Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA042B7C0CCC11F0B7D86A79762E951A.roa
File: CA042B7C0CCC11F0B7D86A79762E951A.roa (raw, json)
Hash identifier: sV02mdV1A9xHtS+y3XkuMfJJlxoU9m2J5hQL4QdWqJk=
Subject key identifier: DF:A6:17:AF:C2:0E:64:B0:8A:D0:B0:70:92:11:06:F8:31:31:F7:58
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0148EC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA042B7C0CCC11F0B7D86A79762E951A.roa
Signing time: Sat 29 Mar 2025 18:36:55 +0000
ROA not before: Sat 29 Mar 2025 18:36:51 +0000
ROA not after: Mon 07 Apr 2025 18:36:51 +0000
asID: 5065
IP address blocks: 45.199.156.0/24 maxlen: 24
45.199.157.0/24 maxlen: 24
45.202.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84204 (0x148ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 29 18:36:51 2025 GMT
Not After : Apr 7 18:36:51 2025 GMT
Subject: CN=67e83dc7-d57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:86:60:dd:e2:c7:51:cd:c4:3c:cd:6a:8f:18:
97:ca:72:b3:f1:dd:0c:ab:c9:fa:a8:d8:3b:51:18:
63:df:2c:88:d4:f7:62:69:40:54:ed:1f:f0:0e:24:
c5:4e:0e:f1:e6:9a:f3:d9:4d:5f:ad:e1:43:32:f7:
28:e7:06:e3:5f:c4:d5:42:8f:5e:84:b3:d3:0e:83:
75:71:7e:25:66:a2:1a:c1:43:2c:de:41:d2:25:2e:
24:c0:c7:8c:f0:66:95:40:63:64:2e:a9:b2:a7:62:
11:34:e7:fa:6a:3c:02:f5:45:76:89:34:40:b4:88:
60:c3:1e:aa:8f:f1:32:6b:a8:d9:8d:c3:0e:69:89:
b7:52:05:94:80:6b:df:da:5f:39:95:6f:a6:f5:95:
27:e6:7e:92:8b:81:8b:62:7f:af:f0:b1:99:3c:70:
ef:00:c5:2e:c2:37:7b:09:e6:0f:b4:f5:40:d6:b5:
01:53:36:26:96:90:f2:a8:ac:c1:65:2c:95:cb:fc:
94:b2:eb:81:ed:19:71:38:e1:5f:15:b6:77:4b:1b:
e8:a9:33:58:a3:b9:b2:4f:49:8c:80:23:4b:20:ba:
45:7f:5d:ef:8b:e4:e4:03:f6:10:ea:46:b7:cc:8d:
95:74:c3:93:87:60:ae:9b:b8:70:31:34:7d:b4:b4:
3b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A6:17:AF:C2:0E:64:B0:8A:D0:B0:70:92:11:06:F8:31:31:F7:58
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA042B7C0CCC11F0B7D86A79762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.156.0/23
45.202.4.0/22
Signature Algorithm: sha256WithRSAEncryption
52:f1:cb:f6:70:b8:8e:69:4b:c2:17:ce:5e:66:e1:fc:37:f8:
01:dc:ea:2e:4b:f3:9f:a0:25:17:ef:c7:38:95:56:67:a9:09:
77:46:f4:bd:b8:23:37:9b:b1:84:5d:b9:fb:7c:3f:83:1f:f7:
65:4e:06:ce:a5:57:80:c2:37:37:1c:00:5d:dd:a3:c5:df:20:
45:3d:83:b2:32:18:78:08:36:15:66:7c:30:63:48:08:7f:d2:
ca:75:25:4c:ee:e8:2f:7b:0c:fd:19:97:a1:78:04:81:73:c0:
72:76:1e:e9:66:2f:ac:55:55:88:9a:16:3f:9d:ad:54:6a:8a:
09:fb:34:24:3e:55:56:cd:98:51:63:e9:20:cc:2f:63:a9:13:
93:f0:a4:29:0e:d9:1d:52:cd:08:8e:8a:71:0a:9d:b2:b1:8c:
60:eb:88:23:bf:93:af:6e:f6:b5:9d:23:66:96:55:47:24:1e:
56:ed:fd:70:44:bb:c1:a2:5b:f1:18:99:09:8d:5b:85:72:a2:
66:01:52:0e:37:bf:f9:b3:c1:ca:47:8c:5c:8b:73:79:83:b3:
0a:6d:6a:77:74:d0:4a:2c:91:71:80:6d:99:95:90:9d:53:71:
2e:76:f7:40:f9:7a:0d:ef:ad:8b:69:3d:13:83:98:a7:cc:91:
4d:4a:03:d6
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUjsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MTgzNjUxWhcNMjUwNDA3MTgzNjUxWjAYMRYw
FAYDVQQDEw02N2U4M2RjNy1kNTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAroZg3eLHUc3EPM1qjxiXynKz8d0Mq8n6qNg7URhj3yyI1PdiaUBU7R/w
DiTFTg7x5prz2U1freFDMvco5wbjX8TVQo9ehLPTDoN1cX4lZqIawUMs3kHSJS4k
wMeM8GaVQGNkLqmyp2IRNOf6ajwC9UV2iTRAtIhgwx6qj/Eya6jZjcMOaYm3UgWU
gGvf2l85lW+m9ZUn5n6Si4GLYn+v8LGZPHDvAMUuwjd7CeYPtPVA1rUBUzYmlpDy
qKzBZSyVy/yUsuuB7RlxOOFfFbZ3SxvoqTNYo7myT0mMgCNLILpFf13vi+TkA/YQ
6ka3zI2VdMOTh2Cum7hwMTR9tLQ7cwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN+m
F6/CDmSwitCwcJIRBvgxMfdYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQTA0MkI3QzBDQ0MxMUYwQjdEODZBNzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLcecAwQCLcoEMA0GCSqGSIb3
DQEBCwUAA4IBAQBS8cv2cLiOaUvCF85eZuH8N/gB3OouS/OfoCUX78c4lVZnqQl3
RvS9uCM3m7GEXbn7fD+DH/dlTgbOpVeAwjc3HABd3aPF3yBFPYOyMhh4CDYVZnww
Y0gIf9LKdSVM7ugvewz9GZeheASBc8Bydh7pZi+sVVWImhY/na1UaooJ+zQkPlVW
zZhRY+kgzC9jqROT8KQpDtkdUs0IjopxCp2ysYxg64gjv5Ovbva1nSNmllVHJB5W
7f1wRLvBolvxGJkJjVuFcqJmAVION7/5s8HKR4xci3N5g7MKbWp3dNBKLJFxgG2Z
lZCdU3EudvdA+XoN762LaT0Tg5inzJFNSgPW
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:27 2025 by rpki-client