Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98EE233E13DA11F0AFA0E3B1762E951A.roa
File: 98EE233E13DA11F0AFA0E3B1762E951A.roa (raw, json)
Hash identifier: C8QkFJ+y1bQgjL4G7+rYOuxr3XtDdOtqHz79JQhM4/c=
Subject key identifier: 43:BC:E5:49:41:54:06:EC:EA:5F:48:9E:6D:8F:CA:90:90:33:E3:C3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014AAC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98EE233E13DA11F0AFA0E3B1762E951A.roa
Signing time: Mon 07 Apr 2025 18:03:24 +0000
ROA not before: Mon 07 Apr 2025 18:03:20 +0000
ROA not after: Wed 14 May 2025 18:03:20 +0000
asID: 20473
IP address blocks: 45.194.116.0/23 maxlen: 24
45.194.119.0/24 maxlen: 24
45.200.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84652 (0x14aac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 7 18:03:20 2025 GMT
Not After : May 14 18:03:20 2025 GMT
Subject: CN=67f4136c-a7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fe:0c:31:f0:82:ce:24:5d:3b:14:67:10:78:
0b:69:ab:b6:53:26:d9:59:08:20:a6:fa:4d:ff:f3:
96:07:80:90:9f:36:45:cf:02:64:d3:14:19:45:7d:
82:e6:e3:de:37:6f:22:4a:f1:88:69:89:cb:5f:91:
34:51:e9:93:2a:f2:57:7c:4f:fa:4e:37:88:1a:f5:
cc:3a:fc:a1:9d:6c:d4:b2:e0:a7:a7:fc:ad:52:fb:
96:a7:a3:77:b1:5c:c2:fa:b1:74:1b:95:ba:1e:b7:
ea:9e:7b:13:b5:cb:05:7f:30:e4:74:2b:1b:b2:93:
03:f5:7d:25:83:ce:06:48:54:da:61:a5:ea:4d:f0:
84:34:26:10:73:35:a3:84:65:e4:c5:2f:fa:fc:18:
60:82:bf:bb:95:7e:b5:a9:b2:07:67:06:06:e8:5a:
a3:d7:de:18:5c:23:fb:38:86:ba:cb:0a:0f:d2:b6:
b5:73:be:7a:9b:e0:b6:6e:63:c8:a6:57:92:47:f7:
8a:69:4d:dd:7f:3d:a0:21:b4:71:95:0d:b8:fd:6d:
75:10:38:6f:79:96:9a:97:2e:1f:9a:d9:ee:a9:cd:
4f:a7:0a:a4:87:54:33:f2:fd:49:6c:0b:09:03:7b:
af:d6:6f:03:0f:e2:4f:79:ae:15:5d:8a:8d:dd:6a:
69:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BC:E5:49:41:54:06:EC:EA:5F:48:9E:6D:8F:CA:90:90:33:E3:C3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98EE233E13DA11F0AFA0E3B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.116.0/23
45.194.119.0/24
45.200.121.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:3b:fa:90:6e:23:c8:8f:87:e2:18:b8:29:dc:c7:60:8a:97:
7c:07:e2:6d:c5:96:fb:73:74:16:2c:8b:59:cc:8d:85:d0:37:
b0:10:6d:b3:94:b1:c3:b4:bc:69:63:82:40:da:33:fe:b3:c9:
b3:a1:a7:5c:30:f5:ce:80:a1:98:35:51:9f:44:ab:8e:16:8d:
29:9f:1c:ec:d5:a2:89:46:88:97:e1:59:fd:fa:e8:1c:c4:88:
ec:e4:73:2e:33:df:d5:62:3c:a6:18:71:48:87:b9:6f:40:80:
be:36:95:19:ac:ce:6d:ed:cf:8e:cf:08:8a:a5:00:fa:68:9a:
f6:77:be:ec:20:81:49:8d:0b:d3:61:15:00:33:c2:b1:42:cc:
e3:85:29:2b:ca:4b:c3:bf:10:22:71:d8:7a:69:89:2c:3e:6e:
a0:23:9d:8c:6f:46:8e:4b:e1:30:91:48:db:fd:cf:fa:0e:4b:
a9:d8:96:33:49:37:4f:fb:e0:83:ce:64:f5:48:02:19:0e:9e:
59:f0:53:88:b1:85:68:8e:df:ac:35:bc:7d:6d:e6:ed:8f:60:
c4:b9:ae:06:4a:a2:60:86:43:1f:81:a4:33:bd:03:91:52:fd:
a8:fc:a5:d8:8d:28:2c:0f:f9:1b:63:ed:e9:a7:d4:70:27:e6:
0c:26:d2:d2
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAUqsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA3MTgwMzIwWhcNMjUwNTE0MTgwMzIwWjAYMRYw
FAYDVQQDEw02N2Y0MTM2Yy1hN2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1/4MMfCCziRdOxRnEHgLaau2UybZWQggpvpN//OWB4CQnzZFzwJk0xQZ
RX2C5uPeN28iSvGIaYnLX5E0UemTKvJXfE/6TjeIGvXMOvyhnWzUsuCnp/ytUvuW
p6N3sVzC+rF0G5W6HrfqnnsTtcsFfzDkdCsbspMD9X0lg84GSFTaYaXqTfCENCYQ
czWjhGXkxS/6/Bhggr+7lX61qbIHZwYG6Fqj194YXCP7OIa6ywoP0ra1c756m+C2
bmPIpleSR/eKaU3dfz2gIbRxlQ24/W11EDhveZaaly4fmtnuqc1Ppwqkh1Qz8v1J
bAsJA3uv1m8DD+JPea4VXYqN3Wpp8wIDAQABo4ICrjCCAqowHQYDVR0OBBYEFEO8
5UlBVAbs6l9Inm2PypCQM+PDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OEVFMjMzRTEzREExMUYwQUZBMEUzQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLcJ0AwQALcJ3AwQALch5MA0G
CSqGSIb3DQEBCwUAA4IBAQCtO/qQbiPIj4fiGLgp3Mdgipd8B+JtxZb7c3QWLItZ
zI2F0DewEG2zlLHDtLxpY4JA2jP+s8mzoadcMPXOgKGYNVGfRKuOFo0pnxzs1aKJ
RoiX4Vn9+ugcxIjs5HMuM9/VYjymGHFIh7lvQIC+NpUZrM5t7c+OzwiKpQD6aJr2
d77sIIFJjQvTYRUAM8KxQszjhSkrykvDvxAicdh6aYksPm6gI52Mb0aOS+EwkUjb
/c/6Dkup2JYzSTdP++CDzmT1SAIZDp5Z8FOIsYVojt+sNbx9bebtj2DEua4GSqJg
hkMfgaQzvQORUv2o/KXYjSgsD/kbY+3pp9RwJ+YMJtLS
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:09:20 2025 by rpki-client