Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B789769C0D2F11F0A59FF162762E951A.roa
File: B789769C0D2F11F0A59FF162762E951A.roa (raw, json)
Hash identifier: TZfAoaFZrR9RLEQiMYsoG5A6JwheFdYXA+oDLOwo28c=
Subject key identifier: 42:B7:80:AE:BA:36:85:B5:97:AE:1C:E4:4E:D2:A2:52:F3:30:27:46
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014932
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B789769C0D2F11F0A59FF162762E951A.roa
Signing time: Sun 30 Mar 2025 06:25:04 +0000
ROA not before: Sun 30 Mar 2025 06:25:00 +0000
ROA not after: Sun 04 May 2025 06:25:00 +0000
asID: 401615
IP address blocks: 45.196.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84274 (0x14932)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 30 06:25:00 2025 GMT
Not After : May 4 06:25:00 2025 GMT
Subject: CN=67e8e3c0-7c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e1:93:df:74:2e:4a:77:9f:92:16:ab:05:e3:
ff:4e:a1:10:21:53:43:52:6f:06:68:7f:71:1e:29:
9c:f2:04:b4:14:8d:e9:b4:ed:49:dd:5e:d8:4c:dd:
f3:f6:80:5b:6f:cc:e6:98:12:b4:d5:a8:20:98:3a:
e8:5c:f1:90:8d:bc:3f:68:e6:d9:f2:68:86:3b:c0:
eb:b3:ef:a4:ed:ac:26:92:c1:fd:28:69:0a:75:d1:
ff:50:09:5e:7f:c6:a1:b6:59:ba:6a:15:12:bc:f7:
5c:4a:14:78:e9:5d:82:19:d3:23:80:ea:b1:f9:94:
5d:14:5c:53:e3:52:c1:79:ba:a2:5a:38:97:3f:bb:
8d:fe:9e:15:dc:a7:cb:98:84:62:09:a2:fd:b7:96:
ae:a8:84:bc:e9:a8:10:aa:19:48:d1:12:fa:8f:0a:
1a:94:99:49:32:19:ee:8b:ea:4f:7c:4e:b7:8e:cd:
16:2f:32:f8:73:10:e2:57:e1:99:60:45:b7:bd:08:
82:a4:bd:0d:3b:79:8a:c6:81:db:0b:70:93:04:fc:
d8:25:07:40:d6:a4:c3:53:08:1f:96:83:e4:ef:eb:
4b:94:8a:b6:ee:21:29:64:3f:91:f3:88:11:3e:18:
19:ed:eb:99:7f:90:71:a6:fd:77:14:b0:a5:e1:ad:
f2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B7:80:AE:BA:36:85:B5:97:AE:1C:E4:4E:D2:A2:52:F3:30:27:46
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B789769C0D2F11F0A59FF162762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.218.0/23
Signature Algorithm: sha256WithRSAEncryption
40:8f:bd:de:f6:f3:f6:67:ac:38:d9:22:74:b9:d7:22:5c:f8:
f7:fb:ac:41:3d:d5:80:56:1d:0b:f4:4c:88:cb:3b:e2:e2:b5:
eb:32:82:3c:fb:01:92:a0:dd:93:17:3b:77:ca:7c:41:4f:fb:
63:74:fb:ce:03:5d:8e:0e:34:66:07:3d:4b:ed:08:91:cc:46:
e7:21:6b:22:f2:f8:d6:f0:3c:dc:79:2e:bd:2c:e1:46:b5:8e:
29:a8:e7:50:aa:cd:38:bd:77:ec:ae:0c:76:a8:f3:15:b8:f5:
fa:23:ce:82:67:a9:0a:17:74:52:41:86:c6:02:c6:63:de:a1:
a4:0e:72:c0:88:e1:7e:2e:73:bc:e6:0c:b9:03:77:6e:b2:0c:
5f:4e:cf:7c:1c:90:67:6e:87:a4:64:4c:3b:78:f0:30:bd:86:
4e:bb:3c:a5:27:61:e0:b2:67:a5:4a:bd:e6:83:47:8a:4e:30:
36:40:89:e4:20:31:a3:ce:4c:b0:35:a4:b0:99:b6:03:15:22:
ec:45:8a:31:70:00:b5:6f:01:32:b6:ac:43:7c:2c:c8:79:13:
65:23:bf:18:b5:8d:e6:ac:0a:ad:62:a3:0f:04:b3:cc:3d:1f:
f0:f8:80:f6:28:89:e9:b9:70:d3:85:05:84:5e:cc:f2:e5:ea:
35:f1:5c:73
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUkyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzMwMDYyNTAwWhcNMjUwNTA0MDYyNTAwWjAYMRYw
FAYDVQQDEw02N2U4ZTNjMC03Yzk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvuGT33QuSnefkharBeP/TqEQIVNDUm8GaH9xHimc8gS0FI3ptO1J3V7Y
TN3z9oBbb8zmmBK01aggmDroXPGQjbw/aObZ8miGO8Drs++k7awmksH9KGkKddH/
UAlef8ahtlm6ahUSvPdcShR46V2CGdMjgOqx+ZRdFFxT41LBebqiWjiXP7uN/p4V
3KfLmIRiCaL9t5auqIS86agQqhlI0RL6jwoalJlJMhnui+pPfE63js0WLzL4cxDi
V+GZYEW3vQiCpL0NO3mKxoHbC3CTBPzYJQdA1qTDUwgfloPk7+tLlIq27iEpZD+R
84gRPhgZ7euZf5Bxpv13FLCl4a3yQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEK3
gK66NoW1l64c5E7SolLzMCdGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNzg5NzY5QzBEMkYxMUYwQTU5RkYxNjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcTaMA0GCSqGSIb3DQEBCwUA
A4IBAQBAj73e9vP2Z6w42SJ0udciXPj3+6xBPdWAVh0L9EyIyzvi4rXrMoI8+wGS
oN2TFzt3ynxBT/tjdPvOA12ODjRmBz1L7QiRzEbnIWsi8vjW8DzceS69LOFGtY4p
qOdQqs04vXfsrgx2qPMVuPX6I86CZ6kKF3RSQYbGAsZj3qGkDnLAiOF+LnO85gy5
A3dusgxfTs98HJBnboekZEw7ePAwvYZOuzylJ2HgsmelSr3mg0eKTjA2QInkIDGj
zkywNaSwmbYDFSLsRYoxcAC1bwEytqxDfCzIeRNlI78YtY3mrAqtYqMPBLPMPR/w
+ID2KInpuXDThQWEXszy5eo18Vxz
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:11:50 2025 by rpki-client