Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F26E3FCAF41D11EFB6BD3456762E951A.roa
File: F26E3FCAF41D11EFB6BD3456762E951A.roa (raw, json)
Hash identifier: InUwQ4/hPdCnyBL4ekYBsZJ/7FalIwTSovIwXw2U4kQ=
Subject key identifier: F2:E0:33:7B:E6:9A:53:9C:23:4D:C7:96:2D:27:4F:15:4E:63:40:05
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013018
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F26E3FCAF41D11EFB6BD3456762E951A.roa
Signing time: Wed 26 Feb 2025 08:44:53 +0000
ROA not before: Wed 26 Feb 2025 08:44:49 +0000
ROA not after: Sat 19 Feb 2028 08:44:49 +0000
asID: 17561
IP address blocks: 45.197.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77848 (0x13018)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 08:44:49 2025 GMT
Not After : Feb 19 08:44:49 2028 GMT
Subject: CN=67bed485-9ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:af:e8:50:70:8c:ec:68:a8:cb:74:99:bf:82:
52:6b:dd:40:6d:0c:a6:ce:ab:ac:ec:67:15:3a:3b:
f9:4c:b5:74:62:ea:cd:cd:95:de:58:1c:fc:54:5e:
5f:fb:63:07:79:02:b7:4a:2a:61:2f:f3:c0:0d:5a:
99:8b:7a:2f:fd:5b:0d:07:cb:77:80:7d:1a:00:f4:
1b:34:94:01:01:9a:0f:26:5a:10:31:fa:39:c2:26:
03:89:ad:1c:55:a6:0a:0c:10:2b:34:4e:b0:3d:39:
4a:16:d4:5a:23:17:a9:fc:24:42:fe:d8:e9:81:8b:
5e:44:f9:39:b8:23:c1:bc:44:80:5b:ae:a2:bb:ee:
e3:30:9d:ec:50:6c:5a:80:fb:17:0f:7e:0f:8b:f0:
1f:fd:d8:ad:41:28:17:70:af:77:00:c6:21:85:3c:
1d:20:5c:87:9f:88:fb:4b:69:48:0d:8a:cc:b7:f9:
57:6a:a1:97:14:9c:c3:98:e5:05:b3:52:18:a0:7a:
70:02:db:1e:ea:35:f3:4f:ba:8c:0f:7b:2b:be:61:
74:4f:62:a0:55:37:c8:b7:36:b9:bd:55:a1:35:52:
6e:0c:56:1f:6c:c3:65:4c:d3:ca:ef:bf:00:a1:8b:
f6:a3:1d:ca:fc:d1:f7:94:b0:62:62:c2:2c:d7:57:
a3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:E0:33:7B:E6:9A:53:9C:23:4D:C7:96:2D:27:4F:15:4E:63:40:05
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F26E3FCAF41D11EFB6BD3456762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.60.0/24
Signature Algorithm: sha256WithRSAEncryption
93:29:45:e0:ad:11:86:d1:eb:3e:8c:ad:8b:14:75:7d:c7:7c:
e6:36:97:1a:70:80:5e:8f:3d:31:21:0c:fe:68:ad:d3:03:47:
50:ad:81:8d:c7:da:66:2a:3b:82:9a:77:26:fc:b0:a2:04:f8:
a7:ae:2d:40:e0:6f:e8:f4:13:b9:94:16:19:dd:20:ee:ca:a2:
66:a1:64:09:bf:47:17:50:f8:e1:b7:fa:b7:7d:ee:35:cf:cd:
ce:1a:50:f9:db:f2:4e:be:c9:0f:bf:ae:9c:64:62:c4:fd:0b:
a8:1a:d1:ae:50:5e:f7:82:18:7d:01:55:96:95:5a:e4:fe:d5:
e7:7b:8e:85:01:34:9a:4b:dc:69:6c:2b:4e:d2:16:ed:9b:28:
05:ac:17:ef:dd:dc:1f:e1:af:c9:21:da:41:6a:46:70:e1:6e:
69:bb:24:5d:47:1b:fd:b9:f1:b1:6f:28:04:2d:7e:81:98:27:
10:9d:a0:e4:ad:ca:2b:78:4a:d8:03:6e:39:05:ca:21:6b:11:
bb:18:e2:05:a7:fb:5f:cf:e2:ba:ad:c4:7b:b4:32:4d:fc:9c:
69:f4:ea:6b:f9:e6:d2:7e:9b:8e:33:2b:ff:2e:a3:c3:87:ca:
6c:f5:36:ac:37:c4:fd:6b:76:ad:60:79:c2:7d:f3:07:98:c5:
cd:6c:27:61
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATAYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MDg0NDQ5WhcNMjgwMjE5MDg0NDQ5WjAYMRYw
FAYDVQQDEw02N2JlZDQ4NS05YmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8a/oUHCM7Gioy3SZv4JSa91AbQymzqus7GcVOjv5TLV0YurNzZXeWBz8
VF5f+2MHeQK3SiphL/PADVqZi3ov/VsNB8t3gH0aAPQbNJQBAZoPJloQMfo5wiYD
ia0cVaYKDBArNE6wPTlKFtRaIxep/CRC/tjpgYteRPk5uCPBvESAW66iu+7jMJ3s
UGxagPsXD34Pi/Af/ditQSgXcK93AMYhhTwdIFyHn4j7S2lIDYrMt/lXaqGXFJzD
mOUFs1IYoHpwAtse6jXzT7qMD3srvmF0T2KgVTfItza5vVWhNVJuDFYfbMNlTNPK
778AoYv2ox3K/NH3lLBiYsIs11ejzQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPLg
M3vmmlOcI03Hli0nTxVOY0AFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMjZFM0ZDQUY0MUQxMUVGQjZCRDM0NTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcU8MA0GCSqGSIb3DQEBCwUA
A4IBAQCTKUXgrRGG0es+jK2LFHV9x3zmNpcacIBejz0xIQz+aK3TA0dQrYGNx9pm
KjuCmncm/LCiBPinri1A4G/o9BO5lBYZ3SDuyqJmoWQJv0cXUPjht/q3fe41z83O
GlD52/JOvskPv66cZGLE/QuoGtGuUF73ghh9AVWWlVrk/tXne46FATSaS9xpbCtO
0hbtmygFrBfv3dwf4a/JIdpBakZw4W5puyRdRxv9ufGxbygELX6BmCcQnaDkrcor
eErYA245BcohaxG7GOIFp/tfz+K6rcR7tDJN/Jxp9Opr+ebSfpuOMyv/LqPDh8ps
9TasN8T9a3atYHnCffMHmMXNbCdh
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:42 2025 by rpki-client