Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B37931C403F111F09E7EE5BD762E951A.roa
File: B37931C403F111F09E7EE5BD762E951A.roa (raw, json)
Hash identifier: M+GRQK6giZ9PGhm/ZV9JXmEty/96pl8QB86gi/TH6PM=
Subject key identifier: C5:E4:1E:11:B3:7F:91:3D:69:6D:3D:30:2A:AB:64:09:44:E6:8E:92
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0146B5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B37931C403F111F09E7EE5BD762E951A.roa
Signing time: Tue 18 Mar 2025 12:08:28 +0000
ROA not before: Tue 18 Mar 2025 12:08:24 +0000
ROA not after: Sun 27 Apr 2025 12:08:24 +0000
asID: 48031
IP address blocks: 45.200.181.0/24 maxlen: 24
45.200.182.0/24 maxlen: 24
45.200.183.0/24 maxlen: 24
45.200.184.0/24 maxlen: 24
45.200.185.0/24 maxlen: 24
45.200.186.0/24 maxlen: 24
45.200.187.0/24 maxlen: 24
45.200.188.0/24 maxlen: 24
45.200.189.0/24 maxlen: 24
45.200.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83637 (0x146b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 18 12:08:24 2025 GMT
Not After : Apr 27 12:08:24 2025 GMT
Subject: CN=67d9623c-53ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:74:c7:05:c3:5d:8c:6c:ed:3d:8c:d4:9a:92:
b9:4b:3a:7b:f1:13:95:22:dc:a2:73:6d:61:9a:13:
1a:8c:81:fd:35:f2:bd:a3:9e:d1:41:35:84:aa:62:
e9:6b:42:d0:de:df:ea:c7:97:eb:2f:72:f4:77:7d:
9f:54:b3:57:f6:a7:9d:1a:70:32:c6:50:9b:61:1c:
6a:46:49:8f:fe:0a:b7:55:6a:01:16:d9:95:cf:b4:
6d:66:48:1d:f7:ff:13:96:11:5a:da:6f:b3:c9:0b:
7d:37:ba:6f:12:35:52:24:cd:b1:4f:b8:42:50:5b:
44:80:29:02:44:2f:70:1a:f0:7f:07:fb:b3:59:10:
19:c9:70:6f:55:95:73:7c:b8:20:59:2d:40:b3:fd:
59:a0:cd:e5:cc:00:b2:00:3f:ac:d7:6c:cc:d6:1e:
70:52:ab:f0:58:b5:dd:79:c1:a2:ef:ec:71:39:13:
14:f1:85:3a:3a:a0:92:5b:e2:3c:4f:29:ea:f2:f1:
b8:47:3c:61:ec:61:76:6a:08:e2:54:e9:04:5e:1b:
f6:d1:cd:62:b7:d6:95:97:68:1f:d9:19:ea:68:b1:
2e:c5:8b:9b:b6:7c:66:e1:08:0c:f2:df:99:97:e5:
b1:8a:45:b3:c8:fe:cd:50:48:4f:f6:4b:88:d2:8c:
fa:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E4:1E:11:B3:7F:91:3D:69:6D:3D:30:2A:AB:64:09:44:E6:8E:92
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B37931C403F111F09E7EE5BD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.181.0-45.200.190.255
Signature Algorithm: sha256WithRSAEncryption
2c:80:d1:8a:3e:94:52:93:0e:ee:1a:58:51:fb:d4:c6:90:0c:
c1:92:c5:fd:66:7d:02:d6:f0:21:7b:c9:99:57:b0:1c:72:62:
56:bf:72:26:40:24:3a:07:00:14:e5:f0:20:38:14:98:34:f3:
37:48:a3:52:62:1f:e6:e6:46:73:fe:98:47:68:ae:0c:23:c4:
12:11:49:b3:62:4c:95:2e:03:20:55:7c:91:d6:de:da:d9:e4:
61:07:4c:fd:fa:5b:92:34:28:ab:36:f5:3c:7d:be:9d:cc:76:
c7:3a:34:27:e2:aa:74:5a:dc:d0:c1:be:1a:45:96:c1:4f:fb:
77:00:f1:1a:99:47:be:1a:3a:76:08:96:3d:7e:93:9e:35:b8:
80:cd:61:b0:36:57:ca:e3:d3:26:23:c4:f0:6d:91:53:80:4d:
a6:bb:6e:3b:89:66:90:b3:93:87:ff:cb:8d:04:0b:bc:23:bd:
f3:e7:a9:a2:d8:93:2b:15:02:65:b2:38:ec:d9:81:68:7f:60:
79:da:dd:6c:f8:17:17:a1:64:23:02:cf:b9:bd:01:f3:ad:61:
43:b6:d6:53:09:32:2f:0a:64:d3:45:6a:44:bf:a6:6c:95:9e:
c0:9f:ce:54:34:97:29:18:ea:b3:fc:37:e7:cf:4f:83:72:22:
2e:75:ba:fa
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUa1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE4MTIwODI0WhcNMjUwNDI3MTIwODI0WjAYMRYw
FAYDVQQDEw02N2Q5NjIzYy01M2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy3THBcNdjGztPYzUmpK5Szp78ROVItyic21hmhMajIH9NfK9o57RQTWE
qmLpa0LQ3t/qx5frL3L0d32fVLNX9qedGnAyxlCbYRxqRkmP/gq3VWoBFtmVz7Rt
Zkgd9/8TlhFa2m+zyQt9N7pvEjVSJM2xT7hCUFtEgCkCRC9wGvB/B/uzWRAZyXBv
VZVzfLggWS1As/1ZoM3lzACyAD+s12zM1h5wUqvwWLXdecGi7+xxORMU8YU6OqCS
W+I8Tynq8vG4Rzxh7GF2agjiVOkEXhv20c1it9aVl2gf2RnqaLEuxYubtnxm4QgM
8t+Zl+WxikWzyP7NUEhP9kuI0oz6LwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMXk
HhGzf5E9aW09MCqrZAlE5o6SMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMzc5MzFDNDAzRjExMUYwOUU3RUU1QkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtyLUDBAAtyL4wDQYJKoZI
hvcNAQELBQADggEBACyA0Yo+lFKTDu4aWFH71MaQDMGSxf1mfQLW8CF7yZlXsBxy
Yla/ciZAJDoHABTl8CA4FJg08zdIo1JiH+bmRnP+mEdorgwjxBIRSbNiTJUuAyBV
fJHW3trZ5GEHTP36W5I0KKs29Tx9vp3Mdsc6NCfiqnRa3NDBvhpFlsFP+3cA8RqZ
R74aOnYIlj1+k541uIDNYbA2V8rj0yYjxPBtkVOATaa7bjuJZpCzk4f/y40EC7wj
vfPnqaLYkysVAmWyOOzZgWh/YHna3Wz4FxehZCMCz7m9AfOtYUO21lMJMi8KZNNF
akS/pmyVnsCfzlQ0lykY6rP8N+fPT4NyIi51uvo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:33 2025 by rpki-client