Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7BDDBB01F4A11F0B91F94D1DAE4EC9C.roa
File: D7BDDBB01F4A11F0B91F94D1DAE4EC9C.roa (raw, json)
Hash identifier: ybXjmDe9iVH/Z0BSvL1qcfz/rr39GzVRYGMiiSVeH2g=
Subject key identifier: D7:CE:89:DD:45:0E:2B:BD:A3:AA:42:22:24:BF:38:1E:78:E7:15:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014DDE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7BDDBB01F4A11F0B91F94D1DAE4EC9C.roa
Signing time: Tue 22 Apr 2025 07:24:36 +0000
ROA not before: Tue 22 Apr 2025 07:24:31 +0000
ROA not after: Tue 27 May 2025 07:24:31 +0000
asID: 137899
IP address blocks: 45.204.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85470 (0x14dde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 22 07:24:31 2025 GMT
Not After : May 27 07:24:31 2025 GMT
Subject: CN=68074434-6255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e0:ff:60:38:f7:87:c9:14:c7:14:b4:59:c7:
42:3a:d9:2c:67:ac:04:ba:b9:96:e9:66:21:8a:ba:
40:03:a6:17:29:12:5e:82:13:3b:fb:24:f8:c4:27:
47:53:43:34:e7:b2:68:d5:57:3a:58:f2:e3:a8:a5:
d6:94:3a:fe:32:27:b7:76:2b:4a:21:dc:53:46:d0:
3d:ac:b0:b6:80:4b:50:57:1a:02:48:94:1b:94:c4:
4e:3e:fc:9f:1c:0c:c0:ac:65:c4:05:d4:0d:c9:d7:
b0:68:a7:6e:e2:f4:1b:77:be:48:52:92:40:8d:f6:
78:dc:55:64:ce:ae:b4:9d:46:45:38:1f:11:eb:cf:
7d:10:fe:f2:f8:3d:22:12:e3:a2:f7:50:82:a4:5b:
e8:c0:ed:26:04:58:c7:90:1b:6e:ca:1d:99:87:30:
76:97:16:34:73:e3:ab:1c:88:f5:02:d7:09:3c:bf:
5f:e0:c9:da:ca:82:fb:10:f4:3c:e1:a1:62:bd:09:
63:0e:a6:c0:69:b0:78:dc:40:af:49:b5:a9:7d:14:
53:55:3b:6a:8f:a1:a6:a7:ea:85:97:e4:d0:91:26:
82:15:c8:95:04:3c:ca:19:5b:2d:87:77:9b:3f:a7:
ae:43:e8:c5:65:bd:e1:bc:19:54:dd:ea:0f:5b:73:
36:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CE:89:DD:45:0E:2B:BD:A3:AA:42:22:24:BF:38:1E:78:E7:15:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7BDDBB01F4A11F0B91F94D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.32.0/19
Signature Algorithm: sha256WithRSAEncryption
38:8a:03:c7:d1:d2:28:6c:21:44:ab:a9:a9:68:30:57:9a:61:
06:5a:ba:f6:89:5e:a7:13:51:c1:c3:7c:fd:1b:54:eb:ac:28:
48:44:46:78:30:4a:09:05:7b:a3:f7:92:fe:fd:56:5e:af:b4:
99:c6:47:1f:a6:a4:0e:c2:d1:e8:ed:ef:69:3d:10:66:51:9e:
ca:8c:9a:15:ff:84:06:e3:76:1e:24:af:a4:66:13:f6:49:95:
b2:d8:60:80:ec:62:a8:87:70:da:31:d1:4c:2c:fd:3d:27:30:
f7:b7:ad:da:1b:f8:45:58:9a:42:5e:82:99:db:07:8c:2e:b9:
44:34:ce:f7:21:79:41:54:e7:38:a3:03:6c:97:d1:f5:0d:98:
c5:29:45:67:68:bb:25:75:82:71:b3:99:cc:9d:c8:06:76:3c:
2c:c2:22:be:c6:43:4f:ac:ba:9a:d5:98:71:ff:2d:59:b0:3f:
42:7c:60:c6:a6:42:92:81:a9:e1:f8:b8:b6:75:f5:4f:13:9b:
12:89:09:c3:2d:97:e9:17:d4:fc:05:60:f3:57:4f:57:b5:08:
89:c0:5f:89:84:e2:7f:0d:1b:b8:3b:f5:0b:2e:65:f3:ee:04:
20:8b:09:8e:b5:11:28:ac:dd:06:e2:15:1b:8c:c7:fa:71:b3:
3f:95:29:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAU3eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDIyMDcyNDMxWhcNMjUwNTI3MDcyNDMxWjAYMRYw
FAYDVQQDEw02ODA3NDQzNC02MjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqOD/YDj3h8kUxxS0WcdCOtksZ6wEurmW6WYhirpAA6YXKRJeghM7+yT4
xCdHU0M057Jo1Vc6WPLjqKXWlDr+Mie3ditKIdxTRtA9rLC2gEtQVxoCSJQblMRO
PvyfHAzArGXEBdQNydewaKdu4vQbd75IUpJAjfZ43FVkzq60nUZFOB8R6899EP7y
+D0iEuOi91CCpFvowO0mBFjHkBtuyh2ZhzB2lxY0c+OrHIj1AtcJPL9f4MnayoL7
EPQ84aFivQljDqbAabB43ECvSbWpfRRTVTtqj6Gmp+qFl+TQkSaCFciVBDzKGVst
h3ebP6euQ+jFZb3hvBlU3eoPW3M2MQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNfO
id1FDiu9o6pCIiS/OB545xUbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EN0JEREJCMDFGNEExMUYwQjkxRjk0RDFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLcwgMA0GCSqGSIb3DQEBCwUA
A4IBAQA4igPH0dIobCFEq6mpaDBXmmEGWrr2iV6nE1HBw3z9G1TrrChIREZ4MEoJ
BXuj95L+/VZer7SZxkcfpqQOwtHo7e9pPRBmUZ7KjJoV/4QG43YeJK+kZhP2SZWy
2GCA7GKoh3DaMdFMLP09JzD3t63aG/hFWJpCXoKZ2weMLrlENM73IXlBVOc4owNs
l9H1DZjFKUVnaLsldYJxs5nMncgGdjwswiK+xkNPrLqa1Zhx/y1ZsD9CfGDGpkKS
ganh+Li2dfVPE5sSiQnDLZfpF9T8BWDzV09XtQiJwF+JhOJ/DRu4O/ULLmXz7gQg
iwmOtREorN0G4hUbjMf6cbM/lSnK
-----END CERTIFICATE-----
Generated at Fri Apr 25 19:31:16 2025 by rpki-client on console.sobornost.net