Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8575F7213D011F094C20A78762E951A.roa
File: D8575F7213D011F094C20A78762E951A.roa (raw, json)
Hash identifier: Rjr7VmvcEaMkSZdIf1Pb3Ws3Vh1HMT1STNqOvtGXdZc=
Subject key identifier: A8:CC:D0:5E:9E:DA:63:6C:31:C4:03:60:C8:2A:FC:30:31:FD:87:B4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014A9A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8575F7213D011F094C20A78762E951A.roa
Signing time: Mon 07 Apr 2025 16:53:35 +0000
ROA not before: Mon 07 Apr 2025 16:53:31 +0000
ROA not after: Mon 12 May 2025 16:53:31 +0000
asID: 395886
IP address blocks: 45.207.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 24 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84634 (0x14a9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 7 16:53:31 2025 GMT
Not After : May 12 16:53:31 2025 GMT
Subject: CN=67f4030f-48db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:19:ba:9d:dd:4f:81:a6:6f:e4:4e:3f:3f:f4:
70:2f:b0:32:39:bd:ac:f6:ac:79:8f:a4:66:00:34:
90:00:60:56:16:d6:12:77:d8:35:b1:76:95:52:7f:
e2:63:d5:77:3a:8d:d8:86:d4:fc:b2:df:12:3c:11:
d8:6f:fc:a1:98:86:35:9b:0d:a7:db:6f:4a:a7:49:
5d:b1:60:da:26:35:3e:cc:a7:55:61:37:92:69:90:
40:14:f9:63:07:e4:ef:ba:a9:96:bf:aa:50:57:bf:
a6:50:7b:53:c6:9b:77:9e:68:c2:1e:d5:8e:a6:2c:
2e:48:51:68:ae:58:7f:9a:62:12:05:cb:f2:60:d5:
14:85:5d:96:f9:9d:e0:12:5a:48:e7:ac:ea:a5:08:
5d:3d:3e:3e:3d:35:d5:89:ac:0e:74:47:6f:6f:2f:
ce:c2:55:b8:86:f9:85:ec:b8:4a:7f:5b:33:90:00:
aa:c3:18:46:1f:30:16:44:b4:e2:dd:84:8b:14:31:
23:88:64:b1:fe:9f:04:42:db:52:1b:af:94:2a:2b:
ab:c9:bb:02:89:33:ce:41:84:0d:1a:d4:ea:b2:cc:
bc:85:80:1c:66:1c:c9:93:9e:71:64:4d:e5:ab:78:
d0:d4:69:a4:86:ed:4d:7f:1b:5d:23:2e:00:cd:f0:
d1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CC:D0:5E:9E:DA:63:6C:31:C4:03:60:C8:2A:FC:30:31:FD:87:B4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8575F7213D011F094C20A78762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
67:b3:8b:cf:7d:69:b9:2a:0f:49:f6:1a:4d:96:f3:52:97:f1:
bb:21:11:92:47:23:83:64:6d:bb:09:c9:2b:e1:1a:4c:4b:b3:
35:98:a6:ee:cf:42:41:48:26:46:36:88:1c:4e:ec:41:ad:8a:
be:3d:8e:e2:1b:4d:af:f1:36:90:21:27:3a:6a:07:ab:3b:16:
63:d1:af:e4:7b:79:20:f1:f8:e4:ac:12:21:e7:07:2d:16:d0:
95:58:e2:e6:5a:fa:e3:54:9f:f1:c5:6b:3e:89:ee:8b:4d:3c:
2c:69:84:cf:7c:ba:e2:7a:77:f6:2a:98:9e:0a:04:42:0f:32:
9f:db:b2:ae:00:68:b0:59:9b:73:9a:2a:02:17:82:ac:1e:7c:
4b:bc:1a:70:ab:f1:c7:52:1f:a9:6f:1f:2d:ba:e2:9f:46:c5:
39:2d:dc:60:10:2f:e8:06:ea:d0:96:7e:08:1d:11:00:81:08:
ac:63:59:76:4b:35:1e:a1:b6:b0:32:1e:fc:6e:d8:d9:9f:cf:
85:b7:68:dd:a4:a5:0a:2a:6b:d2:52:60:43:b1:fe:cf:5b:2b:
12:dc:7d:d6:85:5a:c9:8f:f1:85:80:b6:92:7c:6c:97:8c:61:
91:40:89:88:8e:29:8f:d3:57:b8:0c:98:be:12:a7:cc:1f:1e:
04:7a:33:27
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUqaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA3MTY1MzMxWhcNMjUwNTEyMTY1MzMxWjAYMRYw
FAYDVQQDEw02N2Y0MDMwZi00OGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4xm6nd1PgaZv5E4/P/RwL7AyOb2s9qx5j6RmADSQAGBWFtYSd9g1sXaV
Un/iY9V3Oo3YhtT8st8SPBHYb/yhmIY1mw2n229Kp0ldsWDaJjU+zKdVYTeSaZBA
FPljB+TvuqmWv6pQV7+mUHtTxpt3nmjCHtWOpiwuSFForlh/mmISBcvyYNUUhV2W
+Z3gElpI56zqpQhdPT4+PTXViawOdEdvby/OwlW4hvmF7LhKf1szkACqwxhGHzAW
RLTi3YSLFDEjiGSx/p8EQttSG6+UKiurybsCiTPOQYQNGtTqssy8hYAcZhzJk55x
ZE3lq3jQ1Gmkhu1NfxtdIy4AzfDR4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKjM
0F6e2mNsMcQDYMgq/DAx/Ye0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EODU3NUY3MjEzRDAxMUYwOTRDMjBBNzg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLc/AMA0GCSqGSIb3DQEBCwUA
A4IBAQBns4vPfWm5Kg9J9hpNlvNSl/G7IRGSRyODZG27Cckr4RpMS7M1mKbuz0JB
SCZGNogcTuxBrYq+PY7iG02v8TaQISc6agerOxZj0a/ke3kg8fjkrBIh5wctFtCV
WOLmWvrjVJ/xxWs+ie6LTTwsaYTPfLrienf2KpieCgRCDzKf27KuAGiwWZtzmioC
F4KsHnxLvBpwq/HHUh+pbx8tuuKfRsU5LdxgEC/oBurQln4IHREAgQisY1l2SzUe
obawMh78btjZn8+Ft2jdpKUKKmvSUmBDsf7PWysS3H3WhVrJj/GFgLaSfGyXjGGR
QImIjimP01e4DJi+EqfMHx4EejMn
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:00:33 2025 by rpki-client