Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B485D838FF2311EFAD270569762E951A.roa
File: B485D838FF2311EFAD270569762E951A.roa (raw, json)
Hash identifier: gSqrt+kNg669YpakRbFenoFGFuDYWi+qn4rd9HHdp0U=
Subject key identifier: 38:0B:BA:0F:57:7C:99:7F:61:62:C8:87:EC:F3:E6:CE:AF:42:13:8F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014526
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B485D838FF2311EFAD270569762E951A.roa
Signing time: Wed 12 Mar 2025 09:23:49 +0000
ROA not before: Wed 12 Mar 2025 09:23:37 +0000
ROA not after: Thu 17 Apr 2025 09:23:37 +0000
asID: 10103
IP address blocks: 45.196.206.0/23 maxlen: 24
45.196.225.0/24 maxlen: 24
45.196.226.0/24 maxlen: 24
45.196.227.0/24 maxlen: 24
45.196.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83238 (0x14526)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 12 09:23:37 2025 GMT
Not After : Apr 17 09:23:37 2025 GMT
Subject: CN=67d152a5-3867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3b:ab:d4:3d:28:27:28:67:ff:73:0c:72:fa:
d9:11:66:c6:64:62:39:dd:3e:04:67:94:9e:e3:29:
be:08:8c:4a:91:e3:f2:50:b1:69:4d:df:88:00:d3:
04:01:54:e6:9e:76:fd:b1:af:3c:f5:51:05:c8:69:
f7:7c:ea:b3:12:81:ff:59:9c:70:d0:35:57:0a:85:
0d:63:4b:32:0b:77:80:fd:cf:b1:2e:08:6e:5b:f2:
c9:cd:22:85:ec:bc:41:bc:72:c9:95:b7:41:9f:6b:
c7:b9:2c:c9:c0:8a:13:7b:bd:30:61:d4:09:53:bc:
56:3a:c4:e4:62:8f:a3:8b:aa:1c:42:09:c7:2b:61:
27:dc:38:6e:ae:ce:ac:79:d4:6a:23:32:5a:fb:ae:
74:e0:25:74:df:6c:e2:7e:07:ea:02:fd:1a:c8:1b:
83:f8:ac:8d:f6:61:6e:07:40:a5:75:58:f3:d9:90:
55:13:3a:6c:d9:c5:11:b8:6b:25:52:16:0b:c1:ea:
ef:61:cd:5a:e8:eb:8f:ee:f6:dd:16:d6:38:16:30:
6f:99:86:b3:30:c7:60:8e:72:f0:78:53:ff:46:d7:
d2:fe:e8:a9:6e:b5:8e:91:e0:74:bb:9e:e1:69:72:
50:4d:7b:3a:d5:75:f4:60:34:2a:5a:f0:40:a5:26:
bd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0B:BA:0F:57:7C:99:7F:61:62:C8:87:EC:F3:E6:CE:AF:42:13:8F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B485D838FF2311EFAD270569762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.206.0/23
45.196.225.0-45.196.228.255
Signature Algorithm: sha256WithRSAEncryption
51:cf:b7:b2:c9:f2:4c:dc:4d:a9:90:c9:fd:1f:43:fa:6a:99:
6f:d7:57:05:5b:f6:36:a6:34:04:29:b2:c3:56:eb:53:ae:b6:
53:05:2c:66:d7:ff:17:dc:7a:2c:05:38:33:c2:15:09:65:f4:
42:29:75:60:d5:8d:a5:63:34:51:71:2c:d3:f3:0f:12:e7:19:
54:9c:45:96:39:27:dc:05:ca:5d:19:79:68:c5:3a:bb:c7:4b:
28:dc:93:62:1b:f4:b8:a5:26:f2:85:6a:33:61:33:d7:8a:a8:
75:29:32:b2:56:30:06:d5:a5:34:21:de:29:95:d4:53:29:4b:
7f:77:e7:41:13:50:0c:d0:bf:45:c4:27:5d:78:6c:38:10:90:
32:12:65:30:ce:bc:d7:a8:7a:01:cf:39:5d:dc:cd:e7:ea:eb:
77:a9:2c:fd:68:99:73:9a:80:8b:96:12:3d:30:3b:29:c6:6e:
59:00:f8:11:a5:5a:ef:16:1a:dc:06:8a:c0:d5:01:2d:33:3f:
24:d3:2f:5e:93:de:8f:64:85:34:29:88:4a:cd:85:fd:b4:42:
f4:b5:5e:e1:51:27:31:b1:9f:0b:e2:10:55:a1:38:3a:61:cc:
c7:59:d6:fb:2c:67:46:01:d5:cb:49:58:a1:ec:f1:73:fd:7e:
5e:ea:b9:43
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAUUmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzEyMDkyMzM3WhcNMjUwNDE3MDkyMzM3WjAYMRYw
FAYDVQQDEw02N2QxNTJhNS0zODY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzjur1D0oJyhn/3MMcvrZEWbGZGI53T4EZ5Se4ym+CIxKkePyULFpTd+I
ANMEAVTmnnb9sa889VEFyGn3fOqzEoH/WZxw0DVXCoUNY0syC3eA/c+xLghuW/LJ
zSKF7LxBvHLJlbdBn2vHuSzJwIoTe70wYdQJU7xWOsTkYo+ji6ocQgnHK2En3Dhu
rs6sedRqIzJa+6504CV032zifgfqAv0ayBuD+KyN9mFuB0CldVjz2ZBVEzps2cUR
uGslUhYLwervYc1a6OuP7vbdFtY4FjBvmYazMMdgjnLweFP/RtfS/uipbrWOkeB0
u57haXJQTXs61XX0YDQqWvBApSa9JQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFDgL
ug9XfJl/YWLIh+zz5s6vQhOPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNDg1RDgzOEZGMjMxMUVGQUQyNzA1Njk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBLcTOMAwDBAAtxOEDBAAtxOQw
DQYJKoZIhvcNAQELBQADggEBAFHPt7LJ8kzcTamQyf0fQ/pqmW/XVwVb9jamNAQp
ssNW61OutlMFLGbX/xfceiwFODPCFQll9EIpdWDVjaVjNFFxLNPzDxLnGVScRZY5
J9wFyl0ZeWjFOrvHSyjck2Ib9LilJvKFajNhM9eKqHUpMrJWMAbVpTQh3imV1FMp
S39350ETUAzQv0XEJ114bDgQkDISZTDOvNeoegHPOV3czefq63epLP1omXOagIuW
Ej0wOynGblkA+BGlWu8WGtwGisDVAS0zPyTTL16T3o9khTQpiErNhf20QvS1XuFR
JzGxnwviEFWhODphzMdZ1vssZ0YB1ctJWKHs8XP9fl7quUM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:24:58 2025 by rpki-client