Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAE8794A0E1511F0AC178552762E951A.roa
File: CAE8794A0E1511F0AC178552762E951A.roa (raw, json)
Hash identifier: 4wzJXmNquPRs3BJAu2Rif4qAoQkwsQ3ZJzkqzsnqqBY=
Subject key identifier: 68:BA:40:8A:D5:3A:D1:A0:31:D9:C7:F9:4F:33:64:D6:BB:18:BB:C6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014945
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAE8794A0E1511F0AC178552762E951A.roa
Signing time: Mon 31 Mar 2025 09:52:01 +0000
ROA not before: Mon 31 Mar 2025 09:51:57 +0000
ROA not after: Fri 09 May 2025 09:51:57 +0000
asID: 395793
IP address blocks: 45.192.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84293 (0x14945)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 31 09:51:57 2025 GMT
Not After : May 9 09:51:57 2025 GMT
Subject: CN=67ea65c1-8474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:23:b9:92:90:5c:22:d7:20:51:6a:7e:47:c5:
d0:b8:26:bf:e5:19:de:11:6e:56:c5:cf:f2:8d:0b:
48:75:be:52:ad:88:9e:34:44:9a:fd:84:d4:33:0f:
2c:df:d7:50:91:da:a0:72:16:6b:08:33:cd:91:33:
f4:c8:40:8b:44:8f:e3:53:eb:94:f8:cb:20:f2:9e:
9d:50:8b:c5:d7:04:bd:7e:10:68:c7:65:ff:67:6e:
e0:7d:0a:6d:df:7e:fb:7e:ab:d2:0d:5f:6c:80:53:
a9:d2:2a:43:3a:c9:4a:53:a1:0e:22:90:5e:c0:d9:
83:57:60:d5:8b:23:2c:c2:4a:2c:39:25:89:63:12:
7a:0f:09:c9:fe:01:19:b2:8a:d6:17:6d:97:46:c2:
b0:60:69:7f:57:10:b0:83:eb:01:14:7b:d9:85:e3:
5a:1b:0a:eb:66:a9:07:69:6f:95:07:44:0a:11:ff:
00:21:0e:80:75:7a:97:c9:2c:79:dc:6d:4f:c1:a4:
ee:1f:6a:f8:25:39:8f:be:99:1e:5f:51:24:36:b4:
c1:f0:ad:c1:29:fa:14:ee:20:b9:c1:b1:c1:81:b4:
85:ad:cf:9a:c3:f9:b7:f3:bf:98:2b:a8:c0:cd:90:
56:43:39:4d:7d:01:11:3c:8a:34:36:ad:44:eb:14:
03:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BA:40:8A:D5:3A:D1:A0:31:D9:C7:F9:4F:33:64:D6:BB:18:BB:C6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAE8794A0E1511F0AC178552762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.236.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:95:fe:5c:fd:b6:86:25:32:5d:86:e4:e3:9a:aa:05:a5:12:
64:ae:11:ff:42:b5:69:2b:e1:d6:92:8b:16:11:d1:a8:28:b3:
a8:e9:35:cc:23:6d:04:7f:1d:ce:dd:29:29:d9:12:b7:c2:ed:
85:89:67:eb:a3:46:df:26:cd:43:7f:c0:3e:e7:b5:15:a3:6a:
3d:11:6d:5b:ac:81:0a:77:e2:40:09:bb:16:12:a6:ba:41:47:
17:0f:b5:0f:0b:13:3d:ea:77:0d:a9:20:56:3b:ec:97:3f:61:
eb:dc:84:2e:62:c0:4a:0a:29:d1:e9:ab:13:cf:21:d3:3b:09:
3b:4b:3f:ba:5a:68:77:3f:85:4c:8d:43:ee:56:f7:c7:8f:dd:
35:96:ac:a8:82:1c:de:0b:dc:c9:ae:93:41:82:b5:1b:2c:79:
ff:be:a3:22:cb:cf:10:7a:f4:ea:98:59:71:0a:f0:00:0a:65:
11:ef:e4:69:81:11:22:c1:b2:9c:c4:69:9b:dc:67:5d:27:9e:
b4:4c:0d:ea:af:9b:a2:9c:b7:24:03:7e:94:f9:21:d5:ef:af:
bf:df:03:ac:cf:48:50:d0:17:15:56:b9:e0:2b:13:40:d9:35:
ec:92:57:f4:f7:a9:cc:c3:d4:ef:8b:e8:1d:6b:55:50:e4:e0:
2b:54:96:76
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUlFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzMxMDk1MTU3WhcNMjUwNTA5MDk1MTU3WjAYMRYw
FAYDVQQDEw02N2VhNjVjMS04NDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuiO5kpBcItcgUWp+R8XQuCa/5RneEW5Wxc/yjQtIdb5SrYieNESa/YTU
Mw8s39dQkdqgchZrCDPNkTP0yECLRI/jU+uU+Msg8p6dUIvF1wS9fhBox2X/Z27g
fQpt3377fqvSDV9sgFOp0ipDOslKU6EOIpBewNmDV2DViyMswkosOSWJYxJ6DwnJ
/gEZsorWF22XRsKwYGl/VxCwg+sBFHvZheNaGwrrZqkHaW+VB0QKEf8AIQ6AdXqX
ySx53G1PwaTuH2r4JTmPvpkeX1EkNrTB8K3BKfoU7iC5wbHBgbSFrc+aw/m387+Y
K6jAzZBWQzlNfQERPIo0Nq1E6xQD0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGi6
QIrVOtGgMdnH+U8zZNa7GLvGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQUU4Nzk0QTBFMTUxMUYwQUMxNzg1NTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcDsMA0GCSqGSIb3DQEBCwUA
A4IBAQC2lf5c/baGJTJdhuTjmqoFpRJkrhH/QrVpK+HWkosWEdGoKLOo6TXMI20E
fx3O3Skp2RK3wu2FiWfro0bfJs1Df8A+57UVo2o9EW1brIEKd+JACbsWEqa6QUcX
D7UPCxM96ncNqSBWO+yXP2Hr3IQuYsBKCinR6asTzyHTOwk7Sz+6Wmh3P4VMjUPu
VvfHj901lqyoghzeC9zJrpNBgrUbLHn/vqMiy88QevTqmFlxCvAACmUR7+RpgREi
wbKcxGmb3GddJ560TA3qr5uinLckA36U+SHV76+/3wOsz0hQ0BcVVrngKxNA2TXs
klf096nMw9Tvi+gda1VQ5OArVJZ2
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:39 2025 by rpki-client