Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7F45A50F68211EF9528625C762E951A.roa
File: D7F45A50F68211EF9528625C762E951A.roa (raw, json)
Hash identifier: 7HURsQ3EwspS9BFMmtzRkogw09rbMVXRwFjLZwne45k=
Subject key identifier: EA:A4:0D:7E:98:89:D7:CA:74:E0:49:6D:D1:C4:5A:74:30:10:67:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014006
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7F45A50F68211EF9528625C762E951A.roa
Signing time: Sat 01 Mar 2025 09:52:10 +0000
ROA not before: Sat 01 Mar 2025 09:52:06 +0000
ROA not after: Sat 05 Apr 2025 09:52:06 +0000
asID: 6079
IP address blocks: 45.202.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 09:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81926 (0x14006)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 1 09:52:06 2025 GMT
Not After : Apr 5 09:52:06 2025 GMT
Subject: CN=67c2d8ca-482d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:22:10:31:91:58:5d:e1:1e:25:cd:c0:6a:73:
f6:87:fd:93:76:ef:6e:62:c8:83:2c:a4:3d:d4:3e:
71:e2:bf:c6:57:03:67:42:1d:f4:4d:4c:6e:92:3e:
ec:4f:77:ff:95:52:df:4a:cd:d2:26:59:60:2c:fc:
45:7a:d6:3c:35:f9:b0:72:8c:8b:71:14:bb:f3:b1:
4e:88:2a:86:3a:31:d8:a7:98:f8:a3:14:b6:cb:a9:
1d:38:f9:32:73:4b:b5:d8:4d:0e:99:be:53:38:8f:
a4:69:9b:ef:9f:ee:af:33:67:36:6c:f0:95:42:0c:
ce:7a:93:35:aa:01:e5:20:61:3d:d9:1f:e8:a8:96:
fd:16:25:fd:95:1c:a0:a6:ed:98:c8:8c:26:40:e5:
2a:f6:25:9f:c6:b1:e6:5d:1f:51:17:da:91:22:4e:
ec:0b:06:85:a8:67:5c:a2:c4:4f:b6:f8:4d:0c:31:
31:97:9d:16:a6:c1:ba:54:c6:32:82:63:36:d3:bf:
69:b4:ba:28:e7:7b:d5:d8:32:b3:7d:2e:eb:af:98:
26:54:09:b2:cc:97:54:16:8f:0e:a1:88:ab:92:5a:
9a:93:c2:81:ab:0c:01:c9:2b:db:36:8c:7f:8d:03:
58:05:7c:9e:a7:14:ea:72:a7:98:e8:61:d0:e0:f8:
86:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:A4:0D:7E:98:89:D7:CA:74:E0:49:6D:D1:C4:5A:74:30:10:67:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7F45A50F68211EF9528625C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.114.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:72:95:11:f0:2b:6a:be:6b:a2:de:61:1d:2a:5c:4f:86:dd:
bd:23:c2:a4:23:0f:3e:5d:98:db:9b:90:43:47:79:2d:21:18:
4d:48:fa:05:32:ce:51:d0:4f:30:b6:72:5b:21:c8:71:1e:c7:
1f:68:17:c2:8c:84:2d:a2:02:af:11:39:75:e1:7e:5a:2b:b7:
f7:72:a5:60:59:26:a8:d2:ab:20:2d:8a:f6:c6:26:d6:e8:29:
7b:d2:05:9f:d5:ba:e9:31:d7:cc:8d:f1:5c:bd:4c:29:27:c2:
14:f1:a5:4c:b6:e6:c3:dc:f7:25:49:14:69:5f:4b:29:d5:c5:
ee:35:93:1f:77:50:d2:86:9e:dc:fb:46:1b:af:e2:ac:33:23:
bb:a4:4f:40:e3:7b:32:9b:e1:6d:56:58:11:04:4b:d2:21:a9:
54:3c:5e:65:3e:b8:60:65:75:8a:53:5d:28:85:16:a4:1c:85:
71:76:04:18:de:d7:3b:68:26:28:dd:55:1a:28:af:4d:40:43:
f2:d1:a1:5d:78:c3:54:ef:f6:dd:77:cd:e4:97:37:0b:d7:24:
c1:22:80:59:08:88:c8:97:73:e7:f7:3c:4a:fd:0c:4c:2c:df:
09:9a:96:00:e1:b0:9f:a5:d8:be:5b:96:2b:a2:49:e3:79:9a:
31:54:0c:b5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUAGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAxMDk1MjA2WhcNMjUwNDA1MDk1MjA2WjAYMRYw
FAYDVQQDEw02N2MyZDhjYS00ODJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsiIQMZFYXeEeJc3AanP2h/2Tdu9uYsiDLKQ91D5x4r/GVwNnQh30TUxu
kj7sT3f/lVLfSs3SJllgLPxFetY8NfmwcoyLcRS787FOiCqGOjHYp5j4oxS2y6kd
OPkyc0u12E0Omb5TOI+kaZvvn+6vM2c2bPCVQgzOepM1qgHlIGE92R/oqJb9FiX9
lRygpu2YyIwmQOUq9iWfxrHmXR9RF9qRIk7sCwaFqGdcosRPtvhNDDExl50WpsG6
VMYygmM2079ptLoo53vV2DKzfS7rr5gmVAmyzJdUFo8OoYirklqak8KBqwwBySvb
Nox/jQNYBXyepxTqcqeY6GHQ4PiGEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOqk
DX6YidfKdOBJbdHEWnQwEGfpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EN0Y0NUE1MEY2ODIxMUVGOTUyODYyNUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcpyMA0GCSqGSIb3DQEBCwUA
A4IBAQCOcpUR8Ctqvmui3mEdKlxPht29I8KkIw8+XZjbm5BDR3ktIRhNSPoFMs5R
0E8wtnJbIchxHscfaBfCjIQtogKvETl14X5aK7f3cqVgWSao0qsgLYr2xibW6Cl7
0gWf1brpMdfMjfFcvUwpJ8IU8aVMtubD3PclSRRpX0sp1cXuNZMfd1DShp7c+0Yb
r+KsMyO7pE9A43sym+FtVlgRBEvSIalUPF5lPrhgZXWKU10ohRakHIVxdgQY3tc7
aCYo3VUaKK9NQEPy0aFdeMNU7/bdd83klzcL1yTBIoBZCIjIl3Pn9zxK/QxMLN8J
mpYA4bCfpdi+W5YroknjeZoxVAy1
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:15 2025 by rpki-client