Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F120376CF8F111EF8C227B62762E951A.roa
File: F120376CF8F111EF8C227B62762E951A.roa (raw, json)
Hash identifier: 5BIdM5jLGDkV5gs1/HCyuO1BeKIFS44P1joPys2K3PY=
Subject key identifier: 68:E0:62:AC:E9:BC:D8:C7:9B:23:78:35:5D:AE:91:C1:AA:DC:D0:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01430C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F120376CF8F111EF8C227B62762E951A.roa
Signing time: Tue 04 Mar 2025 12:12:29 +0000
ROA not before: Tue 04 Mar 2025 12:12:24 +0000
ROA not after: Sun 06 Apr 2025 12:12:24 +0000
asID: 215691
IP address blocks: 45.198.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:12:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82700 (0x1430c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 4 12:12:24 2025 GMT
Not After : Apr 6 12:12:24 2025 GMT
Subject: CN=67c6ee2d-a99f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1f:31:12:16:49:41:96:81:b1:50:e0:59:4f:
8b:74:30:58:d8:86:33:4e:a0:ea:b0:4c:d4:af:e8:
e0:37:c0:e6:17:1d:bf:66:c9:30:5c:da:76:91:5e:
8a:b3:0b:8a:fe:cd:73:dc:2d:4a:e3:ba:cc:5f:d6:
ee:f3:69:30:63:36:68:da:99:5d:71:12:5c:df:72:
e2:ba:14:ab:d0:7f:21:c5:af:29:41:9d:57:bf:cc:
6a:97:98:24:e6:ed:51:01:84:b7:f1:4e:c4:c3:46:
76:4f:64:06:fe:8a:5c:84:36:30:2d:b0:0e:30:34:
14:91:4f:3b:22:a8:fa:19:78:d2:2a:93:f1:4b:b6:
dd:0d:ec:36:f8:06:92:69:fa:0d:4d:75:fa:04:cb:
74:90:2e:a4:1f:ad:57:9e:db:49:e6:50:14:90:dc:
75:fb:c3:95:01:04:09:0b:78:52:db:b5:78:58:81:
95:80:8c:0f:6e:c8:7e:84:50:52:19:d7:5c:4c:a9:
ae:2c:8d:6f:2f:ec:7a:15:57:0c:27:45:c3:f8:5a:
72:9b:59:ff:f3:c5:3a:38:cb:23:c5:ca:6c:1f:8b:
8a:ff:1f:b2:5d:89:37:d5:16:f7:0a:58:e6:43:e0:
75:bb:b1:c9:86:5f:9e:e2:47:fb:74:bb:45:8a:0c:
70:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E0:62:AC:E9:BC:D8:C7:9B:23:78:35:5D:AE:91:C1:AA:DC:D0:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F120376CF8F111EF8C227B62762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.55.0/24
Signature Algorithm: sha256WithRSAEncryption
47:3a:7c:5c:2e:16:ee:87:b5:5b:89:b9:8a:5f:3c:cf:f0:1e:
84:de:6e:fb:fb:cd:e1:7f:55:b1:f4:d8:c4:c1:b6:b7:40:39:
72:2f:15:39:3c:45:f2:6c:08:c3:ea:a8:44:d8:dc:bc:85:18:
ef:07:22:cc:fa:f8:c6:bf:f5:5e:23:25:a2:58:3b:36:37:3d:
35:f7:02:33:2b:bc:60:5b:55:d5:5c:55:a3:d4:ba:c4:01:f9:
ae:e8:d7:2d:c3:fe:c5:0a:94:16:12:09:ea:14:2e:74:58:74:
ea:30:86:58:9b:a7:b0:fa:16:99:93:4e:31:27:79:b3:60:1a:
23:7d:72:bd:d6:b5:35:a8:5d:8b:92:ab:b8:c4:52:4f:ef:e6:
59:6e:4b:5c:8e:46:9c:de:e0:1e:91:b5:24:b0:ca:22:58:f1:
a6:60:aa:bc:7a:55:12:8f:b7:db:e5:77:f8:cb:ac:8c:39:66:
04:0c:3f:f7:03:1f:9c:45:71:f6:b6:42:79:64:20:54:07:49:
17:d6:8f:98:a9:25:0c:d8:02:c1:21:ba:91:df:d0:75:7e:c2:
86:02:75:68:4b:ca:84:bc:eb:cb:17:ce:30:31:ab:8b:dd:25:
9c:45:9b:b1:c8:68:44:ff:73:e7:b1:d0:7b:ff:2b:b1:fa:a8:
3f:f5:18:60
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUMMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA0MTIxMjI0WhcNMjUwNDA2MTIxMjI0WjAYMRYw
FAYDVQQDEw02N2M2ZWUyZC1hOTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxx8xEhZJQZaBsVDgWU+LdDBY2IYzTqDqsEzUr+jgN8DmFx2/ZskwXNp2
kV6KswuK/s1z3C1K47rMX9bu82kwYzZo2pldcRJc33LiuhSr0H8hxa8pQZ1Xv8xq
l5gk5u1RAYS38U7Ew0Z2T2QG/opchDYwLbAOMDQUkU87Iqj6GXjSKpPxS7bdDew2
+AaSafoNTXX6BMt0kC6kH61XnttJ5lAUkNx1+8OVAQQJC3hS27V4WIGVgIwPbsh+
hFBSGddcTKmuLI1vL+x6FVcMJ0XD+Fpym1n/88U6OMsjxcpsH4uK/x+yXYk31Rb3
CljmQ+B1u7HJhl+e4kf7dLtFigxwmwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGjg
YqzpvNjHmyN4NV2ukcGq3NC+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMTIwMzc2Q0Y4RjExMUVGOEMyMjdCNjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcY3MA0GCSqGSIb3DQEBCwUA
A4IBAQBHOnxcLhbuh7VbibmKXzzP8B6E3m77+83hf1Wx9NjEwba3QDlyLxU5PEXy
bAjD6qhE2Ny8hRjvByLM+vjGv/VeIyWiWDs2Nz019wIzK7xgW1XVXFWj1LrEAfmu
6Nctw/7FCpQWEgnqFC50WHTqMIZYm6ew+haZk04xJ3mzYBojfXK91rU1qF2Lkqu4
xFJP7+ZZbktcjkac3uAekbUksMoiWPGmYKq8elUSj7fb5Xf4y6yMOWYEDD/3Ax+c
RXH2tkJ5ZCBUB0kX1o+YqSUM2ALBIbqR39B1fsKGAnVoS8qEvOvLF84wMauL3SWc
RZuxyGhE/3PnsdB7/yux+qg/9Rhg
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:43 2025 by rpki-client