Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0CEE23C138811F0826FB64E762E951A.roa
File: C0CEE23C138811F0826FB64E762E951A.roa (raw, json)
Hash identifier: Y+vQZTHcQUtEvmYN4zUNN/XwoimkBGOisop2RDpmHro=
Subject key identifier: BD:5A:70:F7:63:E9:8D:D8:7A:C2:CC:42:1C:AE:6E:AC:4C:66:FA:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014A5C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0CEE23C138811F0826FB64E762E951A.roa
Signing time: Mon 07 Apr 2025 08:17:32 +0000
ROA not before: Mon 07 Apr 2025 08:17:28 +0000
ROA not after: Sat 10 May 2025 08:17:28 +0000
asID: 20473
IP address blocks: 45.196.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84572 (0x14a5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 7 08:17:28 2025 GMT
Not After : May 10 08:17:28 2025 GMT
Subject: CN=67f38a1c-e90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b7:97:ea:f5:a1:21:9c:89:79:4e:f1:b8:d2:
d2:3a:38:96:52:1b:e9:31:24:91:a1:63:0d:3d:d9:
e4:c5:f9:78:98:88:30:bc:25:3b:46:f4:f9:1c:02:
30:a9:9a:7d:d0:ba:11:4c:d1:dd:50:44:03:b0:b3:
d2:05:e1:92:75:8f:20:8f:e5:84:15:2c:9a:43:dc:
a1:74:e7:12:a5:ef:7e:15:b6:ea:fc:6a:62:ad:79:
6f:77:d7:2c:c7:40:bf:7c:a4:50:16:e3:8f:37:ce:
4f:ff:61:9d:99:b4:df:97:fd:17:58:fe:a1:f7:ed:
76:40:e6:ea:67:0f:5e:2d:46:11:1f:7e:8c:58:06:
ae:0f:68:61:15:c6:b5:3b:9b:20:d4:8a:1c:63:de:
fe:ae:f6:a0:3f:f0:0f:30:8a:28:e1:46:0c:cf:14:
54:a9:78:94:5e:d3:15:93:d9:24:fd:97:71:f1:22:
d2:ba:4b:d3:43:56:85:de:f5:50:a6:c4:13:46:82:
87:cf:4c:42:3c:a7:8e:97:86:2a:6b:a6:c9:e1:0b:
2c:5d:ed:8a:a3:5a:1f:88:46:e9:d3:50:b2:0e:51:
e8:14:18:bd:88:1f:06:a8:9d:16:08:60:86:04:c3:
f2:af:23:ec:67:85:90:29:e2:72:ff:88:a6:f4:b0:
c3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:5A:70:F7:63:E9:8D:D8:7A:C2:CC:42:1C:AE:6E:AC:4C:66:FA:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0CEE23C138811F0826FB64E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.200.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:38:05:ee:f0:8f:39:3f:9d:d6:16:bc:0f:70:b1:db:11:c9:
9b:62:f5:2e:1c:39:00:54:93:aa:b0:bf:fe:d0:f8:04:26:6a:
cf:27:8b:5e:2a:71:f4:ed:f7:fe:b1:85:0d:fe:2a:bc:89:e6:
44:01:09:78:7f:e5:5d:47:9f:29:9b:29:6a:ec:95:0c:ae:7a:
81:d4:84:17:80:a5:34:44:b6:2a:dc:f8:67:49:d2:70:fe:a0:
c9:6b:27:5e:15:be:d8:f5:03:eb:6f:68:35:78:f3:c7:ba:ee:
cd:a3:38:79:8c:c1:22:0a:bf:34:5d:10:48:5b:eb:9f:18:17:
f5:ca:77:bc:a5:cf:3c:e8:4b:73:c1:ae:0e:14:7c:ae:a4:42:
67:70:eb:2b:8a:81:57:d7:d2:18:40:aa:e6:b9:25:22:50:b9:
1d:9d:2a:4d:ee:f8:d6:7a:64:b3:af:25:9f:c2:fc:cd:43:8e:
d9:0d:ff:bd:97:24:c8:46:b7:a9:74:39:60:ad:d3:97:d7:da:
24:1e:bd:2e:ab:96:8e:ef:70:73:ef:06:0f:bf:b8:f1:d1:8d:
d7:0d:3b:33:54:88:09:c9:b5:38:17:c4:82:88:94:aa:c3:0a:
c5:02:6a:9c:a2:e2:62:21:02:05:0c:4d:8b:25:d7:b8:e4:34:
85:f7:8c:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUpcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA3MDgxNzI4WhcNMjUwNTEwMDgxNzI4WjAYMRYw
FAYDVQQDEw02N2YzOGExYy1lOTBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw7eX6vWhIZyJeU7xuNLSOjiWUhvpMSSRoWMNPdnkxfl4mIgwvCU7RvT5
HAIwqZp90LoRTNHdUEQDsLPSBeGSdY8gj+WEFSyaQ9yhdOcSpe9+Fbbq/GpirXlv
d9csx0C/fKRQFuOPN85P/2GdmbTfl/0XWP6h9+12QObqZw9eLUYRH36MWAauD2hh
Fca1O5sg1IocY97+rvagP/APMIoo4UYMzxRUqXiUXtMVk9kk/Zdx8SLSukvTQ1aF
3vVQpsQTRoKHz0xCPKeOl4Yqa6bJ4QssXe2Ko1ofiEbp01CyDlHoFBi9iB8GqJ0W
CGCGBMPyryPsZ4WQKeJy/4im9LDDqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL1a
cPdj6Y3YesLMQhyubqxMZvoMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMENFRTIzQzEzODgxMUYwODI2RkI2NEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTIMA0GCSqGSIb3DQEBCwUA
A4IBAQAKOAXu8I85P53WFrwPcLHbEcmbYvUuHDkAVJOqsL/+0PgEJmrPJ4teKnH0
7ff+sYUN/iq8ieZEAQl4f+VdR58pmylq7JUMrnqB1IQXgKU0RLYq3PhnSdJw/qDJ
aydeFb7Y9QPrb2g1ePPHuu7Nozh5jMEiCr80XRBIW+ufGBf1yne8pc886Etzwa4O
FHyupEJncOsrioFX19IYQKrmuSUiULkdnSpN7vjWemSzryWfwvzNQ47ZDf+9lyTI
RrepdDlgrdOX19okHr0uq5aO73Bz7wYPv7jx0Y3XDTszVIgJybU4F8SCiJSqwwrF
AmqcouJiIQIFDE2LJde45DSF94wa
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:07:14 2025 by rpki-client on console.sobornost.net