Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DAC73F60F67B11EF89721AAC762E951A.roa
File: DAC73F60F67B11EF89721AAC762E951A.roa (raw, json)
Hash identifier: /7znxh1gViHz+3hWNZ27DGCE3KUZVt/wY3c7TCoUGF8=
Subject key identifier: 8C:5D:A1:00:CB:02:DC:6D:4B:78:87:AF:DF:89:B1:FD:BD:1B:0B:A0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013FD6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DAC73F60F67B11EF89721AAC762E951A.roa
Signing time: Sat 01 Mar 2025 09:02:08 +0000
ROA not before: Sat 01 Mar 2025 09:02:05 +0000
ROA not after: Wed 23 Apr 2025 09:02:05 +0000
asID: 3257
IP address blocks: 45.199.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81878 (0x13fd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 1 09:02:05 2025 GMT
Not After : Apr 23 09:02:05 2025 GMT
Subject: CN=67c2cd10-7f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f3:96:d7:cc:76:48:9c:36:87:dd:69:f7:ae:
c7:38:06:39:63:bf:35:4d:be:9e:92:e7:11:04:b0:
9a:c6:44:bb:8f:06:eb:10:9f:68:5e:35:64:b8:b9:
98:de:e6:9d:0d:09:16:64:c0:5c:8b:60:59:8c:7c:
1f:84:0a:cf:eb:70:0a:2e:5b:8e:a5:cd:1a:39:a4:
94:f9:c6:11:e5:28:de:ee:7c:56:ac:52:f7:83:73:
5f:b4:e8:6d:fa:2e:2b:db:78:b7:52:a7:99:24:94:
8a:86:22:dd:2d:10:93:bd:28:8a:9a:ef:b9:9e:7d:
55:c5:73:ec:4b:3f:7d:be:10:88:af:20:2f:7c:b2:
85:ec:2d:ce:54:b2:d5:00:66:3d:02:23:d8:83:c6:
da:cb:b8:35:d4:79:a6:71:7b:ff:79:6e:bc:32:7f:
83:f8:e4:d9:f0:41:16:88:75:7c:46:09:55:23:c0:
80:0e:21:71:c2:4c:14:c4:56:ce:bc:cc:20:d5:3a:
e2:df:e3:16:af:f8:04:12:af:f0:4a:77:e7:9f:83:
ca:d3:b2:33:4d:10:c4:0f:1f:23:e7:de:4d:b7:74:
1a:c3:c5:1c:6c:d3:fa:6d:bc:22:6f:04:f8:ad:e1:
b4:cd:f5:4f:e6:e6:7e:55:b2:37:cf:cd:f7:fc:93:
b0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:5D:A1:00:CB:02:DC:6D:4B:78:87:AF:DF:89:B1:FD:BD:1B:0B:A0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DAC73F60F67B11EF89721AAC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.149.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:06:00:c0:b7:c8:ff:16:42:76:55:08:26:86:c5:45:dc:74:
5e:d5:5e:96:8c:aa:2b:63:9f:b6:74:4f:44:f4:f3:64:e3:16:
5d:cb:77:8a:93:f6:35:62:82:98:aa:75:8e:e1:52:d6:21:b3:
fa:bc:44:b7:48:91:a4:fa:8c:2b:25:ba:da:36:2f:2a:ae:b3:
2d:26:43:88:d4:39:49:41:54:d3:5f:54:17:dc:ac:39:19:c5:
48:1a:7a:9c:56:01:a2:22:0e:51:1a:3e:22:4a:70:35:54:f5:
39:b6:ed:8a:a4:92:a1:2f:62:cf:0a:90:4a:d2:a1:5a:74:9e:
71:ad:e6:cf:ba:4f:0f:32:d4:06:7c:b0:95:09:74:da:10:20:
ec:af:68:10:bc:05:d4:67:d4:5a:e6:08:ce:8e:f3:ff:75:7d:
8a:8c:36:e4:46:cb:4f:e4:73:80:0d:c0:fd:34:a5:04:58:84:
f3:1d:2c:2c:96:50:7c:ab:89:71:02:eb:e7:17:95:d0:7b:1d:
7d:43:02:a3:dc:ee:b1:da:48:b0:64:d0:b8:b5:05:e6:f8:92:
6d:da:04:3e:8c:a3:35:f2:72:49:d7:3c:cc:33:6f:11:d1:7d:
f4:b2:f2:01:71:8a:a9:ad:84:ed:cf:77:54:ec:4a:96:fe:96:
84:13:b3:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT/WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAxMDkwMjA1WhcNMjUwNDIzMDkwMjA1WjAYMRYw
FAYDVQQDEw02N2MyY2QxMC03ZjZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5POW18x2SJw2h91p967HOAY5Y781Tb6ekucRBLCaxkS7jwbrEJ9oXjVk
uLmY3uadDQkWZMBci2BZjHwfhArP63AKLluOpc0aOaSU+cYR5Sje7nxWrFL3g3Nf
tOht+i4r23i3UqeZJJSKhiLdLRCTvSiKmu+5nn1VxXPsSz99vhCIryAvfLKF7C3O
VLLVAGY9AiPYg8bay7g11HmmcXv/eW68Mn+D+OTZ8EEWiHV8RglVI8CADiFxwkwU
xFbOvMwg1Tri3+MWr/gEEq/wSnfnn4PK07IzTRDEDx8j595Nt3Qaw8UcbNP6bbwi
bwT4reG0zfVP5uZ+VbI3z833/JOwYQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIxd
oQDLAtxtS3iHr9+Jsf29GwugMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQUM3M0Y2MEY2N0IxMUVGODk3MjFBQUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALceVMA0GCSqGSIb3DQEBCwUA
A4IBAQB+BgDAt8j/FkJ2VQgmhsVF3HRe1V6WjKorY5+2dE9E9PNk4xZdy3eKk/Y1
YoKYqnWO4VLWIbP6vES3SJGk+owrJbraNi8qrrMtJkOI1DlJQVTTX1QX3Kw5GcVI
GnqcVgGiIg5RGj4iSnA1VPU5tu2KpJKhL2LPCpBK0qFadJ5xrebPuk8PMtQGfLCV
CXTaECDsr2gQvAXUZ9Ra5gjOjvP/dX2KjDbkRstP5HOADcD9NKUEWITzHSwsllB8
q4lxAuvnF5XQex19QwKj3O6x2kiwZNC4tQXm+JJt2gQ+jKM18nJJ1zzMM28R0X30
svIBcYqprYTtz3dU7EqW/paEE7Or
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:16:54 2025 by rpki-client