Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2F998E6F38F11EFA966D685762E951A.roa
File: B2F998E6F38F11EFA966D685762E951A.roa (raw, json)
Hash identifier: DFvzW4Fk0XtFOHSYh1gQXErf8o87l0zFB4ANJwywDuY=
Subject key identifier: CF:CF:8B:2C:F0:DA:3C:82:32:B0:D0:77:CF:69:BD:B4:F1:54:7B:C0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012E79
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2F998E6F38F11EFA966D685762E951A.roa
Signing time: Tue 25 Feb 2025 15:46:38 +0000
ROA not before: Tue 25 Feb 2025 15:46:34 +0000
ROA not after: Wed 09 Apr 2025 15:46:34 +0000
asID: 63139
IP address blocks: 45.197.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77433 (0x12e79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 25 15:46:34 2025 GMT
Not After : Apr 9 15:46:34 2025 GMT
Subject: CN=67bde5de-9c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8f:8d:50:c4:0c:7a:db:1e:3a:2b:19:79:57:
50:7d:83:7f:1e:9e:87:4c:ef:ce:3b:df:7a:36:ca:
a5:f0:0c:96:5f:70:a5:7a:37:f8:68:2b:1c:20:fe:
4b:a0:3b:80:10:b2:79:a8:54:35:02:f6:d1:dd:af:
c3:9b:c6:a3:04:61:cb:1e:70:f8:18:2d:6f:5e:5d:
4b:07:31:64:10:01:1c:2a:15:a0:d2:6c:d2:bc:9b:
6c:12:3b:b4:f6:80:eb:cd:54:2b:d7:6c:08:4b:2c:
14:5f:e5:7a:bd:ac:b8:de:45:a4:7b:58:4e:11:bd:
a7:54:a7:23:93:17:dd:0d:4f:47:35:40:11:bf:09:
b1:96:ea:38:a8:66:e5:8d:2f:f3:91:07:1f:1c:9b:
ef:73:5f:2b:56:d1:66:43:64:f2:66:d8:8f:89:60:
f6:ac:be:cc:d6:2a:55:d1:fc:1e:10:08:92:02:40:
cc:f3:1c:52:53:5d:ff:88:06:1d:a3:b8:16:fb:1b:
62:fb:47:60:e8:08:0d:d9:28:08:44:ad:09:7f:c7:
16:e5:42:ce:f2:80:d3:cd:2b:35:1c:5d:03:62:00:
9e:17:db:c6:7b:11:ac:73:93:2f:58:46:48:d5:ca:
7e:2a:7b:53:bd:da:00:4f:36:f8:40:94:ad:20:0f:
22:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:CF:8B:2C:F0:DA:3C:82:32:B0:D0:77:CF:69:BD:B4:F1:54:7B:C0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2F998E6F38F11EFA966D685762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.104.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:5e:73:06:85:5e:68:35:2d:4b:a3:e2:4a:e6:ce:c6:ec:0c:
2b:32:b5:ec:26:44:62:89:14:fb:89:74:c5:08:9c:02:b1:09:
e8:79:f5:51:fc:e6:d6:e9:30:dd:d6:8c:38:6b:37:5a:43:0d:
d1:76:39:a1:04:cc:71:bd:74:d3:d2:cb:a0:f1:5e:85:88:e6:
5b:5e:84:32:65:3a:b4:91:e6:01:cc:1b:30:f1:36:83:fc:ef:
da:1e:e7:7e:9a:95:bc:08:0a:9a:92:a0:cc:b7:98:5b:5c:c8:
d9:8a:46:db:9f:86:db:18:13:ea:46:ae:da:e1:58:bc:05:a1:
24:82:47:e2:7d:b4:bc:cd:f4:ce:23:ec:f5:54:df:66:0f:60:
5d:51:2b:ed:87:45:41:cc:7b:52:d0:e3:6e:b4:43:02:e2:e4:
16:4d:a5:3d:5d:2a:a6:27:56:6b:75:be:53:1e:a0:94:5d:fb:
29:16:8a:9d:fe:8a:ac:68:41:00:38:ec:53:c8:5b:9b:0b:c8:
5b:25:f9:69:4b:f2:c4:99:eb:8a:fb:e2:78:cf:54:0f:ee:b4:
f7:ea:49:fe:be:81:cf:24:a8:4f:47:c7:24:5b:be:fa:c0:ee:
8e:88:8c:ea:d8:6e:e7:64:e4:e2:e8:8e:db:28:89:c0:f6:f2:
2b:58:c3:db
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAS55MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI1MTU0NjM0WhcNMjUwNDA5MTU0NjM0WjAYMRYw
FAYDVQQDEw02N2JkZTVkZS05YzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt4+NUMQMetseOisZeVdQfYN/Hp6HTO/OO996Nsql8AyWX3Clejf4aCsc
IP5LoDuAELJ5qFQ1AvbR3a/Dm8ajBGHLHnD4GC1vXl1LBzFkEAEcKhWg0mzSvJts
Eju09oDrzVQr12wISywUX+V6vay43kWke1hOEb2nVKcjkxfdDU9HNUARvwmxluo4
qGbljS/zkQcfHJvvc18rVtFmQ2TyZtiPiWD2rL7M1ipV0fweEAiSAkDM8xxSU13/
iAYdo7gW+xti+0dg6AgN2SgIRK0Jf8cW5ULO8oDTzSs1HF0DYgCeF9vGexGsc5Mv
WEZI1cp+KntTvdoATzb4QJStIA8iPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM/P
iyzw2jyCMrDQd89pvbTxVHvAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMkY5OThFNkYzOEYxMUVGQTk2NkQ2ODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcVoMA0GCSqGSIb3DQEBCwUA
A4IBAQCgXnMGhV5oNS1Lo+JK5s7G7AwrMrXsJkRiiRT7iXTFCJwCsQnoefVR/ObW
6TDd1ow4azdaQw3RdjmhBMxxvXTT0sug8V6FiOZbXoQyZTq0keYBzBsw8TaD/O/a
Hud+mpW8CAqakqDMt5hbXMjZikbbn4bbGBPqRq7a4Vi8BaEkgkfifbS8zfTOI+z1
VN9mD2BdUSvth0VBzHtS0ONutEMC4uQWTaU9XSqmJ1Zrdb5THqCUXfspFoqd/oqs
aEEAOOxTyFubC8hbJflpS/LEmeuK++J4z1QP7rT36kn+voHPJKhPR8ckW776wO6O
iIzq2G7nZOTi6I7bKInA9vIrWMPb
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:15 2025 by rpki-client