Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3E041C8F46E11EFB58B238D762E951A.roa
File: E3E041C8F46E11EFB58B238D762E951A.roa (raw, json)
Hash identifier: qn9Cw4TVoKfhpUpWG6TzxZdHsMw5umjy19cy1OnkFV8=
Subject key identifier: F7:44:ED:DB:0D:DF:7C:F5:2C:84:9E:9E:16:B6:A9:74:58:10:9A:F9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013657
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3E041C8F46E11EFB58B238D762E951A.roa
Signing time: Wed 26 Feb 2025 18:24:18 +0000
ROA not before: Wed 26 Feb 2025 18:24:14 +0000
ROA not after: Thu 19 Feb 2026 18:24:14 +0000
asID: 984
IP address blocks: 45.201.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79447 (0x13657)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 18:24:14 2025 GMT
Not After : Feb 19 18:24:14 2026 GMT
Subject: CN=67bf5c52-8c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0d:e8:68:95:a7:48:96:69:3b:63:df:ff:5a:
94:b9:d2:b3:d7:cb:00:1f:0f:e3:48:cd:b6:4c:77:
f1:e6:3a:4a:5f:50:bd:c6:00:1a:7a:37:7b:a7:02:
1f:39:5f:b3:ff:11:72:f4:fe:be:fa:38:3d:c2:0d:
df:ab:12:e6:29:8c:2c:11:c1:c3:d9:61:99:68:29:
85:9f:5b:08:8c:55:24:aa:ab:86:1d:c9:bf:7c:e2:
e0:28:7c:57:c8:c9:3c:cb:f1:45:a1:ce:bd:36:78:
d9:ed:99:cc:81:b9:2c:9f:67:7d:46:fb:f2:75:cd:
88:eb:2f:5f:01:37:49:20:dd:56:10:b6:6a:c1:ca:
9a:a6:57:2d:0e:33:86:bb:3f:76:48:13:aa:38:f4:
2c:19:ab:a3:58:d9:27:8c:53:5e:b3:e9:10:30:96:
67:7c:c6:60:0c:05:3f:b2:6a:83:c8:c8:15:b9:31:
bd:dc:ab:f5:01:50:d5:fe:5f:d4:8b:8c:58:6b:df:
25:f3:5f:2f:6b:8c:da:3b:11:b7:d8:f9:48:56:62:
5c:c1:b3:47:dd:a2:e5:03:13:d2:6a:c8:5e:57:ee:
24:eb:f5:19:56:6d:b4:e9:9d:a9:e5:47:43:88:b2:
4e:46:5b:1b:35:9e:1f:d9:46:22:c7:2c:b7:1d:3a:
9e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:44:ED:DB:0D:DF:7C:F5:2C:84:9E:9E:16:B6:A9:74:58:10:9A:F9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3E041C8F46E11EFB58B238D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.69.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:44:9f:cc:a0:ee:58:fe:79:f7:53:68:f9:fd:29:13:54:ca:
14:14:3e:b8:35:c7:79:c0:d4:76:77:8c:28:5b:68:51:bb:83:
da:b0:ca:e5:ef:b2:64:36:e4:8f:ab:4a:47:d1:ca:1b:44:7d:
ed:12:9d:c6:20:8c:83:4e:52:94:7c:ca:94:95:87:ac:9d:c0:
67:b7:48:a7:6c:74:26:01:0d:df:db:ff:c4:8a:07:8d:ab:1c:
35:08:e3:a8:5b:ce:ec:72:52:c0:fd:2c:74:de:6a:fe:89:29:
b4:a7:55:f7:1d:5b:47:8b:99:4b:98:80:6a:fe:84:80:b6:d3:
ee:00:85:7d:b5:88:d6:35:21:97:49:0a:ed:fb:5c:f2:55:01:
ec:aa:9d:f8:86:b9:16:7a:f9:0f:86:7f:50:a7:0b:f9:19:40:
73:33:2a:74:d2:68:9c:b9:63:86:cb:f1:cc:5f:e7:6b:1f:a2:
1f:d9:07:6c:8e:0d:be:f1:b1:5e:49:c6:7c:fd:04:85:32:83:
d8:cb:15:dd:b4:81:fd:80:53:69:a0:0d:12:de:e7:66:ee:94:
9e:50:d2:e4:67:a3:e0:20:02:90:80:b8:52:cb:81:e8:4a:67:
bd:4c:11:40:21:34:32:36:c1:bc:fb:0a:42:23:dd:9f:04:3f:
06:7a:6d:e9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATZXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTgyNDE0WhcNMjYwMjE5MTgyNDE0WjAYMRYw
FAYDVQQDEw02N2JmNWM1Mi04YzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArQ3oaJWnSJZpO2Pf/1qUudKz18sAHw/jSM22THfx5jpKX1C9xgAaejd7
pwIfOV+z/xFy9P6++jg9wg3fqxLmKYwsEcHD2WGZaCmFn1sIjFUkqquGHcm/fOLg
KHxXyMk8y/FFoc69NnjZ7ZnMgbksn2d9Rvvydc2I6y9fATdJIN1WELZqwcqaplct
DjOGuz92SBOqOPQsGaujWNknjFNes+kQMJZnfMZgDAU/smqDyMgVuTG93Kv1AVDV
/l/Ui4xYa98l818va4zaOxG32PlIVmJcwbNH3aLlAxPSasheV+4k6/UZVm206Z2p
5UdDiLJORlsbNZ4f2UYixyy3HTqefwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPdE
7dsN33z1LISenha2qXRYEJr5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FM0UwNDFDOEY0NkUxMUVGQjU4QjIzOEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALclFMA0GCSqGSIb3DQEBCwUA
A4IBAQAeRJ/MoO5Y/nn3U2j5/SkTVMoUFD64Ncd5wNR2d4woW2hRu4PasMrl77Jk
NuSPq0pH0cobRH3tEp3GIIyDTlKUfMqUlYesncBnt0inbHQmAQ3f2//EigeNqxw1
COOoW87sclLA/Sx03mr+iSm0p1X3HVtHi5lLmIBq/oSAttPuAIV9tYjWNSGXSQrt
+1zyVQHsqp34hrkWevkPhn9Qpwv5GUBzMyp00micuWOGy/HMX+drH6If2Qdsjg2+
8bFeScZ8/QSFMoPYyxXdtIH9gFNpoA0S3udm7pSeUNLkZ6PgIAKQgLhSy4HoSme9
TBFAITQyNsG8+wpCI92fBD8Gem3p
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:15 2025 by rpki-client