Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65E204F8CEEB11EFA4D4D061762E951A.roa
File: 65E204F8CEEB11EFA4D4D061762E951A.roa (raw, json)
Hash identifier: iH7tidioGW9ST+9ZsnxOCj+GfzaghZlD0cNqsHrJ8IU=
Subject key identifier: 72:34:49:C6:4E:29:11:F4:53:15:84:FD:5D:B4:05:22:E6:AC:F9:94
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010460
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65E204F8CEEB11EFA4D4D061762E951A.roa
Signing time: Fri 10 Jan 2025 00:39:49 +0000
ROA not before: Fri 10 Jan 2025 00:00:46 +0000
ROA not after: Thu 13 Feb 2025 00:00:46 +0000
asID: 14618
IP address blocks: 45.197.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66656 (0x10460)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 00:00:46 2025 GMT
Not After : Feb 13 00:00:46 2025 GMT
Subject: CN=67806c55-d069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:be:44:d6:2f:c5:e0:5a:e8:2f:d4:be:4f:bf:
50:46:f8:26:ba:c1:04:4b:b4:6e:aa:a6:22:51:74:
2e:23:58:22:cb:a8:9e:50:48:73:7e:62:0f:2f:44:
61:4d:3e:d1:c8:5e:05:1b:38:49:7c:98:0a:2c:ea:
2b:ca:70:48:d0:63:a0:9f:0a:04:fa:06:bc:0c:b9:
15:28:cd:4d:30:f5:cc:ca:d4:db:35:46:4e:7e:ae:
6a:0f:a9:16:41:32:99:40:57:e5:2d:be:bc:cc:31:
35:b9:c2:76:d7:26:24:ac:fd:e2:0b:20:7d:af:d1:
2b:69:97:7a:35:85:ff:75:fb:5d:34:ac:00:9d:27:
7f:51:aa:46:36:2a:e8:6e:09:36:9a:43:6d:de:9f:
48:8b:f0:ef:da:91:ec:69:24:16:c0:27:e3:ec:63:
8e:4d:83:06:ac:b9:e6:84:79:74:78:58:64:55:8c:
58:e6:97:4e:e4:46:53:32:f3:ac:20:7d:71:fd:ca:
5e:fb:9b:96:9b:fe:b0:5e:53:8e:17:af:99:72:bc:
96:52:d5:90:2f:29:6d:a9:bf:72:3a:3c:c1:45:5e:
b4:62:69:42:cb:5b:ce:d9:99:8c:a9:d7:d9:47:60:
d0:07:b1:dd:d6:df:7b:2c:23:de:02:22:74:28:39:
b6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:34:49:C6:4E:29:11:F4:53:15:84:FD:5D:B4:05:22:E6:AC:F9:94
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65E204F8CEEB11EFA4D4D061762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.23.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:eb:20:44:19:8b:fe:f1:da:0e:90:2c:b0:25:64:5b:5c:fe:
fe:0b:5e:72:0a:90:50:3b:2c:48:fb:9c:6f:98:0c:77:23:86:
88:2b:d1:af:b6:2c:41:83:4b:64:fe:eb:98:dc:c5:44:55:f2:
45:79:40:e8:25:7f:c5:b4:e0:89:e7:cc:ec:57:6b:9d:68:69:
b2:f5:d8:f3:61:8e:e9:2e:37:8d:c2:9d:9d:a0:44:47:01:43:
6c:d3:c0:a9:e2:87:1c:53:41:13:71:e7:df:5d:fe:ca:97:76:
09:43:fb:f1:3c:af:ed:74:45:60:48:42:65:c9:6e:8b:a1:51:
66:20:8c:de:79:a2:cc:88:5c:e1:86:6d:e8:97:05:7d:6b:1a:
83:fe:d6:47:66:a3:1f:69:eb:3b:1b:64:7c:84:dc:0e:8d:80:
dc:ed:98:e8:88:65:0e:9c:24:22:3a:f1:54:ae:ce:ca:32:6c:
03:f5:9c:46:36:d6:0b:99:25:44:d6:76:bc:f4:28:c8:a4:39:
12:23:85:dd:d6:d8:02:47:cb:89:4a:06:28:df:eb:dd:4b:66:
2e:07:63:92:f5:2d:69:dd:6e:44:70:c1:e3:f1:9d:a2:30:07:
e1:96:9a:b8:be:24:e4:63:47:5f:38:02:04:ec:ab:b6:dc:83:
66:ab:ad:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQRgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDAwMDQ2WhcNMjUwMjEzMDAwMDQ2WjAYMRYw
FAYDVQQDEw02NzgwNmM1NS1kMDY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAur5E1i/F4FroL9S+T79QRvgmusEES7RuqqYiUXQuI1giy6ieUEhzfmIP
L0RhTT7RyF4FGzhJfJgKLOorynBI0GOgnwoE+ga8DLkVKM1NMPXMytTbNUZOfq5q
D6kWQTKZQFflLb68zDE1ucJ21yYkrP3iCyB9r9EraZd6NYX/dftdNKwAnSd/UapG
Nirobgk2mkNt3p9Ii/Dv2pHsaSQWwCfj7GOOTYMGrLnmhHl0eFhkVYxY5pdO5EZT
MvOsIH1x/cpe+5uWm/6wXlOOF6+ZcryWUtWQLyltqb9yOjzBRV60YmlCy1vO2ZmM
qdfZR2DQB7Hd1t97LCPeAiJ0KDm2BQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHI0
ScZOKRH0UxWE/V20BSLmrPmUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NUUyMDRGOENFRUIxMUVGQTRENEQwNjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcUXMA0GCSqGSIb3DQEBCwUA
A4IBAQC16yBEGYv+8doOkCywJWRbXP7+C15yCpBQOyxI+5xvmAx3I4aIK9GvtixB
g0tk/uuY3MVEVfJFeUDoJX/FtOCJ58zsV2udaGmy9djzYY7pLjeNwp2doERHAUNs
08Cp4occU0ETceffXf7Kl3YJQ/vxPK/tdEVgSEJlyW6LoVFmIIzeeaLMiFzhhm3o
lwV9axqD/tZHZqMfaes7G2R8hNwOjYDc7ZjoiGUOnCQiOvFUrs7KMmwD9ZxGNtYL
mSVE1na89CjIpDkSI4Xd1tgCR8uJSgYo3+vdS2YuB2OS9S1p3W5EcMHj8Z2iMAfh
lpq4viTkY0dfOAIE7Ku23INmq62Y
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:47 2025 by rpki-client