Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D0E4DE017A711F0BAEC2EDD6DB8BCC6.roa
File: 1D0E4DE017A711F0BAEC2EDD6DB8BCC6.roa (raw, json)
Hash identifier: WLnTW5opiLwZi7bn9nDzUfQpn/GS7sDVX56bu77qFgc=
Subject key identifier: 82:A1:A0:C8:20:EF:50:36:D7:9C:00:38:8C:23:2A:68:1D:4F:88:9A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014BDC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D0E4DE017A711F0BAEC2EDD6DB8BCC6.roa
Signing time: Sat 12 Apr 2025 14:04:56 +0000
ROA not before: Sat 12 Apr 2025 14:04:52 +0000
ROA not after: Tue 20 May 2025 14:04:52 +0000
asID: 214413
IP address blocks: 45.194.87.0/24 maxlen: 24
45.194.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84956 (0x14bdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 12 14:04:52 2025 GMT
Not After : May 20 14:04:52 2025 GMT
Subject: CN=67fa7308-8e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:de:ec:e8:88:a1:34:9e:98:46:90:09:a3:e7:
52:af:76:3b:fd:31:68:22:3f:83:8f:1c:01:bd:26:
9f:c7:24:85:57:c7:d6:45:29:9f:db:6e:65:54:c7:
36:3e:06:58:81:6b:2d:7f:37:c1:dc:21:f5:61:e9:
ec:61:7a:b4:03:86:ef:43:e2:f7:39:df:18:64:fb:
5b:62:5e:eb:fc:a7:bc:7c:a9:d9:54:17:19:3d:97:
a4:6f:46:1b:07:3b:b1:54:b4:01:15:09:64:d7:c7:
49:84:cf:8b:b4:8a:56:37:dc:7b:6a:bb:b5:a5:b5:
f5:76:17:ec:ba:38:33:96:f1:30:88:5b:42:b7:8d:
d7:c5:47:6e:29:d9:d6:5a:5a:64:0e:98:a6:47:82:
6e:78:6f:02:fb:d5:d7:2e:b5:b9:9c:b7:b7:be:dd:
b6:2e:03:0f:11:fa:92:53:61:cd:8c:5c:c4:37:70:
8d:77:e9:d7:87:d0:fb:98:24:68:5e:b9:7b:09:fc:
fb:47:5c:fd:e6:23:16:1a:ce:c6:f2:bd:e3:83:4b:
bb:54:6f:ee:f5:ba:1d:ad:ad:3c:ab:12:31:fe:76:
b0:36:b8:8c:f1:17:45:9a:ab:37:b1:80:4a:62:86:
1b:9a:a5:97:02:2d:2f:c0:4e:4e:2c:ae:5c:7c:3f:
9b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A1:A0:C8:20:EF:50:36:D7:9C:00:38:8C:23:2A:68:1D:4F:88:9A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D0E4DE017A711F0BAEC2EDD6DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.87.0/24
45.194.95.0/24
Signature Algorithm: sha256WithRSAEncryption
74:aa:12:b3:4a:48:d4:03:78:5d:8b:56:63:0b:7b:c2:6e:d6:
d7:4c:8e:27:9e:50:d6:d2:71:e6:ee:7d:2b:38:2d:83:dc:5e:
99:e5:3b:c3:91:98:aa:86:a5:db:59:69:95:41:08:5d:87:5b:
72:58:f8:64:06:b1:7c:3c:8f:d2:63:f4:18:d3:d0:19:38:fc:
87:e9:26:6e:39:28:c8:15:4b:8d:1e:7e:6d:22:4c:af:23:a9:
0b:9f:0a:f8:c5:9f:dd:3d:81:12:2c:ba:f6:39:da:ec:83:19:
d1:31:94:24:15:bb:bc:39:6a:0f:df:d1:0c:b3:19:35:ac:06:
fc:4f:0b:0e:40:ff:c6:65:9c:42:15:08:09:4c:51:64:23:49:
d4:e5:50:7e:77:14:8f:02:e8:e7:c2:e1:50:c1:81:11:3f:f7:
05:75:72:c6:a1:89:47:84:89:fa:cd:1a:67:dc:5d:7e:cd:07:
97:8f:9b:35:5c:3e:16:50:8f:af:72:f3:0e:5d:d6:5d:0b:d5:
b6:a6:c4:89:7a:bc:ff:c0:5a:3a:14:63:0e:09:ed:4f:c3:eb:
df:3f:38:22:d2:3c:24:b9:55:41:69:2a:37:92:c3:54:c1:bb:
59:c9:04:67:c7:62:ac:b0:a6:c9:51:a1:9c:04:ba:55:1d:90:
d9:a2:91:34
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUvcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDEyMTQwNDUyWhcNMjUwNTIwMTQwNDUyWjAYMRYw
FAYDVQQDEw02N2ZhNzMwOC04ZTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqd7s6IihNJ6YRpAJo+dSr3Y7/TFoIj+DjxwBvSafxySFV8fWRSmf225l
VMc2PgZYgWstfzfB3CH1YensYXq0A4bvQ+L3Od8YZPtbYl7r/Ke8fKnZVBcZPZek
b0YbBzuxVLQBFQlk18dJhM+LtIpWN9x7aru1pbX1dhfsujgzlvEwiFtCt43XxUdu
KdnWWlpkDpimR4JueG8C+9XXLrW5nLe3vt22LgMPEfqSU2HNjFzEN3CNd+nXh9D7
mCRoXrl7Cfz7R1z95iMWGs7G8r3jg0u7VG/u9bodra08qxIx/nawNriM8RdFmqs3
sYBKYoYbmqWXAi0vwE5OLK5cfD+bbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIKh
oMgg71A215wAOIwjKmgdT4iaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRDBFNERFMDE3QTcxMUYwQkFFQzJFREQ2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALcJXAwQALcJfMA0GCSqGSIb3
DQEBCwUAA4IBAQB0qhKzSkjUA3hdi1ZjC3vCbtbXTI4nnlDW0nHm7n0rOC2D3F6Z
5TvDkZiqhqXbWWmVQQhdh1tyWPhkBrF8PI/SY/QY09AZOPyH6SZuOSjIFUuNHn5t
IkyvI6kLnwr4xZ/dPYESLLr2OdrsgxnRMZQkFbu8OWoP39EMsxk1rAb8TwsOQP/G
ZZxCFQgJTFFkI0nU5VB+dxSPAujnwuFQwYERP/cFdXLGoYlHhIn6zRpn3F1+zQeX
j5s1XD4WUI+vcvMOXdZdC9W2psSJerz/wFo6FGMOCe1Pw+vfPzgi0jwkuVVBaSo3
ksNUwbtZyQRnx2KssKbJUaGcBLpVHZDZopE0
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:58:27 2025 by rpki-client on console.sobornost.net