Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6897436AD0BD11EF9A4A9C6C762E951A.roa
File: 6897436AD0BD11EF9A4A9C6C762E951A.roa (raw, json)
Hash identifier: CL1pjsLCrwD/Rlw4Y/+YR60B/aLY1K9XzlRZMP1Dq24=
Subject key identifier: D4:A0:DA:44:7F:F5:B6:87:A5:2A:26:99:9A:96:65:FE:69:A7:DB:96
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010621
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6897436AD0BD11EF9A4A9C6C762E951A.roa
Signing time: Sun 12 Jan 2025 08:15:39 +0000
ROA not before: Sun 12 Jan 2025 08:15:36 +0000
ROA not after: Fri 14 Feb 2025 08:15:36 +0000
asID: 137899
IP address blocks: 45.192.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67105 (0x10621)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 12 08:15:36 2025 GMT
Not After : Feb 14 08:15:36 2025 GMT
Subject: CN=67837a2b-978a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:df:44:d6:81:a8:6e:f5:53:78:c0:6f:77:d2:
bb:92:ea:b6:ba:96:6b:f1:fb:62:90:61:77:f5:48:
41:6f:fc:30:23:f7:f5:e6:1a:88:04:b5:1c:28:94:
4d:f8:18:dd:c5:ad:41:b9:0c:71:62:5e:f6:00:37:
f4:84:75:57:8a:92:a0:94:9b:8e:08:7f:24:89:df:
fe:78:ac:5d:41:e7:6f:6a:4a:bb:8e:62:11:5e:97:
fb:43:2d:7c:f3:a1:40:ff:94:b1:c2:ef:4a:2d:e1:
af:a0:e7:4c:95:61:f1:dd:ea:ea:fe:13:85:e3:b1:
e4:a4:87:68:66:e8:c0:15:7a:7c:4e:f7:48:d6:51:
58:67:a8:ee:58:28:2b:c0:1f:bd:2e:d4:a1:f9:0d:
0e:22:76:19:01:8f:ae:32:ef:5b:4c:9b:12:8d:51:
ca:35:47:1b:6d:78:6c:7c:eb:16:e3:86:7e:85:60:
d1:da:24:fa:96:f3:cf:ea:05:e0:9d:a2:9d:19:90:
54:24:92:0a:0a:b4:bb:bf:94:7e:26:1c:48:93:80:
3a:b7:b4:eb:fb:71:5b:26:3e:ce:5b:60:43:ca:ab:
89:06:59:12:39:b7:02:54:0b:25:d1:70:97:c0:08:
57:07:59:24:20:95:75:bd:74:bb:c6:96:a0:4c:0a:
ba:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A0:DA:44:7F:F5:B6:87:A5:2A:26:99:9A:96:65:FE:69:A7:DB:96
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6897436AD0BD11EF9A4A9C6C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/20
Signature Algorithm: sha256WithRSAEncryption
37:48:89:71:12:3b:12:c3:17:45:43:c7:de:85:ed:04:92:f6:
18:e5:ac:fb:ec:f7:d4:ce:ce:55:b2:c5:4e:dc:fc:cc:71:59:
c2:fe:01:96:7b:83:17:18:70:84:84:22:8e:19:59:2a:40:05:
d5:da:bf:7f:9d:d7:7c:69:ab:09:4d:d4:76:a2:bf:28:62:26:
bf:f6:0e:84:e6:0c:da:f6:86:30:e2:98:e0:41:ef:a1:16:43:
ac:88:f8:7f:08:35:1e:43:be:6a:4e:ab:96:14:b7:f0:af:02:
68:a7:39:7a:9d:4b:18:af:81:12:f4:7f:fe:a1:13:b1:2c:e0:
29:95:69:00:df:80:e3:1d:04:9c:4f:6c:0b:0e:81:f7:12:d8:
99:5e:5f:09:7e:30:d2:bc:2a:74:fe:cc:81:57:43:19:19:88:
fe:00:9e:51:f8:63:bb:9f:47:d1:6c:dd:89:88:96:98:6e:e0:
e8:a6:47:80:31:43:a6:5a:f9:9d:21:aa:0b:51:72:85:6a:27:
80:66:ce:c4:10:53:81:fb:cd:2e:c3:44:ea:d6:d6:ac:07:c3:
3a:27:b7:44:7f:22:62:5e:b6:f1:53:3c:9c:cd:ed:69:8c:42:
17:79:d8:5f:94:22:87:00:f2:9c:15:9d:8f:41:c1:9e:27:04:
23:b6:d4:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQYhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEyMDgxNTM2WhcNMjUwMjE0MDgxNTM2WjAYMRYw
FAYDVQQDEw02NzgzN2EyYi05NzhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAot9E1oGobvVTeMBvd9K7kuq2upZr8ftikGF39UhBb/wwI/f15hqIBLUc
KJRN+Bjdxa1BuQxxYl72ADf0hHVXipKglJuOCH8kid/+eKxdQedvakq7jmIRXpf7
Qy1886FA/5Sxwu9KLeGvoOdMlWHx3erq/hOF47HkpIdoZujAFXp8TvdI1lFYZ6ju
WCgrwB+9LtSh+Q0OInYZAY+uMu9bTJsSjVHKNUcbbXhsfOsW44Z+hWDR2iT6lvPP
6gXgnaKdGZBUJJIKCrS7v5R+JhxIk4A6t7Tr+3FbJj7OW2BDyquJBlkSObcCVAsl
0XCXwAhXB1kkIJV1vXS7xpagTAq6+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNSg
2kR/9baHpSommZqWZf5pp9uWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82ODk3NDM2QUQwQkQxMUVGOUE0QTlDNkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcBgMA0GCSqGSIb3DQEBCwUA
A4IBAQA3SIlxEjsSwxdFQ8fehe0EkvYY5az77PfUzs5VssVO3PzMcVnC/gGWe4MX
GHCEhCKOGVkqQAXV2r9/ndd8aasJTdR2or8oYia/9g6E5gza9oYw4pjgQe+hFkOs
iPh/CDUeQ75qTquWFLfwrwJopzl6nUsYr4ES9H/+oROxLOAplWkA34DjHQScT2wL
DoH3EtiZXl8JfjDSvCp0/syBV0MZGYj+AJ5R+GO7n0fRbN2JiJaYbuDopkeAMUOm
WvmdIaoLUXKFaieAZs7EEFOB+80uw0Tq1tasB8M6J7dEfyJiXrbxUzycze1pjEIX
edhflCKHAPKcFZ2PQcGeJwQjttQ5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:40 2025 by rpki-client