Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6D5F57AF43211EFA519D168762E951A.roa
File: F6D5F57AF43211EFA519D168762E951A.roa (raw, json)
Hash identifier: vN925B/pFvDuHmNLOIc6zT2llXw48jfWaG8g8f6hdVw=
Subject key identifier: 2E:AF:2E:B7:77:E3:B7:C0:72:4C:44:C3:F7:C8:78:49:5D:0E:5F:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0131AE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6D5F57AF43211EFA519D168762E951A.roa
Signing time: Wed 26 Feb 2025 11:15:20 +0000
ROA not before: Wed 26 Feb 2025 11:15:16 +0000
ROA not after: Sat 19 Feb 2028 11:15:16 +0000
asID: 17561
IP address blocks: 45.196.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78254 (0x131ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 11:15:16 2025 GMT
Not After : Feb 19 11:15:16 2028 GMT
Subject: CN=67bef7c8-f911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:1f:7d:be:8f:cd:75:1c:68:e7:37:29:20:cc:
c9:aa:9f:8f:de:66:3c:ff:65:17:a8:f8:9b:03:8b:
48:0b:ea:1d:e6:72:19:dc:57:30:c0:97:18:8a:c9:
2b:60:2a:97:d6:3b:5c:48:c9:45:5f:19:29:11:24:
ca:d5:1c:f1:8d:e6:12:a4:5c:3e:c6:75:47:b7:08:
07:02:60:f2:fc:43:20:ac:cd:7d:6d:10:f7:b5:44:
8d:1b:55:36:1d:da:b9:57:d6:c7:ce:8a:e1:a7:96:
28:2d:1f:d4:2e:04:4e:40:5e:12:98:77:0a:db:dd:
dd:95:89:7d:31:24:49:bc:b9:14:fe:6d:46:d7:37:
14:2e:8b:ff:e4:48:dc:1f:38:e8:8a:c4:ab:06:78:
b6:53:bb:36:63:1c:72:28:72:55:d9:6f:89:bb:66:
04:b6:32:9d:e0:d4:a0:24:f6:c7:82:8c:13:f2:e7:
9e:76:50:3d:5a:b9:07:a9:34:36:7c:fb:4a:f3:ac:
83:3e:a6:fe:72:d7:95:94:9a:be:bb:b6:62:40:26:
4d:dc:2e:03:30:73:00:24:42:d3:d8:18:fe:3c:f6:
ad:b2:7b:66:28:dc:33:69:b5:42:6d:49:3d:3d:8e:
c1:90:be:c4:6e:15:d0:df:2a:8f:0b:99:44:44:28:
85:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:AF:2E:B7:77:E3:B7:C0:72:4C:44:C3:F7:C8:78:49:5D:0E:5F:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6D5F57AF43211EFA519D168762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.0.0/24
Signature Algorithm: sha256WithRSAEncryption
38:ad:3e:5b:2a:8c:07:e6:f5:ca:1e:ac:a7:a3:32:67:2a:a3:
75:5f:a2:0a:a8:50:cc:29:e2:bc:e3:fb:8f:31:54:83:85:d2:
1e:92:49:3e:dc:e2:03:76:d9:f5:64:56:4e:09:d4:9d:1a:96:
16:0b:ff:fe:ae:33:5a:a1:5f:06:1a:c6:2d:e6:e8:44:a2:90:
9e:ff:e8:35:06:ab:d3:92:5a:5f:a3:d3:5e:e9:0e:ba:b2:02:
92:c2:7c:d3:2f:08:e8:89:81:32:1f:fd:65:ed:e4:97:e0:49:
9a:cd:6d:95:31:8f:cb:da:e6:60:c2:5f:99:1b:f7:c7:09:23:
bd:2d:31:bd:b6:3d:76:aa:34:65:08:fc:11:bf:78:17:b9:4d:
e5:8f:17:d7:c0:42:29:bc:6e:c7:e1:92:3f:2c:68:2b:04:1c:
dd:b1:41:19:f2:4f:c9:9c:b1:11:da:3f:dc:29:1b:2d:2b:21:
dc:c9:a3:74:c5:57:86:18:54:c9:10:b3:d6:29:df:cb:fc:67:
70:e4:d8:aa:da:90:e4:cd:53:12:21:5c:4d:f9:93:07:18:71:
72:a2:84:e6:f6:f2:6c:05:25:24:fa:ea:46:f0:10:64:c3:5e:
22:5b:2d:5a:2e:53:58:ab:f7:06:43:e8:fc:78:96:54:7b:f3:
df:65:4e:bd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATGuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTExNTE2WhcNMjgwMjE5MTExNTE2WjAYMRYw
FAYDVQQDEw02N2JlZjdjOC1mOTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6h99vo/NdRxo5zcpIMzJqp+P3mY8/2UXqPibA4tIC+od5nIZ3FcwwJcY
iskrYCqX1jtcSMlFXxkpESTK1RzxjeYSpFw+xnVHtwgHAmDy/EMgrM19bRD3tUSN
G1U2Hdq5V9bHzorhp5YoLR/ULgROQF4SmHcK293dlYl9MSRJvLkU/m1G1zcULov/
5EjcHzjoisSrBni2U7s2YxxyKHJV2W+Ju2YEtjKd4NSgJPbHgowT8ueedlA9WrkH
qTQ2fPtK86yDPqb+cteVlJq+u7ZiQCZN3C4DMHMAJELT2Bj+PPatsntmKNwzabVC
bUk9PY7BkL7EbhXQ3yqPC5lERCiFgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC6v
Lrd347fAckxEw/fIeEldDl9UMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNkQ1RjU3QUY0MzIxMUVGQTUxOUQxNjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcQAMA0GCSqGSIb3DQEBCwUA
A4IBAQA4rT5bKowH5vXKHqynozJnKqN1X6IKqFDMKeK84/uPMVSDhdIekkk+3OID
dtn1ZFZOCdSdGpYWC//+rjNaoV8GGsYt5uhEopCe/+g1BqvTklpfo9Ne6Q66sgKS
wnzTLwjoiYEyH/1l7eSX4EmazW2VMY/L2uZgwl+ZG/fHCSO9LTG9tj12qjRlCPwR
v3gXuU3ljxfXwEIpvG7H4ZI/LGgrBBzdsUEZ8k/JnLER2j/cKRstKyHcyaN0xVeG
GFTJELPWKd/L/Gdw5Niq2pDkzVMSIVxN+ZMHGHFyooTm9vJsBSUk+upG8BBkw14i
Wy1aLlNYq/cGQ+j8eJZUe/PfZU69
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:31:39 2025 by rpki-client