Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/164ED130CDD011EFB2E2C65E762E951A.roa
File: 164ED130CDD011EFB2E2C65E762E951A.roa (raw, json)
Hash identifier: 1v7YuQ9m65fCZMCbKb20WBLBMoepT710+Ll/JD+bqkc=
Subject key identifier: 2E:18:1B:F0:DF:84:3E:59:DA:EC:A7:EF:16:C2:CC:60:C0:7A:72:57
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010202
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/164ED130CDD011EFB2E2C65E762E951A.roa
Signing time: Wed 08 Jan 2025 14:51:48 +0000
ROA not before: Wed 08 Jan 2025 14:51:45 +0000
ROA not after: Sat 03 Jan 2026 14:51:45 +0000
asID: 984
IP address blocks: 45.197.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66050 (0x10202)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:51:45 2025 GMT
Not After : Jan 3 14:51:45 2026 GMT
Subject: CN=677e9104-4517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c9:61:f9:71:1d:b2:ad:89:bd:83:61:d7:be:
6c:3d:c3:a5:0b:fe:b0:c1:10:57:c3:4e:5d:06:a9:
c0:bc:5d:70:0f:13:23:b7:e3:4e:38:4d:b6:ae:ba:
bf:69:eb:74:e8:91:80:d2:76:6e:8e:49:70:78:c5:
c8:2d:06:cd:d9:fa:2c:20:4b:cb:e9:32:9f:4f:a3:
b1:6f:b7:f0:61:ab:1d:ce:00:b3:9a:8e:97:82:c8:
7e:ce:6b:1d:82:d9:c1:db:f7:a9:0c:95:72:41:c7:
06:8e:1c:8e:fd:4b:10:28:c1:92:51:5d:ea:0d:1e:
eb:5e:ca:60:74:3c:5c:86:d9:f4:c5:71:33:0f:45:
47:de:8a:24:23:af:19:59:54:9c:4f:41:dc:bb:0c:
03:ce:19:dc:9f:8f:2c:a2:5e:09:66:c6:f6:f9:22:
a6:c6:32:4e:f7:6e:05:b4:10:55:a3:d9:0f:85:f7:
9f:ac:45:0c:ae:91:14:9a:3a:8c:20:7e:e2:20:5f:
84:46:13:60:6e:0b:16:aa:6e:b7:f3:23:d5:c6:ff:
78:91:51:96:e6:31:e9:6d:51:0f:14:bd:56:b4:a6:
81:fc:3c:89:c5:8e:94:27:b5:8c:61:eb:f2:23:51:
bf:12:f0:d4:b8:5f:9f:80:af:de:c7:50:ac:01:cf:
e8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:18:1B:F0:DF:84:3E:59:DA:EC:A7:EF:16:C2:CC:60:C0:7A:72:57
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/164ED130CDD011EFB2E2C65E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.1.0/24
Signature Algorithm: sha256WithRSAEncryption
77:4d:e7:f5:de:ea:79:08:db:88:c4:48:d1:91:a7:12:de:c5:
e8:19:5f:71:25:5b:33:34:d9:f6:20:8f:82:70:95:70:c8:52:
8d:d7:73:8f:dc:1f:fd:6a:f7:99:38:c5:85:13:6f:92:d5:75:
d1:1d:ac:66:04:3f:49:5c:e1:7e:65:a3:63:41:0e:76:1d:ae:
fd:73:f0:d1:74:f6:f9:27:9d:a2:4b:d5:bd:eb:66:88:0c:d9:
f6:0f:d4:10:7d:bf:fc:80:a6:83:12:0b:1e:ea:a2:43:1b:09:
45:90:1a:bc:46:da:43:98:a9:27:53:fd:69:b2:bb:2b:fe:94:
75:50:1a:fa:f5:d1:ed:33:93:d7:27:d0:ae:9e:a4:d6:08:72:
3a:59:2d:a8:2d:a6:77:f6:ee:ab:5e:98:8f:11:a2:66:7a:f8:
2f:da:2a:a1:0f:60:30:3f:d1:48:b0:c2:10:25:48:0f:cc:8e:
d3:3f:e2:07:20:ad:cc:21:fa:a5:ec:35:af:82:74:b3:0a:a9:
25:7c:c6:96:06:cc:e6:5d:99:6f:e2:a7:29:36:37:d2:b8:99:
da:db:b3:2f:05:4d:c2:e9:42:00:52:eb:91:64:c8:67:75:69:
c3:d8:d2:19:e4:1e:37:a7:99:04:ca:24:bb:ed:87:01:65:d1:
3f:74:c8:2d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQICMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQ1MTQ1WhcNMjYwMTAzMTQ1MTQ1WjAYMRYw
FAYDVQQDEw02NzdlOTEwNC00NTE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtslh+XEdsq2JvYNh175sPcOlC/6wwRBXw05dBqnAvF1wDxMjt+NOOE22
rrq/aet06JGA0nZujklweMXILQbN2fosIEvL6TKfT6Oxb7fwYasdzgCzmo6Xgsh+
zmsdgtnB2/epDJVyQccGjhyO/UsQKMGSUV3qDR7rXspgdDxchtn0xXEzD0VH3ook
I68ZWVScT0HcuwwDzhncn48sol4JZsb2+SKmxjJO924FtBBVo9kPhfefrEUMrpEU
mjqMIH7iIF+ERhNgbgsWqm638yPVxv94kVGW5jHpbVEPFL1WtKaB/DyJxY6UJ7WM
YevyI1G/EvDUuF+fgK/ex1CsAc/odQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC4Y
G/DfhD5Z2uyn7xbCzGDAenJXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNjRFRDEzMENERDAxMUVGQjJFMkM2NUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcUBMA0GCSqGSIb3DQEBCwUA
A4IBAQB3Tef13up5CNuIxEjRkacS3sXoGV9xJVszNNn2II+CcJVwyFKN13OP3B/9
aveZOMWFE2+S1XXRHaxmBD9JXOF+ZaNjQQ52Ha79c/DRdPb5J52iS9W962aIDNn2
D9QQfb/8gKaDEgse6qJDGwlFkBq8RtpDmKknU/1psrsr/pR1UBr69dHtM5PXJ9Cu
nqTWCHI6WS2oLaZ39u6rXpiPEaJmevgv2iqhD2AwP9FIsMIQJUgPzI7TP+IHIK3M
Ifql7DWvgnSzCqklfMaWBszmXZlv4qcpNjfSuJna27MvBU3C6UIAUuuRZMhndWnD
2NIZ5B43p5kEyiS77YcBZdE/dMgt
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:40 2025 by rpki-client