Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0D22214F4A011EF99A5885E762E951A.roa
File: C0D22214F4A011EF99A5885E762E951A.roa (raw, json)
Hash identifier: FCIax1R0I/4Ve9PKmxOBuBi1wXrEuzs4IjMtPZ+1ylk=
Subject key identifier: 3D:62:50:EE:9C:78:A2:14:EA:DA:9A:12:B8:98:32:5E:0B:B6:2F:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013868
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0D22214F4A011EF99A5885E762E951A.roa
Signing time: Thu 27 Feb 2025 00:21:14 +0000
ROA not before: Thu 27 Feb 2025 00:00:10 +0000
ROA not after: Thu 19 Feb 2026 00:00:10 +0000
asID: 984
IP address blocks: 45.201.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79976 (0x13868)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 27 00:00:10 2025 GMT
Not After : Feb 19 00:00:10 2026 GMT
Subject: CN=67bfaffa-f9d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:da:5e:07:55:38:cc:e1:71:ca:5f:97:5d:42:
2f:38:bc:fc:94:ae:44:de:c7:be:7c:d1:f8:c6:e3:
4a:99:a8:31:71:94:04:43:ec:7f:06:56:42:a6:59:
4c:f4:c6:f1:7f:cb:31:42:4a:d0:09:49:55:d8:17:
eb:13:72:18:09:98:a8:45:37:4e:c6:59:a0:e2:d3:
42:a5:43:ae:7b:cb:c0:aa:5b:33:9e:8a:88:b1:09:
58:bb:37:d7:60:ff:fc:54:cb:ea:04:68:b5:32:5c:
ee:69:48:d8:70:6c:e9:40:05:28:e9:42:2a:cc:7d:
a7:7b:ae:81:bc:0e:d7:1b:a4:09:79:0e:d7:0e:02:
51:11:a5:88:93:4d:71:73:15:59:38:d6:7b:e6:7d:
aa:b7:e5:0d:03:15:5b:79:da:90:14:90:b4:49:bd:
d4:9d:73:b6:bf:6f:70:11:3e:31:d5:85:92:8e:fc:
e2:ac:83:d3:76:a6:c8:2e:93:25:e0:25:52:42:17:
7c:7f:f2:dc:46:1b:07:53:57:79:1b:87:ef:a5:8f:
be:8d:e9:f6:0a:70:b3:00:41:3d:71:97:62:f1:93:
c5:f4:6b:d7:22:00:b1:4b:2e:94:da:30:35:58:b7:
41:b1:8e:4a:80:da:29:df:e8:d4:41:1a:1f:57:61:
73:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:62:50:EE:9C:78:A2:14:EA:DA:9A:12:B8:98:32:5E:0B:B6:2F:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0D22214F4A011EF99A5885E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.125.0/24
Signature Algorithm: sha256WithRSAEncryption
87:4d:04:5a:65:8f:62:0c:be:5e:26:cf:55:83:4e:91:f9:dc:
d4:65:27:7c:f0:c9:c8:c3:81:24:26:d8:60:0e:70:ce:35:d9:
59:bc:2c:67:2b:04:6d:90:02:61:fb:ef:4d:92:b7:a6:bd:51:
e0:a5:96:28:03:84:32:a0:b3:53:d0:89:ef:21:59:1a:e7:33:
be:c2:d0:ca:5e:0e:92:ec:f5:92:45:0f:57:c5:5e:ef:e8:5f:
7a:c0:17:aa:a6:0d:04:d1:fd:1a:71:43:e2:c0:19:b7:0c:ad:
56:c3:ad:81:be:3c:f2:bb:70:3c:da:f2:7c:7d:2b:af:ff:10:
a1:1a:cf:39:ed:a3:6e:17:c0:c5:f2:41:73:71:82:14:80:d4:
73:da:90:5b:ef:6b:8c:55:7a:6b:aa:f9:2c:3c:6d:c1:b3:e9:
a5:c7:f8:82:56:c5:ff:e8:7e:81:d5:bc:c1:d6:09:57:da:0f:
7c:e2:37:96:7f:2e:3e:6b:d4:14:16:fd:20:b3:49:cc:bd:5b:
c3:e6:27:a4:c0:dd:77:89:a7:e2:77:3d:19:b8:9c:e3:0f:d7:
d5:5a:1a:00:ca:6a:fc:f7:98:4e:3f:e0:49:e5:83:ef:01:43:
03:88:ab:90:e0:39:66:1a:cd:f2:d7:31:f3:84:ff:ea:c8:42:
c3:c2:45:75
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAThoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI3MDAwMDEwWhcNMjYwMjE5MDAwMDEwWjAYMRYw
FAYDVQQDEw02N2JmYWZmYS1mOWQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAutpeB1U4zOFxyl+XXUIvOLz8lK5E3se+fNH4xuNKmagxcZQEQ+x/BlZC
pllM9Mbxf8sxQkrQCUlV2BfrE3IYCZioRTdOxlmg4tNCpUOue8vAqlsznoqIsQlY
uzfXYP/8VMvqBGi1MlzuaUjYcGzpQAUo6UIqzH2ne66BvA7XG6QJeQ7XDgJREaWI
k01xcxVZONZ75n2qt+UNAxVbedqQFJC0Sb3UnXO2v29wET4x1YWSjvzirIPTdqbI
LpMl4CVSQhd8f/LcRhsHU1d5G4fvpY++jen2CnCzAEE9cZdi8ZPF9GvXIgCxSy6U
2jA1WLdBsY5KgNop3+jUQRofV2FzYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD1i
UO6ceKIU6tqaEriYMl4Lti/cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMEQyMjIxNEY0QTAxMUVGOTlBNTg4NUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcl9MA0GCSqGSIb3DQEBCwUA
A4IBAQCHTQRaZY9iDL5eJs9Vg06R+dzUZSd88MnIw4EkJthgDnDONdlZvCxnKwRt
kAJh++9NkremvVHgpZYoA4QyoLNT0InvIVka5zO+wtDKXg6S7PWSRQ9XxV7v6F96
wBeqpg0E0f0acUPiwBm3DK1Ww62Bvjzyu3A82vJ8fSuv/xChGs857aNuF8DF8kFz
cYIUgNRz2pBb72uMVXprqvksPG3Bs+mlx/iCVsX/6H6B1bzB1glX2g984jeWfy4+
a9QUFv0gs0nMvVvD5iekwN13iafidz0ZuJzjD9fVWhoAymr895hOP+BJ5YPvAUMD
iKuQ4DlmGs3y1zHzhP/qyELDwkV1
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:33 2025 by rpki-client