Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFD1F246F67911EFA9A70E9D762E951A.roa
File: CFD1F246F67911EFA9A70E9D762E951A.roa (raw, json)
Hash identifier: gIILw9DvBXWdsB5wdhzL27Pt9ic2PY1hQbf+uRkbO9A=
Subject key identifier: 9C:28:BF:90:A6:47:D7:67:2B:D4:D9:CA:02:AD:25:4D:9A:82:B0:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013FC8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFD1F246F67911EFA9A70E9D762E951A.roa
Signing time: Sat 01 Mar 2025 08:47:31 +0000
ROA not before: Sat 01 Mar 2025 08:47:27 +0000
ROA not after: Thu 29 May 2025 08:47:27 +0000
asID: 18186
IP address blocks: 45.194.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81864 (0x13fc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 1 08:47:27 2025 GMT
Not After : May 29 08:47:27 2025 GMT
Subject: CN=67c2c9a3-354f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f0:2c:a0:89:d0:e7:28:4f:91:df:f7:f7:b3:
67:09:e6:47:cf:eb:3e:e0:c8:90:e1:6a:9e:61:9e:
3b:fb:42:05:1b:06:fd:c9:58:e2:52:d8:d5:46:d5:
98:e0:5f:0c:6f:d5:81:5c:92:f5:7b:2d:87:d0:d6:
41:fe:4c:3b:f4:2f:bd:95:bc:40:6e:57:4e:84:c4:
f1:be:90:05:d6:8c:b6:f3:75:cf:5e:71:86:cd:db:
b6:2e:12:be:69:fd:ee:6f:d9:a7:60:e3:03:7d:f7:
39:c5:c2:bb:8a:6d:f4:bd:07:d2:b4:4a:f1:db:9c:
fb:d3:19:ab:cc:ea:40:af:10:5a:62:6a:a3:28:03:
74:11:14:2d:b0:03:8e:50:01:80:9a:c1:18:19:de:
8e:fd:5c:e5:fa:24:a4:65:58:49:4b:13:81:e8:d9:
8b:10:f5:a6:26:d5:01:8e:50:da:58:ed:b2:9f:7b:
63:08:93:e6:7f:07:61:29:ef:d5:e5:f8:bc:09:d5:
b9:97:c7:ae:e9:77:cf:e4:62:7b:1e:34:52:a8:79:
26:71:a4:14:16:d6:af:91:83:ac:a5:ca:95:ee:26:
83:39:06:b7:f0:c4:69:26:12:21:25:d4:b5:10:84:
56:4f:3d:59:02:4b:24:ee:73:c4:09:1d:e6:d8:e1:
83:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:28:BF:90:A6:47:D7:67:2B:D4:D9:CA:02:AD:25:4D:9A:82:B0:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFD1F246F67911EFA9A70E9D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.17.0/24
Signature Algorithm: sha256WithRSAEncryption
42:d0:e7:46:c0:22:a1:cb:ce:18:96:30:77:fe:f4:90:d7:c8:
e0:34:43:a3:40:67:e4:8c:27:04:39:62:73:17:a7:53:b9:92:
80:0e:e3:c5:b5:9c:c2:be:99:f4:db:ea:07:7d:d1:ce:3a:36:
57:30:a7:2f:35:77:45:30:21:33:40:0e:b6:3d:86:53:15:f2:
98:4d:c6:65:c9:5c:79:50:b5:01:3f:63:00:af:db:0b:1e:c5:
dd:1a:9d:82:5c:7a:5b:89:e5:2a:b6:d0:f9:93:c6:ff:d6:f1:
7b:d2:5a:3c:27:76:9a:2b:ca:4e:4a:a4:30:e3:11:61:8b:21:
bb:a2:d9:b0:81:5b:17:76:86:5e:f6:62:b3:41:dd:af:d3:36:
db:1a:b9:39:e8:ef:86:6d:c8:a8:8e:d6:89:0c:04:71:8e:1d:
5c:9c:6c:d2:c3:05:75:97:fa:b9:d4:4e:f4:f8:12:70:c5:01:
c5:ad:bb:f2:af:3a:c9:05:89:c8:49:a7:65:c2:90:d4:66:6b:
c5:32:be:1d:9d:a2:2e:4a:b7:02:34:c3:d4:2f:c6:98:2b:62:
2c:cb:83:05:8c:ca:49:2e:3b:40:5d:a6:55:74:8f:67:4b:93:
23:e9:b6:f0:54:4e:26:4d:b0:59:5a:43:f0:d1:bb:b0:a3:5f:
8b:e6:b2:20
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT/IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAxMDg0NzI3WhcNMjUwNTI5MDg0NzI3WjAYMRYw
FAYDVQQDEw02N2MyYzlhMy0zNTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo/AsoInQ5yhPkd/397NnCeZHz+s+4MiQ4WqeYZ47+0IFGwb9yVjiUtjV
RtWY4F8Mb9WBXJL1ey2H0NZB/kw79C+9lbxAbldOhMTxvpAF1oy283XPXnGGzdu2
LhK+af3ub9mnYOMDffc5xcK7im30vQfStErx25z70xmrzOpArxBaYmqjKAN0ERQt
sAOOUAGAmsEYGd6O/Vzl+iSkZVhJSxOB6NmLEPWmJtUBjlDaWO2yn3tjCJPmfwdh
Ke/V5fi8CdW5l8eu6XfP5GJ7HjRSqHkmcaQUFtavkYOspcqV7iaDOQa38MRpJhIh
JdS1EIRWTz1ZAksk7nPECR3m2OGDwQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJwo
v5CmR9dnK9TZygKtJU2agrBdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRkQxRjI0NkY2NzkxMUVGQTlBNzBFOUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcIRMA0GCSqGSIb3DQEBCwUA
A4IBAQBC0OdGwCKhy84YljB3/vSQ18jgNEOjQGfkjCcEOWJzF6dTuZKADuPFtZzC
vpn02+oHfdHOOjZXMKcvNXdFMCEzQA62PYZTFfKYTcZlyVx5ULUBP2MAr9sLHsXd
Gp2CXHpbieUqttD5k8b/1vF70lo8J3aaK8pOSqQw4xFhiyG7otmwgVsXdoZe9mKz
Qd2v0zbbGrk56O+GbciojtaJDARxjh1cnGzSwwV1l/q51E70+BJwxQHFrbvyrzrJ
BYnISadlwpDUZmvFMr4dnaIuSrcCNMPUL8aYK2Isy4MFjMpJLjtAXaZVdI9nS5Mj
6bbwVE4mTbBZWkPw0buwo1+L5rIg
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:16 2025 by rpki-client