Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A237D8C1C4D11F0AB9DF5CADAE4EC9C.roa
File: 4A237D8C1C4D11F0AB9DF5CADAE4EC9C.roa (raw, json)
Hash identifier: V9v9IWBtCqarLavJoZbKnllrGY6pUYLk72CDN9yGd24=
Subject key identifier: 24:C0:AF:F0:B9:EE:C7:D6:35:66:6A:28:D5:50:C7:00:2E:25:F4:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014CC6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A237D8C1C4D11F0AB9DF5CADAE4EC9C.roa
Signing time: Fri 18 Apr 2025 12:04:33 +0000
ROA not before: Fri 18 Apr 2025 12:04:28 +0000
ROA not after: Thu 01 Apr 2027 12:04:28 +0000
asID: 132585
IP address blocks: 45.195.58.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85190 (0x14cc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 18 12:04:28 2025 GMT
Not After : Apr 1 12:04:28 2027 GMT
Subject: CN=68023fd1-984f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b8:db:2e:8e:80:22:dc:b3:52:88:89:ab:a3:
d3:ad:f5:dc:22:c7:39:08:a7:c3:65:0d:78:7a:aa:
d4:cd:cd:da:60:49:3d:cf:93:db:e3:c7:84:18:a9:
f4:4e:6d:b0:84:93:01:1d:37:1d:e9:60:da:f1:92:
32:8a:a2:6b:6f:37:b6:7b:2e:2c:63:12:fb:9d:e8:
82:2a:97:ef:05:78:59:0a:dd:42:ff:00:22:4f:7b:
7e:eb:72:c3:d4:d5:76:93:85:27:d9:76:75:e7:6e:
9a:20:06:6a:91:82:f3:a7:a4:db:81:2d:84:ab:17:
7f:7a:b5:65:79:d9:2e:73:bb:9a:be:ee:96:71:e2:
2e:f8:c0:34:b6:90:48:65:51:94:b5:1f:39:03:07:
e9:cd:71:c0:23:8b:80:c9:f4:f8:40:b2:37:af:d0:
c3:d8:0d:d5:38:c4:71:77:2d:37:5b:f5:e0:95:b6:
f9:50:02:17:da:9c:be:24:cd:17:81:23:57:0d:ea:
07:94:b3:6c:ab:57:34:69:54:dd:51:e0:32:88:e6:
b8:c0:7b:1b:d6:9c:0a:7e:4c:7f:50:14:98:5b:e8:
43:5e:8f:17:b0:e4:99:a3:e7:59:dc:38:d6:b2:dc:
1d:1e:91:6d:46:56:c3:5e:ea:4b:d3:81:2e:68:26:
a2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:C0:AF:F0:B9:EE:C7:D6:35:66:6A:28:D5:50:C7:00:2E:25:F4:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A237D8C1C4D11F0AB9DF5CADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.58.0/23
Signature Algorithm: sha256WithRSAEncryption
40:88:1f:06:ea:cd:f5:ee:40:d5:a3:fc:85:11:a2:cd:77:18:
18:51:90:28:09:05:99:fe:ed:90:11:ec:b2:1e:a4:eb:84:61:
78:0a:cc:e2:82:28:30:ae:75:5c:3a:9f:3d:93:9b:9b:af:e2:
97:74:a2:71:41:f7:a3:00:04:aa:3d:ac:40:2a:37:97:8f:ac:
52:60:e4:5b:4a:df:4f:4f:c7:d1:db:27:d5:ed:77:1e:01:14:
fb:a1:ea:24:46:58:96:8b:ab:8d:c6:aa:97:18:5c:2f:fb:a2:
bd:82:d2:cd:2e:71:2a:3a:5d:e2:db:bf:bd:83:11:ed:1c:89:
f4:22:98:51:af:93:59:19:91:bd:0f:d5:c1:46:73:58:b7:84:
d7:c3:11:53:de:9a:de:15:04:f3:83:2d:3a:81:0b:a4:4c:4f:
6f:f9:f8:8b:31:ca:94:09:f7:9d:35:fc:7b:03:83:f6:fd:23:
3b:6b:f4:04:94:22:42:a6:7f:d0:cd:e4:a1:36:c3:60:fa:9e:
61:47:a5:9f:81:73:e0:a9:fb:57:7d:15:06:7e:aa:4b:5a:98:
19:6b:37:69:41:c3:21:11:91:5d:61:96:57:db:37:a2:6b:d0:
10:de:26:9c:e7:a1:5b:ab:08:c1:d3:33:1e:79:7e:61:51:8d:
fe:a7:45:2f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUzGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE4MTIwNDI4WhcNMjcwNDAxMTIwNDI4WjAYMRYw
FAYDVQQDEw02ODAyM2ZkMS05ODRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsLjbLo6AItyzUoiJq6PTrfXcIsc5CKfDZQ14eqrUzc3aYEk9z5Pb48eE
GKn0Tm2whJMBHTcd6WDa8ZIyiqJrbze2ey4sYxL7neiCKpfvBXhZCt1C/wAiT3t+
63LD1NV2k4Un2XZ1526aIAZqkYLzp6TbgS2Eqxd/erVledkuc7uavu6WceIu+MA0
tpBIZVGUtR85AwfpzXHAI4uAyfT4QLI3r9DD2A3VOMRxdy03W/Xglbb5UAIX2py+
JM0XgSNXDeoHlLNsq1c0aVTdUeAyiOa4wHsb1pwKfkx/UBSYW+hDXo8XsOSZo+dZ
3DjWstwdHpFtRlbDXupL04EuaCai1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCTA
r/C57sfWNWZqKNVQxwAuJfR0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QTIzN0Q4QzFDNEQxMUYwQUI5REY1Q0FEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcM6MA0GCSqGSIb3DQEBCwUA
A4IBAQBAiB8G6s317kDVo/yFEaLNdxgYUZAoCQWZ/u2QEeyyHqTrhGF4Cszigigw
rnVcOp89k5ubr+KXdKJxQfejAASqPaxAKjeXj6xSYORbSt9PT8fR2yfV7XceART7
oeokRliWi6uNxqqXGFwv+6K9gtLNLnEqOl3i27+9gxHtHIn0IphRr5NZGZG9D9XB
RnNYt4TXwxFT3preFQTzgy06gQukTE9v+fiLMcqUCfedNfx7A4P2/SM7a/QElCJC
pn/QzeShNsNg+p5hR6WfgXPgqftXfRUGfqpLWpgZazdpQcMhEZFdYZZX2zeia9AQ
3iac56FbqwjB0zMeeX5hUY3+p0Uv
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:05:53 2025 by rpki-client on console.sobornost.net