Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE6BA3FE107211F0B399A1A1762E951A.roa
File: BE6BA3FE107211F0B399A1A1762E951A.roa (raw, json)
Hash identifier: NezJbbne3rZf2EzoeOTFeSE7eWzv2TdNV86lFblzEI8=
Subject key identifier: 82:FE:B8:0B:9E:AF:12:0F:CA:FD:49:7E:65:80:85:D2:45:71:22:87
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0149B2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE6BA3FE107211F0B399A1A1762E951A.roa
Signing time: Thu 03 Apr 2025 10:02:25 +0000
ROA not before: Thu 03 Apr 2025 10:02:21 +0000
ROA not after: Sat 10 May 2025 10:02:21 +0000
asID: 396356
IP address blocks: 45.194.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84402 (0x149b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Apr 3 10:02:21 2025 GMT
Not After : May 10 10:02:21 2025 GMT
Subject: CN=67ee5cb1-e019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:51:14:b7:c3:7c:6f:70:c1:51:35:a7:ae:a2:
d2:a3:88:6e:81:c8:0c:d7:5a:42:d8:97:20:b1:f6:
af:0d:a5:00:93:5f:0d:44:fe:6a:74:fa:fd:5b:6e:
e7:b4:99:17:3d:1b:0b:ff:c8:ed:ab:a6:3c:ae:8f:
f2:ec:bd:f0:11:da:39:97:a9:bc:af:5b:ae:ac:ed:
9a:6b:0a:50:54:3e:b6:e1:96:d2:7b:6f:fb:1b:ab:
3e:f6:c7:7c:64:2b:a0:1a:10:8d:ec:37:7a:27:a3:
0b:26:93:c8:a2:64:38:b5:fa:3f:54:5b:d0:15:4a:
40:74:a2:36:25:cb:e9:78:c3:1d:72:bc:45:c4:9a:
fa:b6:42:d8:16:41:95:cf:32:84:52:fe:b1:9d:09:
1c:f5:cb:86:41:a8:d4:8d:26:3d:e4:a5:b1:ab:1c:
b3:b8:9c:db:9b:2e:98:7e:58:f6:99:6a:3b:14:90:
03:8a:bd:c0:f2:6c:2e:1f:f7:3f:f3:88:0c:1e:94:
f0:dc:0a:c0:33:80:33:b1:71:25:68:4d:20:3a:e7:
cc:c1:88:a5:ba:1c:57:28:85:38:32:89:49:a9:0f:
53:c3:9d:d2:dd:c0:81:00:e5:8a:61:46:7f:f2:20:
c8:6d:00:db:fb:2b:98:6b:34:8b:7a:4d:d6:0a:f7:
9a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:FE:B8:0B:9E:AF:12:0F:CA:FD:49:7E:65:80:85:D2:45:71:22:87
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE6BA3FE107211F0B399A1A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.44.0/24
Signature Algorithm: sha256WithRSAEncryption
06:d4:9b:cb:69:70:3c:04:b1:64:1c:1c:9f:2d:a8:50:e1:d3:
ea:6b:b2:80:52:48:51:eb:f3:8c:22:b6:cb:21:22:c5:74:d5:
ef:42:a7:e8:be:7a:be:4e:d7:66:69:19:e9:2a:85:f7:81:15:
c6:c0:40:72:77:56:96:e5:e9:3a:73:72:93:97:7f:45:d7:be:
42:24:21:df:15:dd:94:4d:9c:ad:df:97:a0:28:96:b2:28:44:
09:04:cc:47:01:af:a7:4e:0a:d8:af:fc:9b:60:f1:74:02:bb:
7e:9f:c4:dc:fe:51:fd:49:55:0c:da:4b:50:f8:99:c0:ff:00:
f4:31:e0:3d:d2:dc:a8:99:c3:cb:a8:26:6c:61:fe:f7:0e:1c:
30:a0:c9:41:92:35:ce:6f:91:f9:dc:80:ea:c6:76:28:e6:f9:
f7:c7:9b:bb:cf:64:2d:c4:1d:2c:53:82:74:8c:dc:c4:59:2a:
ba:d4:4c:11:91:04:bf:ec:c7:24:60:c5:fa:b6:08:36:27:c7:
32:80:81:df:c9:7e:11:88:41:38:91:b9:e1:48:37:e3:bd:93:
56:08:c2:f4:20:31:f8:fa:ff:fb:e3:77:32:7f:0f:c6:d8:0c:
81:09:99:6d:43:a4:1d:b5:72:39:81:5f:e2:91:f9:89:37:1d:
9b:b2:12:9a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUmyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDAzMTAwMjIxWhcNMjUwNTEwMTAwMjIxWjAYMRYw
FAYDVQQDEw02N2VlNWNiMS1lMDE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0FEUt8N8b3DBUTWnrqLSo4hugcgM11pC2JcgsfavDaUAk18NRP5qdPr9
W27ntJkXPRsL/8jtq6Y8ro/y7L3wEdo5l6m8r1uurO2aawpQVD624ZbSe2/7G6s+
9sd8ZCugGhCN7Dd6J6MLJpPIomQ4tfo/VFvQFUpAdKI2JcvpeMMdcrxFxJr6tkLY
FkGVzzKEUv6xnQkc9cuGQajUjSY95KWxqxyzuJzbmy6Yflj2mWo7FJADir3A8mwu
H/c/84gMHpTw3ArAM4AzsXElaE0gOufMwYiluhxXKIU4MolJqQ9Tw53S3cCBAOWK
YUZ/8iDIbQDb+yuYazSLek3WCveaXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIL+
uAuerxIPyv1JfmWAhdJFcSKHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRTZCQTNGRTEwNzIxMUYwQjM5OUExQTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcIsMA0GCSqGSIb3DQEBCwUA
A4IBAQAG1JvLaXA8BLFkHByfLahQ4dPqa7KAUkhR6/OMIrbLISLFdNXvQqfovnq+
TtdmaRnpKoX3gRXGwEByd1aW5ek6c3KTl39F175CJCHfFd2UTZyt35egKJayKEQJ
BMxHAa+nTgrYr/ybYPF0Art+n8Tc/lH9SVUM2ktQ+JnA/wD0MeA90tyomcPLqCZs
Yf73DhwwoMlBkjXOb5H53IDqxnYo5vn3x5u7z2QtxB0sU4J0jNzEWSq61EwRkQS/
7MckYMX6tgg2J8cygIHfyX4RiEE4kbnhSDfjvZNWCML0IDH4+v/743cyfw/G2AyB
CZltQ6QdtXI5gV/ikfmJNx2bshKa
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:43 2025 by rpki-client