Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5A1679A0CAC11F0B2B598B8762E951A.roa
File: C5A1679A0CAC11F0B2B598B8762E951A.roa (raw, json)
Hash identifier: MAgRsEexNH02LlEaMDN8jMjlIO3BB0KvS0p5RQxn+3o=
Subject key identifier: 77:C9:A3:0C:62:86:C1:01:1F:88:EA:1E:C3:57:2B:01:11:5C:59:D2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014886
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5A1679A0CAC11F0B2B598B8762E951A.roa
Signing time: Sat 29 Mar 2025 14:47:44 +0000
ROA not before: Sat 29 Mar 2025 14:47:40 +0000
ROA not after: Sat 03 May 2025 14:47:40 +0000
asID: 147176
IP address blocks: 45.201.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84102 (0x14886)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 29 14:47:40 2025 GMT
Not After : May 3 14:47:40 2025 GMT
Subject: CN=67e80810-dfc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6f:82:1e:8d:bc:4c:10:1e:61:97:38:22:47:
1f:45:2a:6a:f5:bf:2d:78:2d:36:ae:aa:82:22:a2:
f3:0a:50:11:c2:60:60:60:99:74:cf:ef:9d:f1:ed:
a0:1f:9f:ca:d9:a8:55:af:b8:86:20:05:00:73:fb:
7c:12:75:51:1d:79:06:9a:69:c5:ad:ff:ae:c5:61:
44:74:19:da:53:3a:8c:fe:9d:40:40:78:5e:06:ae:
b0:ea:41:d7:9f:af:f6:48:5c:d5:18:3e:b3:1e:86:
83:9b:de:71:7b:73:0f:da:9e:a4:f7:b9:c8:2b:7f:
7a:1d:38:ad:99:de:7e:df:35:8b:45:57:29:8c:f6:
59:a3:98:ad:40:97:56:47:d7:17:11:8e:df:3e:8b:
66:74:b1:bc:b3:bf:32:e1:af:61:09:75:30:fd:65:
84:da:38:e3:03:4d:28:44:ab:fd:2a:b9:df:df:07:
11:dd:dc:f5:85:fa:c8:04:bc:25:33:11:5e:a7:c1:
bf:9c:fb:d8:97:9b:33:04:c5:5d:c2:30:f5:a4:92:
fa:e8:72:ce:27:34:10:b2:4e:09:bd:9b:25:83:d1:
4f:c6:7b:34:2d:ae:d0:e8:56:f3:38:bd:cb:ca:6c:
ca:84:34:ce:19:53:3b:9c:f8:bc:06:d6:89:00:c8:
4f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C9:A3:0C:62:86:C1:01:1F:88:EA:1E:C3:57:2B:01:11:5C:59:D2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5A1679A0CAC11F0B2B598B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.0.0/24
Signature Algorithm: sha256WithRSAEncryption
31:da:0a:5f:9a:c0:51:f8:65:a3:40:23:cb:80:1b:53:18:74:
b5:70:e4:57:a3:9f:2e:0f:10:0a:6e:bc:6d:fe:8c:90:38:fd:
06:f8:a7:1c:ef:4b:d5:2e:a6:2c:1b:a5:7e:98:3e:5f:1c:0f:
d6:2a:6d:84:4b:0c:a0:0e:42:85:1b:43:75:ad:79:ba:64:31:
e9:cc:9b:af:f9:3d:a0:97:ca:3f:b3:f4:22:7f:8c:79:f7:3a:
d3:8b:19:d5:1f:40:62:68:56:e2:b8:13:00:e3:9b:b4:8d:41:
48:7f:fd:55:93:e1:6c:9a:c6:00:7a:9e:d9:a5:50:e9:99:83:
bf:a8:57:ec:81:46:a5:b9:65:3f:91:40:48:60:b2:cf:67:14:
ed:9a:9e:6d:a1:1b:63:e9:5e:cb:e9:36:ce:1b:41:e6:9d:92:
c2:91:54:89:10:e3:08:c2:76:70:2d:16:05:02:85:0a:bc:91:
0d:7f:11:39:cd:00:0f:8d:41:e6:11:8b:62:e1:0d:26:76:2b:
17:69:f0:2c:10:a2:94:40:8e:50:48:cb:44:49:55:19:70:d0:
d5:9a:a1:43:e7:eb:71:d4:65:9d:26:17:1b:10:7e:05:6a:18:
06:36:8e:8b:39:55:40:88:ea:06:18:c5:20:98:f1:45:8f:f8:
c3:9f:1f:ac
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUiGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MTQ0NzQwWhcNMjUwNTAzMTQ0NzQwWjAYMRYw
FAYDVQQDEw02N2U4MDgxMC1kZmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyW+CHo28TBAeYZc4IkcfRSpq9b8teC02rqqCIqLzClARwmBgYJl0z++d
8e2gH5/K2ahVr7iGIAUAc/t8EnVRHXkGmmnFrf+uxWFEdBnaUzqM/p1AQHheBq6w
6kHXn6/2SFzVGD6zHoaDm95xe3MP2p6k97nIK396HTitmd5+3zWLRVcpjPZZo5it
QJdWR9cXEY7fPotmdLG8s78y4a9hCXUw/WWE2jjjA00oRKv9Krnf3wcR3dz1hfrI
BLwlMxFep8G/nPvYl5szBMVdwjD1pJL66HLOJzQQsk4JvZslg9FPxns0La7Q6Fbz
OL3LymzKhDTOGVM7nPi8BtaJAMhPCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHfJ
owxihsEBH4jqHsNXKwERXFnSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNUExNjc5QTBDQUMxMUYwQjJCNTk4Qjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALckAMA0GCSqGSIb3DQEBCwUA
A4IBAQAx2gpfmsBR+GWjQCPLgBtTGHS1cORXo58uDxAKbrxt/oyQOP0G+Kcc70vV
LqYsG6V+mD5fHA/WKm2ESwygDkKFG0N1rXm6ZDHpzJuv+T2gl8o/s/Qif4x59zrT
ixnVH0BiaFbiuBMA45u0jUFIf/1Vk+FsmsYAep7ZpVDpmYO/qFfsgUaluWU/kUBI
YLLPZxTtmp5toRtj6V7L6TbOG0HmnZLCkVSJEOMIwnZwLRYFAoUKvJENfxE5zQAP
jUHmEYti4Q0mdisXafAsEKKUQI5QSMtESVUZcNDVmqFD5+tx1GWdJhcbEH4FahgG
No6LOVVAiOoGGMUgmPFFj/jDnx+s
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:09 2025 by rpki-client