Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F46B5CACADC11EFA4268D8A762E951A.roa
File: 0F46B5CACADC11EFA4268D8A762E951A.roa (raw, json)
Hash identifier: UhJPuq01JR83DpqKq4kt9N53BGRhjSyx8y7hSwVHxVM=
Subject key identifier: E5:18:D9:AF:84:8E:C2:1D:4F:9E:89:32:F9:2B:3F:06:1B:D4:3F:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F79E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F46B5CACADC11EFA4268D8A762E951A.roa
Signing time: Sat 04 Jan 2025 20:39:57 +0000
ROA not before: Sun 05 Jan 2025 20:39:53 +0000
ROA not after: Sat 08 Feb 2025 20:39:53 +0000
asID: 395793
IP address blocks: 45.201.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63390 (0xf79e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 20:39:53 2025 GMT
Not After : Feb 8 20:39:53 2025 GMT
Subject: CN=67799c9d-a114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9e:bc:19:95:fe:20:0d:f2:43:77:b3:f0:68:
1b:cb:e3:c8:29:a6:90:80:dd:cf:40:86:5f:d8:62:
44:e7:0b:ce:cd:83:b3:aa:54:5e:74:99:6b:6c:59:
da:13:2e:03:89:e6:aa:46:be:46:98:9f:1f:9f:00:
e2:61:1f:f1:93:02:fe:af:c6:dd:22:0d:55:9b:d2:
70:6d:d0:99:f8:b8:b6:14:aa:d7:60:91:59:30:16:
67:43:63:5c:63:5b:8a:73:81:75:e1:7f:41:4f:aa:
6b:0f:52:0c:81:e8:66:d4:e4:69:50:28:58:7a:fd:
c7:02:34:08:4b:ca:b5:17:94:4c:81:11:c3:87:b7:
39:6f:da:76:88:6b:0f:b0:7b:75:62:81:62:29:21:
f1:aa:eb:a2:b6:99:ee:13:4b:81:e7:d5:88:eb:fd:
97:fa:27:ba:72:93:cb:20:07:a7:91:a8:a9:a5:d1:
e5:8f:fc:e1:b5:da:06:71:c8:fc:f7:5a:9d:6c:2f:
f4:33:eb:56:61:1f:0e:d5:65:01:be:87:ca:ae:24:
43:de:cf:af:26:1a:5c:01:67:54:0b:3b:ec:4a:dc:
b4:2b:8a:16:2c:7d:f6:6c:50:db:13:b6:7e:8a:60:
92:7d:6c:5e:c4:2d:af:b6:8a:0d:d2:08:73:ea:da:
ec:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:18:D9:AF:84:8E:C2:1D:4F:9E:89:32:F9:2B:3F:06:1B:D4:3F:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F46B5CACADC11EFA4268D8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.29.0/24
Signature Algorithm: sha256WithRSAEncryption
20:a2:d9:f0:46:00:5c:e9:35:53:67:a3:f6:30:b5:fc:56:b3:
d8:ac:30:4f:cd:cd:15:00:7e:7b:4a:61:b1:1c:73:05:87:f7:
ae:41:b1:30:e7:13:cb:cb:8c:02:49:bf:4a:a0:cf:de:8c:10:
1f:a2:51:f4:c2:c6:ad:2e:ea:92:f4:70:a2:85:2d:38:7f:43:
e8:de:25:70:88:eb:8c:97:24:d4:24:6d:5c:4d:d0:ea:17:ec:
2d:1b:d2:bc:c5:40:b0:3e:f9:2f:75:7c:37:3f:89:82:d0:76:
de:af:a4:6a:fc:56:38:c5:de:cc:d2:2d:85:4a:b1:84:5c:6e:
7c:bc:74:67:03:32:d1:a3:bd:6b:ae:ba:8f:7c:9f:01:75:bd:
79:a3:e9:8c:21:d4:17:65:50:cd:34:8b:1a:66:21:a0:45:56:
c1:51:ab:37:e5:e4:79:df:d4:1b:3f:92:8c:4e:32:b7:c9:6d:
e7:6c:81:0a:7e:75:1e:56:41:40:a4:47:b2:98:f3:bb:9f:eb:
2c:92:a1:9f:f9:f3:0f:45:09:0a:09:a7:27:1b:5b:63:25:67:
10:67:30:ad:9f:9c:69:68:55:b8:d1:6e:75:f9:12:84:bc:a8:
52:9f:da:48:49:25:77:91:2c:10:6b:5b:ed:54:06:a9:c0:f5:
d6:90:b4:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjAzOTUzWhcNMjUwMjA4MjAzOTUzWjAYMRYw
FAYDVQQDEw02Nzc5OWM5ZC1hMTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArZ68GZX+IA3yQ3ez8Ggby+PIKaaQgN3PQIZf2GJE5wvOzYOzqlRedJlr
bFnaEy4DieaqRr5GmJ8fnwDiYR/xkwL+r8bdIg1Vm9JwbdCZ+Li2FKrXYJFZMBZn
Q2NcY1uKc4F14X9BT6prD1IMgehm1ORpUChYev3HAjQIS8q1F5RMgRHDh7c5b9p2
iGsPsHt1YoFiKSHxquuitpnuE0uB59WI6/2X+ie6cpPLIAenkaippdHlj/zhtdoG
ccj891qdbC/0M+tWYR8O1WUBvofKriRD3s+vJhpcAWdUCzvsSty0K4oWLH32bFDb
E7Z+imCSfWxexC2vtooN0ghz6trsKwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOUY
2a+EjsIdT56JMvkrPwYb1D8bMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjQ2QjVDQUNBREMxMUVGQTQyNjhEOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALckdMA0GCSqGSIb3DQEBCwUA
A4IBAQAgotnwRgBc6TVTZ6P2MLX8VrPYrDBPzc0VAH57SmGxHHMFh/euQbEw5xPL
y4wCSb9KoM/ejBAfolH0wsatLuqS9HCihS04f0Po3iVwiOuMlyTUJG1cTdDqF+wt
G9K8xUCwPvkvdXw3P4mC0Hber6Rq/FY4xd7M0i2FSrGEXG58vHRnAzLRo71rrrqP
fJ8Bdb15o+mMIdQXZVDNNIsaZiGgRVbBUas35eR539QbP5KMTjK3yW3nbIEKfnUe
VkFApEeymPO7n+sskqGf+fMPRQkKCacnG1tjJWcQZzCtn5xpaFW40W51+RKEvKhS
n9pISSV3kSwQa1vtVAapwPXWkLTc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:50 2025 by rpki-client