Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C8AD4EC190811F0A7BBCD1C6EB8BCC6.roa
File: 8C8AD4EC190811F0A7BBCD1C6EB8BCC6.roa (raw, json)
Hash identifier: aVWfoZtEHFpAXszK1gNw1Iofe+H+M+/JnJ3/texWm6E=
Subject key identifier: 9A:49:21:A7:9A:E9:EA:65:7B:23:DB:1E:EC:DC:05:B3:AC:D0:AD:6D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014C14
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C8AD4EC190811F0A7BBCD1C6EB8BCC6.roa
Signing time: Mon 14 Apr 2025 08:14:56 +0000
ROA not before: Mon 14 Apr 2025 08:14:52 +0000
ROA not after: Mon 19 May 2025 08:14:52 +0000
asID: 136501
IP address blocks: 45.207.128.0/20 maxlen: 24
45.207.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85012 (0x14c14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 14 08:14:52 2025 GMT
Not After : May 19 08:14:52 2025 GMT
Subject: CN=67fcc400-d9e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:93:24:82:98:02:04:51:14:c9:b3:df:00:f4:
ac:9f:73:64:3a:58:c8:4f:3b:cf:2a:fc:e8:82:f2:
c2:1a:95:cf:e2:c1:07:1c:1f:80:30:68:f3:1f:74:
f5:4d:e1:ab:cc:5c:53:69:02:25:0d:de:94:97:b8:
97:43:a2:f4:f0:de:0c:d0:35:a4:1c:86:4c:ed:f1:
db:9b:51:c9:7f:ca:56:2d:40:36:12:90:10:b4:7d:
25:54:52:40:e3:88:f4:13:56:8c:5d:55:e3:d4:94:
0f:09:9f:09:44:de:7c:10:dd:aa:71:73:c8:92:15:
e7:ea:80:0e:e5:eb:ca:c6:40:13:e5:22:87:60:3e:
47:1c:1a:8f:85:ce:f1:43:5d:7c:36:20:90:f5:ab:
25:46:47:b3:3d:47:a1:90:f5:70:24:ea:0a:e0:91:
d9:7e:3a:f7:c2:ae:12:87:fd:4b:57:10:18:c7:66:
e9:7d:49:ac:28:78:20:5e:e0:81:f6:ef:7e:ea:d5:
14:44:83:78:47:be:6b:aa:e9:57:b7:9a:00:7d:9e:
3d:59:02:5d:4a:de:76:b5:bf:e7:4f:89:58:2d:06:
c6:bf:f6:51:23:28:29:6f:af:11:a8:7d:7b:ff:50:
c4:fe:fd:90:1b:2c:bc:03:c6:6d:fa:76:8e:9b:6e:
a1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:49:21:A7:9A:E9:EA:65:7B:23:DB:1E:EC:DC:05:B3:AC:D0:AD:6D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C8AD4EC190811F0A7BBCD1C6EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.128.0-45.207.147.255
Signature Algorithm: sha256WithRSAEncryption
9a:5e:65:69:7f:3c:6c:94:01:da:ca:aa:89:0b:c2:b2:d2:b0:
56:5d:dd:97:e6:81:43:98:14:b9:74:e4:ec:1e:5d:c2:d8:31:
5a:8a:bf:91:41:f9:e0:4e:42:93:33:ff:87:49:b4:d6:80:14:
51:53:c4:9a:7b:15:01:ca:8b:bc:41:43:80:12:1c:08:f7:64:
2e:54:7a:10:2c:48:b7:29:aa:4a:a5:77:f0:22:54:7d:8a:ad:
c0:b2:81:91:73:08:49:1d:c4:06:c4:95:fc:6b:54:9d:ad:26:
30:b3:e5:cd:48:da:a7:4f:ae:af:46:69:89:d8:3a:a2:5b:be:
b6:10:74:7b:c7:0c:1f:2f:c5:2d:99:f0:4e:b8:7e:80:25:12:
da:a2:35:96:ca:ec:18:29:80:de:c7:e4:99:71:ba:5b:0a:47:
36:fd:10:f2:fa:e1:46:2f:cd:b9:a7:8d:2c:17:16:0e:7d:bc:
b1:c3:43:34:7a:38:71:ce:5f:b4:92:d0:0c:7d:ad:cd:78:2e:
3b:78:df:b6:0c:e3:cd:9e:7c:4d:2f:f4:e0:55:85:e2:0a:d9:
a9:e6:a8:9c:55:5c:e6:a1:f5:00:d5:2f:f4:84:fc:78:53:16:
bf:ea:f7:6f:4e:29:9e:72:54:26:c5:80:36:85:b7:d2:d1:44:
3b:81:2c:d5
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUwUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE0MDgxNDUyWhcNMjUwNTE5MDgxNDUyWjAYMRYw
FAYDVQQDEw02N2ZjYzQwMC1kOWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0pMkgpgCBFEUybPfAPSsn3NkOljITzvPKvzogvLCGpXP4sEHHB+AMGjz
H3T1TeGrzFxTaQIlDd6Ul7iXQ6L08N4M0DWkHIZM7fHbm1HJf8pWLUA2EpAQtH0l
VFJA44j0E1aMXVXj1JQPCZ8JRN58EN2qcXPIkhXn6oAO5evKxkAT5SKHYD5HHBqP
hc7xQ118NiCQ9aslRkezPUehkPVwJOoK4JHZfjr3wq4Sh/1LVxAYx2bpfUmsKHgg
XuCB9u9+6tUURIN4R75rqulXt5oAfZ49WQJdSt52tb/nT4lYLQbGv/ZRIygpb68R
qH17/1DE/v2QGyy8A8Zt+naOm26hYQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJpJ
Iaea6epleyPbHuzcBbOs0K1tMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QzhBRDRFQzE5MDgxMUYwQTdCQkNEMUM2RUI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBActz4ADBAItz5AwDQYJKoZI
hvcNAQELBQADggEBAJpeZWl/PGyUAdrKqokLwrLSsFZd3ZfmgUOYFLl05OweXcLY
MVqKv5FB+eBOQpMz/4dJtNaAFFFTxJp7FQHKi7xBQ4ASHAj3ZC5UehAsSLcpqkql
d/AiVH2KrcCygZFzCEkdxAbElfxrVJ2tJjCz5c1I2qdPrq9GaYnYOqJbvrYQdHvH
DB8vxS2Z8E64foAlEtqiNZbK7BgpgN7H5JlxulsKRzb9EPL64UYvzbmnjSwXFg59
vLHDQzR6OHHOX7SS0Ax9rc14Ljt437YM482efE0v9OBVheIK2anmqJxVXOah9QDV
L/SE/HhTFr/q929OKZ5yVCbFgDaFt9LRRDuBLNU=
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:06:37 2025 by rpki-client on console.sobornost.net