Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/71482806CDD111EFB0295167762E951A.roa
File: 71482806CDD111EFB0295167762E951A.roa (raw, json)
Hash identifier: TCBpsmSo2fybUv/xOIbnmoF5GhpZK3hLDVINNOAQIZY=
Subject key identifier: 4E:C7:78:24:B8:C7:26:EA:6F:22:25:D0:3B:DB:19:DA:6A:09:8F:97
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01020C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/71482806CDD111EFB0295167762E951A.roa
Signing time: Wed 08 Jan 2025 15:01:31 +0000
ROA not before: Wed 08 Jan 2025 15:01:27 +0000
ROA not after: Sat 03 Jan 2026 15:01:27 +0000
asID: 984
IP address blocks: 45.197.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66060 (0x1020c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 15:01:27 2025 GMT
Not After : Jan 3 15:01:27 2026 GMT
Subject: CN=677e934a-24d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:09:88:13:71:42:00:65:85:47:71:00:f3:55:
9f:9a:2b:c5:bb:8c:be:ac:3a:d7:29:44:03:88:45:
62:f5:bd:80:70:3c:0e:22:1b:fb:f7:27:e4:41:9f:
d8:40:13:b2:b1:f6:53:3d:bc:a5:6b:13:30:3a:39:
66:c5:58:59:ac:9c:d9:a9:c2:3b:d5:4b:50:33:2e:
59:6a:23:79:d2:88:ec:bd:64:49:7d:e2:49:5d:70:
34:61:fa:f4:6f:93:cd:0a:11:a3:f5:a1:2e:2e:c8:
7c:54:09:a5:85:f4:26:4c:41:4f:13:ef:79:07:5f:
fa:4c:06:18:0d:0e:9b:74:f4:4c:db:cd:fb:52:92:
1f:a9:dc:b2:d8:b0:0e:02:5d:2c:82:c2:b4:ed:f6:
8c:1f:2f:89:41:e8:9c:f8:8b:dc:d3:b9:18:0f:89:
57:ba:5c:5e:45:5f:66:8c:2b:5b:1a:c7:bf:8a:80:
7a:83:ab:25:76:49:d8:af:98:d9:76:a0:ea:75:6e:
a9:f0:55:94:c7:e8:5f:70:41:db:b7:90:e9:c0:eb:
3d:93:8e:66:51:98:4a:93:b3:5d:60:95:97:b5:3c:
cf:86:5c:bd:73:9c:32:a6:b8:d4:2c:df:17:1d:c9:
a0:00:d2:24:fb:6c:43:9f:9a:a5:62:cd:ca:d2:ef:
5f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C7:78:24:B8:C7:26:EA:6F:22:25:D0:3B:DB:19:DA:6A:09:8F:97
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/71482806CDD111EFB0295167762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.7.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:6d:d1:cb:a6:11:e5:dd:db:c2:d7:8f:2f:be:52:51:73:fa:
d9:4f:94:25:96:1e:a0:03:de:cd:60:d8:a7:53:04:ec:c0:b5:
a2:f6:f5:55:ab:46:ae:44:27:f8:d9:1a:6c:04:19:3c:43:74:
d1:0c:e4:8d:46:db:8b:b6:77:d9:f9:fc:54:4e:21:fc:94:69:
5d:88:d7:db:6b:88:0b:d7:7a:da:38:6d:06:18:8a:e5:b7:69:
2c:b6:a1:4a:7c:77:fd:7d:ba:04:f9:cb:af:ae:98:fe:8b:d0:
c7:16:e5:7c:eb:1c:4e:44:cc:53:99:8b:cb:73:e4:45:12:5f:
56:f0:c9:06:5b:6f:dc:9e:fb:da:63:c6:0e:7d:94:52:17:88:
9b:80:e9:15:c5:df:03:dc:aa:27:93:3b:1a:ba:1d:80:4e:b1:
70:84:1e:b0:47:2d:de:70:89:51:ec:19:35:b8:f5:ab:c5:c2:
fd:bd:8a:a9:a7:6c:db:4d:2e:9a:11:b1:5e:1c:3d:8b:f4:6e:
44:4d:75:23:22:0a:61:d4:2a:d2:8d:ac:97:40:aa:1c:bd:ce:
16:81:15:b6:44:09:29:96:66:57:37:c2:08:90:ba:19:94:27:
d6:49:fa:90:a2:0f:8e:fe:fe:06:eb:c6:b9:44:91:95:16:b9:
4e:bd:d6:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQIMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTUwMTI3WhcNMjYwMTAzMTUwMTI3WjAYMRYw
FAYDVQQDEw02NzdlOTM0YS0yNGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8AmIE3FCAGWFR3EA81WfmivFu4y+rDrXKUQDiEVi9b2AcDwOIhv79yfk
QZ/YQBOysfZTPbylaxMwOjlmxVhZrJzZqcI71UtQMy5ZaiN50ojsvWRJfeJJXXA0
Yfr0b5PNChGj9aEuLsh8VAmlhfQmTEFPE+95B1/6TAYYDQ6bdPRM2837UpIfqdyy
2LAOAl0sgsK07faMHy+JQeic+Ivc07kYD4lXulxeRV9mjCtbGse/ioB6g6sldknY
r5jZdqDqdW6p8FWUx+hfcEHbt5DpwOs9k45mUZhKk7NdYJWXtTzPhly9c5wyprjU
LN8XHcmgANIk+2xDn5qlYs3K0u9fPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE7H
eCS4xybqbyIl0DvbGdpqCY+XMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MTQ4MjgwNkNERDExMUVGQjAyOTUxNjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcUHMA0GCSqGSIb3DQEBCwUA
A4IBAQArbdHLphHl3dvC148vvlJRc/rZT5Qllh6gA97NYNinUwTswLWi9vVVq0au
RCf42RpsBBk8Q3TRDOSNRtuLtnfZ+fxUTiH8lGldiNfba4gL13raOG0GGIrlt2ks
tqFKfHf9fboE+cuvrpj+i9DHFuV86xxORMxTmYvLc+RFEl9W8MkGW2/cnvvaY8YO
fZRSF4ibgOkVxd8D3Konkzsauh2ATrFwhB6wRy3ecIlR7Bk1uPWrxcL9vYqpp2zb
TS6aEbFeHD2L9G5ETXUjIgph1CrSjayXQKocvc4WgRW2RAkplmZXN8IIkLoZlCfW
SfqQog+O/v4G68a5RJGVFrlOvdbn
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:13 2025 by rpki-client