Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B904E064FCD211EF8BDF8590762E951A.roa
File: B904E064FCD211EF8BDF8590762E951A.roa (raw, json)
Hash identifier: aG7Nv8BU4vI3kSfT67hEwodOJVxSNF48ZWXtXHKOXxQ=
Subject key identifier: 90:DC:E8:52:FA:46:3C:4D:E2:E3:41:70:C7:A3:98:6E:B9:67:B0:B6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014457
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B904E064FCD211EF8BDF8590762E951A.roa
Signing time: Sun 09 Mar 2025 10:39:05 +0000
ROA not before: Sun 09 Mar 2025 10:39:01 +0000
ROA not after: Wed 16 Apr 2025 10:39:01 +0000
asID: 202736
IP address blocks: 45.192.113.0/24 maxlen: 24
45.192.114.0/24 maxlen: 24
45.192.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83031 (0x14457)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 9 10:39:01 2025 GMT
Not After : Apr 16 10:39:01 2025 GMT
Subject: CN=67cd6fc9-3726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:39:ca:30:02:74:9d:bf:f5:78:76:0e:ab:6c:
d3:85:5e:3d:34:b9:b8:d0:ff:7a:fa:21:9a:6e:a5:
e4:ec:27:fd:33:ec:75:9d:e1:f6:21:40:e6:60:06:
ce:fb:bf:84:fd:17:83:ba:a4:37:ea:41:5b:6b:f1:
c0:36:75:b5:bd:7b:df:5f:16:79:3d:8a:6b:08:96:
22:2a:e7:e8:33:d8:3c:84:0d:de:a2:94:4a:68:ac:
d7:f7:e3:7e:e1:af:2e:4d:ef:43:fb:cc:25:eb:cf:
06:dd:a0:38:d0:c5:79:e3:a5:3a:ae:ff:51:db:e9:
a8:60:2a:13:27:b7:74:5d:fa:4b:1d:d6:5b:20:07:
03:b7:bc:5d:8e:2c:09:13:8e:89:8f:2a:f9:9c:a5:
4c:20:de:ed:55:79:66:49:c1:dc:29:de:c6:64:d0:
5c:ba:38:63:b6:44:bf:c1:3a:19:0e:71:dc:fb:f5:
2f:70:1c:30:6e:57:a6:b5:85:68:7a:70:26:a2:cc:
64:07:96:e4:ad:20:bd:b6:6e:dc:63:50:a5:46:f5:
6d:a5:a1:81:f2:64:41:89:18:b2:33:5d:7b:37:39:
c0:63:2e:18:70:16:e4:78:0d:c1:ea:11:9c:d5:5e:
54:1a:2a:64:bb:7d:a5:7f:7d:05:b2:1c:ba:fd:5f:
28:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:DC:E8:52:FA:46:3C:4D:E2:E3:41:70:C7:A3:98:6E:B9:67:B0:B6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B904E064FCD211EF8BDF8590762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.113.0-45.192.114.255
45.192.116.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:c8:05:2e:03:ee:3e:49:f8:83:74:95:73:72:7e:3e:9f:d3:
8c:8a:3e:d9:02:e4:0b:54:06:fb:a1:b5:41:09:63:2f:49:89:
0c:45:d0:68:b7:e4:0c:ef:f1:17:38:dd:cb:72:97:21:43:61:
0e:bd:f7:e7:b8:e3:e8:8d:f2:14:73:83:4f:b8:c3:01:81:c7:
ce:f9:25:8c:42:20:df:77:f1:59:8b:80:d3:e9:68:ee:32:dc:
53:a1:c4:34:e5:2c:b3:f8:44:f0:b3:44:74:14:ef:c7:4f:60:
5c:cb:6e:9e:f2:d8:9c:48:bf:c2:75:30:95:80:bc:3f:79:7e:
69:25:00:c7:77:00:cb:a2:1d:25:80:c0:e0:f3:51:f2:04:e5:
b5:52:dc:9a:2e:c2:f5:79:70:5d:67:34:48:b8:7b:df:cf:7d:
ee:8d:21:b8:8d:15:1b:6b:1a:a2:b3:ad:2e:20:88:bf:6b:0a:
4b:b5:a9:49:cf:f1:16:da:40:17:a9:bd:3e:44:dc:b9:f8:0c:
2e:96:e0:56:8d:aa:bc:45:a1:48:21:95:3c:37:7c:18:21:21:
52:79:7c:42:ea:75:83:68:3b:cb:60:09:0e:88:4b:f8:3c:d1:
1f:27:3e:f1:fe:d7:29:f1:44:79:0f:8b:86:0b:88:41:2f:cd:
8a:92:97:63
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAURXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA5MTAzOTAxWhcNMjUwNDE2MTAzOTAxWjAYMRYw
FAYDVQQDEw02N2NkNmZjOS0zNzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyTnKMAJ0nb/1eHYOq2zThV49NLm40P96+iGabqXk7Cf9M+x1neH2IUDm
YAbO+7+E/ReDuqQ36kFba/HANnW1vXvfXxZ5PYprCJYiKufoM9g8hA3eopRKaKzX
9+N+4a8uTe9D+8wl688G3aA40MV546U6rv9R2+moYCoTJ7d0XfpLHdZbIAcDt7xd
jiwJE46Jjyr5nKVMIN7tVXlmScHcKd7GZNBcujhjtkS/wToZDnHc+/UvcBwwblem
tYVoenAmosxkB5bkrSC9tm7cY1ClRvVtpaGB8mRBiRiyM117NznAYy4YcBbkeA3B
6hGc1V5UGipku32lf30Fshy6/V8oIQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFJDc
6FL6RjxN4uNBcMejmG65Z7C2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9COTA0RTA2NEZDRDIxMUVGOEJERjg1OTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtwHEDBAAtwHIDBAItwHQw
DQYJKoZIhvcNAQELBQADggEBAIzIBS4D7j5J+IN0lXNyfj6f04yKPtkC5AtUBvuh
tUEJYy9JiQxF0Gi35Azv8Rc43ctylyFDYQ699+e44+iN8hRzg0+4wwGBx875JYxC
IN938VmLgNPpaO4y3FOhxDTlLLP4RPCzRHQU78dPYFzLbp7y2JxIv8J1MJWAvD95
fmklAMd3AMuiHSWAwODzUfIE5bVS3JouwvV5cF1nNEi4e9/Pfe6NIbiNFRtrGqKz
rS4giL9rCku1qUnP8RbaQBepvT5E3Ln4DC6W4FaNqrxFoUghlTw3fBghIVJ5fELq
dYNoO8tgCQ6IS/g80R8nPvH+1ynxRHkPi4YLiEEvzYqSl2M=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:01 2025 by rpki-client