Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0562FA7C114111F0B43B3D83762E951A.roa
File: 0562FA7C114111F0B43B3D83762E951A.roa (raw, json)
Hash identifier: 3Hk8msnTJpL/dzTiWhJjw2pcgs4BRUu12WsElBKTTl8=
Subject key identifier: FB:8F:D3:6A:C8:30:15:36:F4:A0:EF:5C:E6:7A:58:42:0F:FF:F0:1D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014A11
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0562FA7C114111F0B43B3D83762E951A.roa
Signing time: Fri 04 Apr 2025 10:39:01 +0000
ROA not before: Fri 04 Apr 2025 10:38:57 +0000
ROA not after: Fri 09 May 2025 10:38:57 +0000
asID: 203020
IP address blocks: 45.196.0.0/21 maxlen: 24
45.196.8.0/22 maxlen: 24
45.196.12.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84497 (0x14a11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 4 10:38:57 2025 GMT
Not After : May 9 10:38:57 2025 GMT
Subject: CN=67efb6c5-f7eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f8:35:8d:62:f9:c0:db:4a:c9:dc:2b:b0:89:
68:68:21:73:86:43:85:91:9e:9a:8e:0d:f4:ed:88:
f6:b3:80:f3:0b:ff:07:a8:e0:59:bc:b7:6f:f9:cb:
03:fb:d2:af:99:92:56:6b:3a:da:05:ed:c0:13:a9:
27:7e:c8:8f:ad:1a:aa:a3:b8:18:39:7c:6c:0b:09:
c2:ec:71:8b:3c:7a:14:f2:25:75:b1:54:35:0c:c9:
9a:6a:84:c6:52:ed:b2:cb:7f:c7:09:f4:33:41:5a:
e4:b0:39:d4:30:3a:3c:67:65:fa:0e:ef:5a:cd:ce:
8c:bf:62:4b:2c:dd:5b:ab:6c:ad:e4:29:6e:56:d8:
5e:5d:92:6e:43:88:77:a7:d4:72:fe:2a:92:6c:e2:
ce:f6:1b:84:14:ce:c3:d7:5b:e9:de:9f:6c:c0:46:
3e:70:0a:ff:ba:24:c9:5c:10:64:aa:96:7c:e4:60:
55:fa:4a:10:d4:6f:e7:f0:2e:a0:7a:b7:e5:77:f6:
19:75:3e:d5:02:9b:d0:6e:83:18:b7:66:95:96:62:
47:67:56:2f:3a:65:c6:82:74:49:3a:86:95:7d:18:
bb:67:f1:cf:2b:cc:5f:be:29:54:05:fd:a6:6e:b8:
e7:3e:04:00:53:de:fe:24:c4:3e:fd:22:aa:e3:9d:
40:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:8F:D3:6A:C8:30:15:36:F4:A0:EF:5C:E6:7A:58:42:0F:FF:F0:1D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0562FA7C114111F0B43B3D83762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.0.0-45.196.13.255
Signature Algorithm: sha256WithRSAEncryption
00:01:ca:94:38:70:11:7f:3e:31:d0:a3:c9:da:42:f5:c7:1a:
db:38:e1:f4:bc:bf:fa:aa:7f:00:3f:d7:4d:75:e8:b1:03:88:
ba:5c:a9:68:e8:18:fc:1a:57:18:31:7d:3d:ac:3c:3b:61:74:
6c:36:2b:94:8f:a4:f4:00:f6:c4:c9:6b:25:96:2b:a2:20:7b:
cb:ef:49:8f:af:0d:b1:34:59:40:1b:ad:0c:1a:2c:4d:2c:c6:
13:dc:af:f0:aa:1e:45:29:3c:a6:6c:32:fa:80:26:55:3d:0a:
76:f3:9b:76:0d:a9:59:41:72:00:03:f9:fa:86:77:f3:31:67:
31:01:df:2b:89:90:25:4d:92:b1:39:a2:eb:9a:02:04:e4:de:
4b:2d:0f:55:69:6c:f2:2a:8d:bf:b5:9a:cd:7a:31:04:4a:9d:
1e:43:6a:19:e2:eb:10:98:43:f9:9c:ee:32:81:d3:f8:fe:24:
e2:8d:02:da:f1:1d:e7:3f:8e:e6:db:a7:ef:f9:9d:7d:22:21:
af:db:fa:44:31:81:1e:06:df:24:cc:e8:4b:fa:f4:a9:47:3c:
b8:b1:69:df:89:d9:14:0c:41:5c:0c:0f:1e:d0:3c:c1:49:bf:
6b:cc:e4:6d:a0:c5:97:85:64:b0:1c:aa:89:0f:dc:f7:f1:56:
52:f0:fa:5f
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIDAUoRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA0MTAzODU3WhcNMjUwNTA5MTAzODU3WjAYMRYw
FAYDVQQDEw02N2VmYjZjNS1mN2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu/g1jWL5wNtKydwrsIloaCFzhkOFkZ6ajg307Yj2s4DzC/8HqOBZvLdv
+csD+9KvmZJWazraBe3AE6knfsiPrRqqo7gYOXxsCwnC7HGLPHoU8iV1sVQ1DMma
aoTGUu2yy3/HCfQzQVrksDnUMDo8Z2X6Du9azc6Mv2JLLN1bq2yt5CluVtheXZJu
Q4h3p9Ry/iqSbOLO9huEFM7D11vp3p9swEY+cAr/uiTJXBBkqpZ85GBV+koQ1G/n
8C6gerfld/YZdT7VApvQboMYt2aVlmJHZ1YvOmXGgnRJOoaVfRi7Z/HPK8xfvilU
Bf2mbrjnPgQAU97+JMQ+/SKq451AvwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFPuP
02rIMBU29KDvXOZ6WEIP//AdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNTYyRkE3QzExNDExMUYwQjQzQjNEODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwItxAMEAS3EDDANBgkqhkiG
9w0BAQsFAAOCAQEAAAHKlDhwEX8+MdCjydpC9cca2zjh9Ly/+qp/AD/XTXXosQOI
ulypaOgY/BpXGDF9Paw8O2F0bDYrlI+k9AD2xMlrJZYroiB7y+9Jj68NsTRZQBut
DBosTSzGE9yv8KoeRSk8pmwy+oAmVT0KdvObdg2pWUFyAAP5+oZ38zFnMQHfK4mQ
JU2SsTmi65oCBOTeSy0PVWls8iqNv7WazXoxBEqdHkNqGeLrEJhD+ZzuMoHT+P4k
4o0C2vEd5z+O5tun7/mdfSIhr9v6RDGBHgbfJMzoS/r0qUc8uLFp34nZFAxBXAwP
HtA8wUm/a8zkbaDFl4VksByqiQ/c9/FWUvD6Xw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:15:17 2025 by rpki-client