7:fb:
1f:10:12:24:b2:75:6b:20:a7:62:48:0e:2c:1d:e3:57:1d:e8:
ee:e0:ab:b9:a1:6b:10:9b:f1:0d:b7:a5:05:b9:0b:0e:0b:c8:
e4:58:5d:00:24:d3:ed:d0:ce:27:89:a2:79:7c:f2:e7:59:d4:
11:ec:85:db:72:c4:6a:25:da:4e:ac:19:5e:f1:c9:0a:cf:2d:
4f:fb:c9:fc:82:63:e2:ba:00:77:da:80:10:b6:a9:fc:f3:13:
ab:eb:16:2e:85:09:b3:24:5d:d2:57:0e:f9:a9:74:48:6e:9a:
ea:1a:8f:ef:8d:ed:b9:9f:01:29:25:be:f6:10:48:db:24:a5:
e7:b0:c4:57:eb:0c:ba:5a:ba:bb:0c:b3:e2:f4:f5:21:ef:41:
85:39:52:45:b0:3b:62:ca:0f:aa:2d:19:51:85:66:f9:a9:ed:
73:27:8f:59
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATWQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTcyNTMwWhcNMjYwMjE5MTcyNTMwWjAYMRYw
FAYDVQQDEw02N2JmNGU4ZS05MThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4TMr0H+dChHwjk1o2BXh4qZJCwOFlA46/Kxw1kpX/hPZZb2syATO8+jP
k7gms3vev/C6YI/xIRJzjwecNshUcUm28m+uWSOkhyouKgawq4MMkFsggwr+MQmX
iz7MIurQiDBAIjlBloBThGjbrlyoKGpJDRRbqJ1SMhoYR0OAyOatMR7uv/lji1w5
CWLelecv8t9R7mvI0FEf8lNICNFMSBERxuPtMstrD1FJ15rIh723dxRO1mR1rrqj
qutrrvAH0akgYktFXlBkT8s8uwuymYXfGBefqO40UfRXBHNBskijle0Tm1GdnTxK
InBCJkt2imJTqp6F7lnrnS3caD85IwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHas
E8E8hDT07t6I9Xnf60Rs8zZJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRjgzNzFBMEY0NjYxMUVGQTdGNUQ4NTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALckrMA0GCSqGSIb3DQEBCwUA
A4IBAQBOyK979v/Z1hRboOr9xlGipHANwPhuvF+DETGag1B5VaWenOuE+oZZCl0D
xJkt8rsvfGpvnrMIyiI5RcXNCKDCbBvCsFbO+ZIayu2FRX9AbTQnaGwq3S8kt/sf
EBIksnVrIKdiSA4sHeNXHeju4Ku5oWsQm/ENt6UFuQsOC8jkWF0AJNPt0M4niaJ5
fPLnWdQR7IXbcsRqJdpOrBle8ckKzy1P+8n8gmPiugB32oAQtqn88xOr6xYuhQmz
JF3SVw75qXRIbprqGo/vje25nwEpJb72EEjbJKXnsMRX6wy6Wrq7DLPi9PUh70GF
OVJFsDtiyg+qLRlRhWb5qe1zJ49Z
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:42 2025 by rpki-client