Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB05A6BAF43A11EFB53672A2762E951A.roa
File: FB05A6BAF43A11EFB53672A2762E951A.roa (raw, json)
Hash identifier: ykCHteyW0zy6sfb50/uFUcnC/dgjW92C5n1+r7HsJkI=
Subject key identifier: 49:98:BF:9D:03:AB:33:4D:47:6B:CF:1F:4F:66:5F:F9:89:50:00:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01323E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB05A6BAF43A11EFB53672A2762E951A.roa
Signing time: Wed 26 Feb 2025 12:12:43 +0000
ROA not before: Wed 26 Feb 2025 12:12:39 +0000
ROA not after: Sat 19 Feb 2028 12:12:39 +0000
asID: 17561
IP address blocks: 45.198.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78398 (0x1323e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 12:12:39 2025 GMT
Not After : Feb 19 12:12:39 2028 GMT
Subject: CN=67bf053b-64c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:73:2f:73:79:9c:91:71:3d:71:ea:70:2d:7c:
33:41:6e:c4:62:06:fb:68:5a:90:22:b6:6e:1d:1e:
31:f6:44:d3:89:5d:a2:32:f9:86:87:fd:1c:d1:34:
b7:4d:06:f7:b8:1a:d3:04:39:d9:32:08:52:18:f5:
20:5b:c7:68:d1:61:ae:c7:48:d2:e3:c5:eb:9d:f8:
74:ec:8e:2e:99:4f:69:3c:13:63:2d:00:b6:64:c8:
fa:74:b2:30:52:2a:ca:a3:75:26:aa:46:32:a1:57:
f5:bd:ae:9c:8e:13:ff:46:26:20:ce:83:9d:67:31:
b3:cb:8c:6a:83:e7:a5:a0:76:d2:f9:2e:ef:ee:55:
35:5d:3b:a7:c3:30:00:96:20:b8:26:51:9e:f9:0d:
84:11:bb:b2:e7:5e:b9:78:c5:3b:d4:66:9f:d0:61:
2c:de:05:e5:1e:ff:68:96:1b:2f:92:c6:c8:fa:08:
b8:dd:ff:54:78:bf:12:9a:4c:71:2f:e2:39:d8:09:
0b:eb:50:76:8b:6d:96:84:68:6e:9c:66:4f:a7:75:
14:cb:6f:e3:34:5b:64:8c:dd:04:c3:83:ce:98:87:
4c:eb:61:ac:55:59:0c:37:a3:65:10:cf:c5:66:55:
50:3a:3c:6d:eb:85:33:62:98:e6:da:38:22:6f:10:
6f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:98:BF:9D:03:AB:33:4D:47:6B:CF:1F:4F:66:5F:F9:89:50:00:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB05A6BAF43A11EFB53672A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.11.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:e4:91:0f:cc:ff:16:76:86:19:1d:6b:6c:b2:38:d1:1c:cb:
cf:b6:80:e1:bf:6d:07:47:8f:9b:1e:d4:07:35:90:16:4e:0a:
85:63:27:b8:7c:dd:42:dd:ea:3e:10:1d:ff:ff:f2:69:96:19:
08:35:f7:ad:54:e0:e7:1e:7e:36:32:36:73:5a:43:c7:e4:fc:
39:30:97:a2:64:a4:58:6c:b1:ff:58:6b:1b:8e:3e:ad:34:8b:
9e:65:b5:2f:d2:84:9d:12:02:c7:5c:f9:2f:6d:5b:db:e5:ba:
f3:ac:80:34:3f:db:f7:98:ad:a5:2f:f3:2d:a3:89:f1:0d:f8:
51:60:e6:4b:8a:33:be:4f:d1:bd:77:0a:6f:55:04:75:cb:19:
d2:b7:fc:30:4f:93:f3:bc:73:23:f3:55:22:bc:d3:cf:0a:cc:
20:a8:ea:88:dc:68:f9:a9:44:d5:46:2e:21:77:9b:2e:0c:02:
b2:ec:b6:3f:fe:8b:89:38:f0:df:16:5e:70:95:2a:15:88:17:
b2:47:50:c1:f7:62:e6:4c:84:0d:78:37:34:9f:a6:61:30:b8:
73:e4:ee:fd:0a:7b:44:73:3b:ac:0b:32:b2:bd:9d:cf:7d:44:
46:bf:30:e2:ec:54:72:43:7e:13:dc:8a:0e:98:04:01:37:82:
68:1c:54:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATI+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTIxMjM5WhcNMjgwMjE5MTIxMjM5WjAYMRYw
FAYDVQQDEw02N2JmMDUzYi02NGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxXMvc3mckXE9cepwLXwzQW7EYgb7aFqQIrZuHR4x9kTTiV2iMvmGh/0c
0TS3TQb3uBrTBDnZMghSGPUgW8do0WGux0jS48Xrnfh07I4umU9pPBNjLQC2ZMj6
dLIwUirKo3UmqkYyoVf1va6cjhP/RiYgzoOdZzGzy4xqg+eloHbS+S7v7lU1XTun
wzAAliC4JlGe+Q2EEbuy5165eMU71Gaf0GEs3gXlHv9olhsvksbI+gi43f9UeL8S
mkxxL+I52AkL61B2i22WhGhunGZPp3UUy2/jNFtkjN0Ew4POmIdM62GsVVkMN6Nl
EM/FZlVQOjxt64UzYpjm2jgibxBv8wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEmY
v50DqzNNR2vPH09mX/mJUACLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQjA1QTZCQUY0M0ExMUVGQjUzNjcyQTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcYLMA0GCSqGSIb3DQEBCwUA
A4IBAQCP5JEPzP8WdoYZHWtssjjRHMvPtoDhv20HR4+bHtQHNZAWTgqFYye4fN1C
3eo+EB3///JplhkINfetVODnHn42MjZzWkPH5Pw5MJeiZKRYbLH/WGsbjj6tNIue
ZbUv0oSdEgLHXPkvbVvb5brzrIA0P9v3mK2lL/Mto4nxDfhRYOZLijO+T9G9dwpv
VQR1yxnSt/wwT5PzvHMj81UivNPPCswgqOqI3Gj5qUTVRi4hd5suDAKy7LY//ouJ
OPDfFl5wlSoViBeyR1DB92LmTIQNeDc0n6ZhMLhz5O79CntEczusCzKyvZ3PfURG
vzDi7FRyQ34T3IoOmAQBN4JoHFRV
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:58 2025 by rpki-client