Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A76D33E28B511F09DAF87D7DAE4EC9C.roa
File: 7A76D33E28B511F09DAF87D7DAE4EC9C.roa (raw, json)
Hash identifier: x/2lOoAcILgY5PIeANnPlexkjyqmz97t6nFzvdgtabY=
Subject key identifier: 36:D4:8F:64:B5:B6:73:B3:22:E8:7F:46:3C:61:07:F6:FB:95:13:A4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0151BA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A76D33E28B511F09DAF87D7DAE4EC9C.roa
Signing time: Sun 04 May 2025 07:00:36 +0000
ROA not before: Sun 04 May 2025 07:00:32 +0000
ROA not after: Mon 09 Jun 2025 07:00:32 +0000
asID: 23470
IP address blocks: 45.202.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86458 (0x151ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 4 07:00:32 2025 GMT
Not After : Jun 9 07:00:32 2025 GMT
Subject: CN=68171094-1238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:71:e8:d6:9f:10:69:a0:4e:51:05:1b:93:1f:
a2:d6:3f:5f:3c:ac:fb:b0:1a:93:1c:f6:b0:de:29:
fe:76:06:09:e0:79:0d:0f:8a:b8:36:b4:c2:fc:b5:
b7:2b:e3:9b:f4:c4:67:8e:18:bc:7c:30:54:14:85:
64:26:e9:27:12:c6:a0:cb:f4:13:7f:4d:04:19:59:
d4:d6:ca:e5:67:d4:3c:ba:e3:83:1d:0a:19:a7:f7:
2c:0b:58:26:e2:cc:78:d0:ca:fe:17:61:b1:b7:87:
e7:a5:8f:ae:7c:57:01:08:ba:5a:7e:f6:89:40:46:
89:0a:39:08:13:0e:87:d9:5d:52:98:4e:1e:93:be:
ad:46:6c:ce:f0:5f:51:17:21:b3:50:3a:2c:f0:76:
c1:05:7b:ee:28:76:f3:97:d7:ce:48:8b:0b:9a:67:
e9:51:90:96:b8:a2:49:28:fc:14:78:24:03:a2:a3:
c3:b4:77:20:ff:28:b1:db:6d:44:7f:09:8d:7a:af:
67:a0:b3:24:f6:e1:f8:68:a8:0c:89:c7:01:00:c2:
81:4f:bb:6d:b0:94:be:13:7e:c6:5d:08:43:60:eb:
a6:ab:d7:d7:e9:07:9a:cf:18:b0:b8:37:50:75:1a:
e8:75:fa:03:16:7a:29:12:bb:b4:bf:f1:81:83:24:
50:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D4:8F:64:B5:B6:73:B3:22:E8:7F:46:3C:61:07:F6:FB:95:13:A4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A76D33E28B511F09DAF87D7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.107.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:6a:6a:47:18:ec:cc:81:1c:2d:af:6f:23:80:01:cc:91:3a:
27:35:b6:97:e2:31:1d:62:fd:2d:8b:91:97:ba:17:f8:34:1c:
a0:7b:c8:76:a5:b2:e8:48:2b:c2:9b:90:29:2e:78:99:dc:54:
6e:0c:e6:58:e2:f7:3a:f1:dc:1a:8e:59:c9:cb:e5:40:de:c5:
c5:19:a5:67:2d:7f:e1:48:17:7e:0a:2c:82:71:a4:22:e6:70:
99:1f:fe:b2:f0:a1:f4:ca:f9:8c:2e:ec:fa:9a:97:0a:7c:67:
a4:07:e7:92:6a:28:c9:35:c3:3f:44:d2:7b:c1:f5:1f:e8:f5:
14:52:1b:bb:ab:89:74:a1:0d:98:14:70:28:ab:d1:e7:36:71:
b3:d1:82:4a:2c:86:af:f9:3a:04:15:88:a0:84:18:d8:b9:97:
54:0d:25:4b:b3:1b:c3:35:e1:fc:ca:c3:7d:8a:35:7f:24:89:
9f:96:ae:bb:da:0d:e4:9b:7f:45:88:b7:08:b6:e4:d7:98:e0:
51:6c:61:58:77:ec:0a:d6:35:7a:a5:54:27:9f:71:1b:26:f6:
11:0a:e0:52:6c:60:20:de:70:cd:15:1b:92:af:54:06:16:a0:
2a:db:ae:3f:c0:89:38:7a:6d:f6:47:d3:08:5d:67:8e:7b:58:
89:ab:51:d7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVG6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA0MDcwMDMyWhcNMjUwNjA5MDcwMDMyWjAYMRYw
FAYDVQQDEw02ODE3MTA5NC0xMjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7XHo1p8QaaBOUQUbkx+i1j9fPKz7sBqTHPaw3in+dgYJ4HkND4q4NrTC
/LW3K+Ob9MRnjhi8fDBUFIVkJuknEsagy/QTf00EGVnU1srlZ9Q8uuODHQoZp/cs
C1gm4sx40Mr+F2Gxt4fnpY+ufFcBCLpafvaJQEaJCjkIEw6H2V1SmE4ek76tRmzO
8F9RFyGzUDos8HbBBXvuKHbzl9fOSIsLmmfpUZCWuKJJKPwUeCQDoqPDtHcg/yix
221EfwmNeq9noLMk9uH4aKgMiccBAMKBT7ttsJS+E37GXQhDYOumq9fX6Qeazxiw
uDdQdRrodfoDFnopEru0v/GBgyRQ7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDbU
j2S1tnOzIuh/RjxhB/b7lROkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QTc2RDMzRTI4QjUxMUYwOURBRjg3RDdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcprMA0GCSqGSIb3DQEBCwUA
A4IBAQCzampHGOzMgRwtr28jgAHMkTonNbaX4jEdYv0ti5GXuhf4NByge8h2pbLo
SCvCm5ApLniZ3FRuDOZY4vc68dwajlnJy+VA3sXFGaVnLX/hSBd+CiyCcaQi5nCZ
H/6y8KH0yvmMLuz6mpcKfGekB+eSaijJNcM/RNJ7wfUf6PUUUhu7q4l0oQ2YFHAo
q9HnNnGz0YJKLIav+ToEFYighBjYuZdUDSVLsxvDNeH8ysN9ijV/JImflq672g3k
m39FiLcItuTXmOBRbGFYd+wK1jV6pVQnn3EbJvYRCuBSbGAg3nDNFRuSr1QGFqAq
264/wIk4em32R9MIXWeOe1iJq1HX
-----END CERTIFICATE-----
Generated at Sun May 11 01:11:10 2025 by rpki-client