Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2FE1616FA6311EF988171A5762E951A.roa
File: B2FE1616FA6311EF988171A5762E951A.roa (raw, json)
Hash identifier: GSXKXF53GT3upUyqN7hbgaDfwSIh5RpA+UDhrWbHiw8=
Subject key identifier: C3:EA:E5:5B:86:4B:27:63:46:CD:29:33:98:AD:A1:87:BC:BF:6C:11
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01435F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2FE1616FA6311EF988171A5762E951A.roa
Signing time: Thu 06 Mar 2025 08:19:18 +0000
ROA not before: Thu 06 Mar 2025 08:19:14 +0000
ROA not after: Sun 13 Apr 2025 08:19:14 +0000
asID: 23470
IP address blocks: 45.199.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82783 (0x1435f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 6 08:19:14 2025 GMT
Not After : Apr 13 08:19:14 2025 GMT
Subject: CN=67c95a86-5449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:63:ae:97:62:60:0a:ab:83:66:72:3f:c1:3e:
bb:60:8c:74:71:f5:77:c7:2f:ad:62:8c:bc:6f:ce:
e6:5e:d4:eb:b1:cb:71:45:70:97:da:3f:40:53:60:
cc:b6:3c:ed:a9:c0:7a:41:55:a5:b9:b5:98:ec:fb:
06:6b:90:c8:75:4d:24:97:b0:a0:eb:9a:fe:60:f0:
61:96:c2:75:64:bd:ea:e3:24:8a:e4:02:18:f6:9b:
46:ad:7a:27:f3:3a:c8:04:ce:f2:13:cd:6f:b8:11:
4b:b9:75:96:6f:e8:de:23:ec:07:9b:04:51:02:08:
d8:d7:21:35:26:25:3b:66:2f:c6:66:16:53:ba:b0:
87:57:ac:4e:7a:07:1c:2b:75:a6:c9:18:76:49:f4:
d7:6f:59:cb:8c:5d:7f:68:4c:cd:16:d5:5a:e3:19:
d1:4b:8d:2d:ea:06:40:40:55:ca:39:76:f5:04:2d:
f9:3a:4d:f8:8b:8d:e2:9f:e9:91:42:3a:e9:24:23:
9d:b6:87:48:e1:57:3b:d8:33:06:12:c0:38:37:98:
55:86:fe:2c:bc:59:7d:7f:ca:e4:b3:fc:9f:c4:53:
9d:b4:6a:73:e1:b4:f3:28:1f:b6:ee:7a:2c:77:3c:
cf:08:64:0d:56:d9:2d:89:04:81:9a:4b:8f:d4:24:
b7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:EA:E5:5B:86:4B:27:63:46:CD:29:33:98:AD:A1:87:BC:BF:6C:11
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2FE1616FA6311EF988171A5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.189.0/24
Signature Algorithm: sha256WithRSAEncryption
85:71:43:e2:86:f4:de:c1:e5:05:c8:0f:33:2a:ea:ec:07:65:
41:f4:e4:ed:06:9c:0f:15:9b:73:73:0d:40:01:e1:22:6f:88:
5c:f3:f0:1f:15:11:a1:63:52:0d:0c:c5:b0:75:6f:72:2a:8b:
e1:8c:c8:57:8a:72:9f:1b:5f:d9:a1:0c:dc:f4:e9:9f:46:92:
30:51:02:5c:d4:e6:e5:82:2e:7a:ec:9c:21:db:a5:5b:c9:e9:
92:3f:16:1a:73:6d:61:d3:e1:db:a4:0e:fa:d4:3a:b8:4f:f6:
0d:9d:58:d6:d7:ff:8f:95:ee:ef:54:b0:bb:a9:be:7e:2c:39:
85:b6:6a:9e:28:c7:3a:2b:76:1c:c6:e6:f5:69:f4:76:0f:53:
96:c9:c7:f6:68:59:d0:9f:37:af:44:0c:d1:3b:73:35:c3:a2:
31:24:66:38:fe:f4:e8:06:5a:e0:53:41:ed:3d:15:39:10:b2:
a4:02:25:8f:be:d2:67:46:85:59:1d:1d:1a:4a:fb:6b:06:be:
2c:cd:53:f4:9d:d5:b1:a6:4a:23:55:dd:54:5b:7c:7c:bc:2a:
84:64:1a:20:65:0f:d8:40:a4:b2:8f:79:c7:fc:19:af:a6:50:
ae:30:23:06:0a:40:cb:53:35:d7:b8:4b:71:60:0c:0c:37:65:
df:f1:33:c2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUNfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA2MDgxOTE0WhcNMjUwNDEzMDgxOTE0WjAYMRYw
FAYDVQQDEw02N2M5NWE4Ni01NDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0mOul2JgCquDZnI/wT67YIx0cfV3xy+tYoy8b87mXtTrsctxRXCX2j9A
U2DMtjztqcB6QVWlubWY7PsGa5DIdU0kl7Cg65r+YPBhlsJ1ZL3q4ySK5AIY9ptG
rXon8zrIBM7yE81vuBFLuXWWb+jeI+wHmwRRAgjY1yE1JiU7Zi/GZhZTurCHV6xO
egccK3WmyRh2SfTXb1nLjF1/aEzNFtVa4xnRS40t6gZAQFXKOXb1BC35Ok34i43i
n+mRQjrpJCOdtodI4Vc72DMGEsA4N5hVhv4svFl9f8rks/yfxFOdtGpz4bTzKB+2
7nosdzzPCGQNVtktiQSBmkuP1CS3iQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMPq
5VuGSydjRs0pM5itoYe8v2wRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMkZFMTYxNkZBNjMxMUVGOTg4MTcxQTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALce9MA0GCSqGSIb3DQEBCwUA
A4IBAQCFcUPihvTeweUFyA8zKursB2VB9OTtBpwPFZtzcw1AAeEib4hc8/AfFRGh
Y1INDMWwdW9yKovhjMhXinKfG1/ZoQzc9OmfRpIwUQJc1Oblgi567Jwh26VbyemS
PxYac21h0+HbpA761Dq4T/YNnVjW1/+Ple7vVLC7qb5+LDmFtmqeKMc6K3Ycxub1
afR2D1OWycf2aFnQnzevRAzRO3M1w6IxJGY4/vToBlrgU0HtPRU5ELKkAiWPvtJn
RoVZHR0aSvtrBr4szVP0ndWxpkojVd1UW3x8vCqEZBogZQ/YQKSyj3nH/BmvplCu
MCMGCkDLUzXXuEtxYAwMN2Xf8TPC
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:38 2025 by rpki-client