Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C867554CDD011EF98B9BB60762E951A.roa
File: 5C867554CDD011EF98B9BB60762E951A.roa (raw, json)
Hash identifier: fMWm6vGidWauY9XuBBN5hMBTSPzwWMx4C32wT6tVPkE=
Subject key identifier: 1E:C6:A3:74:40:B0:12:01:D6:0B:48:D4:50:50:29:BC:B9:08:DC:2C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010204
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C867554CDD011EF98B9BB60762E951A.roa
Signing time: Wed 08 Jan 2025 14:53:46 +0000
ROA not before: Wed 08 Jan 2025 14:53:42 +0000
ROA not after: Sat 03 Jan 2026 14:53:42 +0000
asID: 984
IP address blocks: 45.197.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66052 (0x10204)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:53:42 2025 GMT
Not After : Jan 3 14:53:42 2026 GMT
Subject: CN=677e917a-85a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1c:a4:af:86:7e:c4:95:3f:c1:85:f3:c9:89:
19:f3:bd:cf:eb:17:18:58:92:6a:fc:a0:a0:ab:ab:
86:f4:2c:8b:3e:f1:2e:01:40:a1:01:07:bc:15:7f:
14:43:4b:44:7c:65:65:ca:94:40:3e:43:09:0c:ac:
ec:1e:82:fe:22:35:5f:cb:dd:71:7f:22:48:75:7f:
88:40:6b:6a:1e:96:39:63:67:47:e7:30:63:47:ac:
e0:1a:8c:83:5a:84:02:0c:9d:dc:1c:98:31:c8:59:
d9:fb:11:e8:31:a2:47:c0:4a:8a:6c:ab:2a:49:a2:
22:35:82:5e:01:ae:0e:c1:49:aa:7f:d1:a4:e7:d8:
fc:05:c0:40:c3:78:a4:e0:e9:dc:bc:9f:da:aa:f6:
e1:f3:40:b7:8c:dc:04:a3:36:04:71:a3:e4:5e:53:
2d:aa:b1:ee:58:08:87:92:8b:91:92:0c:88:c2:3a:
e0:ef:0b:21:ef:de:fa:24:f4:39:c5:5d:f8:16:1a:
e0:95:e0:1b:5f:51:6e:cc:e3:8a:df:31:5c:9f:94:
2b:27:24:96:65:35:6c:7b:da:00:3f:43:01:c7:5e:
69:e7:f2:ed:c7:1c:52:ed:bc:31:13:7d:80:71:79:
94:cc:57:fa:d0:81:97:31:38:0f:e5:0a:25:d4:80:
f6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:C6:A3:74:40:B0:12:01:D6:0B:48:D4:50:50:29:BC:B9:08:DC:2C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C867554CDD011EF98B9BB60762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.2.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:c2:67:00:a8:f1:02:74:d6:cd:fa:a8:f7:6b:15:17:c4:8a:
66:b5:01:75:88:d5:b6:e9:2c:31:75:9b:10:15:c9:55:8a:76:
0a:4b:1f:2e:fd:6c:81:58:11:5d:0c:58:b4:23:8b:a2:aa:3e:
f0:5c:2e:d1:e2:89:94:f2:15:52:1f:3b:1f:d8:fb:ae:c6:02:
d3:25:da:da:47:28:52:49:42:05:80:2a:0e:40:b3:1b:28:7a:
a4:04:3b:cc:10:21:ef:91:54:de:c7:27:49:3e:bf:09:47:a4:
f3:3a:9e:6e:56:05:4c:4f:a3:b9:0f:d4:04:76:db:fc:b1:96:
6a:f3:fc:ef:b7:6e:99:3e:a2:2a:90:6a:a1:b6:17:f2:7c:81:
fb:33:d3:65:bf:8b:59:8a:e1:dc:ea:00:ce:90:74:d6:21:bb:
eb:0b:4c:86:77:de:51:5e:c8:3e:06:74:97:ea:ef:b5:c7:4b:
fa:7f:8a:4c:21:6b:5b:b8:08:e2:4c:b3:55:bb:2c:e1:1a:c6:
7f:60:8b:a2:7f:70:4e:4c:d2:8b:ea:13:0e:d6:01:92:ab:58:
16:51:f5:90:93:74:5f:1e:d6:e2:9c:c8:a5:48:86:fb:f5:64:
67:5e:2f:8f:ae:03:54:f6:88:90:23:e0:0c:ad:c8:ad:1d:e2:
42:cd:94:e1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQIEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQ1MzQyWhcNMjYwMTAzMTQ1MzQyWjAYMRYw
FAYDVQQDEw02NzdlOTE3YS04NWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzRykr4Z+xJU/wYXzyYkZ873P6xcYWJJq/KCgq6uG9CyLPvEuAUChAQe8
FX8UQ0tEfGVlypRAPkMJDKzsHoL+IjVfy91xfyJIdX+IQGtqHpY5Y2dH5zBjR6zg
GoyDWoQCDJ3cHJgxyFnZ+xHoMaJHwEqKbKsqSaIiNYJeAa4OwUmqf9Gk59j8BcBA
w3ik4OncvJ/aqvbh80C3jNwEozYEcaPkXlMtqrHuWAiHkouRkgyIwjrg7wsh7976
JPQ5xV34FhrgleAbX1FuzOOK3zFcn5QrJySWZTVse9oAP0MBx15p5/LtxxxS7bwx
E32AcXmUzFf60IGXMTgP5Qol1ID2GwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB7G
o3RAsBIB1gtI1FBQKby5CNwsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81Qzg2NzU1NENERDAxMUVGOThCOUJCNjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcUCMA0GCSqGSIb3DQEBCwUA
A4IBAQCzwmcAqPECdNbN+qj3axUXxIpmtQF1iNW26SwxdZsQFclVinYKSx8u/WyB
WBFdDFi0I4uiqj7wXC7R4omU8hVSHzsf2PuuxgLTJdraRyhSSUIFgCoOQLMbKHqk
BDvMECHvkVTexydJPr8JR6TzOp5uVgVMT6O5D9QEdtv8sZZq8/zvt26ZPqIqkGqh
thfyfIH7M9Nlv4tZiuHc6gDOkHTWIbvrC0yGd95RXsg+BnSX6u+1x0v6f4pMIWtb
uAjiTLNVuyzhGsZ/YIuif3BOTNKL6hMO1gGSq1gWUfWQk3RfHtbinMilSIb79WRn
Xi+PrgNU9oiQI+AMrcitHeJCzZTh
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:10 2025 by rpki-client