Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7969B5F8CF3511EF88399D4A762E951A.roa
File: 7969B5F8CF3511EF88399D4A762E951A.roa (raw, json)
Hash identifier: pY0L93Tu3xl1JeXcx3cEGo7/M+QFhvj3uCX6B65dRew=
Subject key identifier: 6F:75:D1:2B:65:33:71:D3:E7:B6:72:CD:A5:70:0C:BF:AA:1B:BC:F1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010529
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7969B5F8CF3511EF88399D4A762E951A.roa
Signing time: Fri 10 Jan 2025 09:30:05 +0000
ROA not before: Fri 10 Jan 2025 09:30:01 +0000
ROA not after: Sat 22 Feb 2025 09:30:01 +0000
asID: 20473
IP address blocks: 45.192.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66857 (0x10529)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 09:30:01 2025 GMT
Not After : Feb 22 09:30:01 2025 GMT
Subject: CN=6780e89d-e7f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e1:23:fd:b3:e6:4a:98:e7:e6:e3:a8:4a:44:
d3:bf:3b:4f:8d:2e:cf:93:5b:01:09:92:12:a7:10:
4d:4f:aa:06:3b:3d:39:9c:1c:ef:b1:07:8c:26:71:
24:87:9a:bb:8a:1f:2c:9f:91:aa:00:f2:a9:18:4a:
0f:88:f1:ec:e1:23:e0:e9:c5:d1:18:31:82:50:39:
f6:8b:b7:5f:f3:8d:d6:bf:80:9f:d5:e6:ce:b1:fd:
ee:c2:a8:79:2d:59:fb:c3:f8:56:76:fc:ed:af:84:
6c:63:1e:1c:e0:dc:87:1d:99:51:52:87:fa:6c:29:
cf:a3:6f:27:a4:9a:7b:66:df:97:0f:ac:0b:b6:6b:
31:9d:d6:1b:90:e4:e2:2a:16:7e:eb:77:5e:79:5b:
24:15:4d:5e:9b:27:43:bd:48:c1:06:c4:13:e6:69:
8e:c0:7a:30:5b:c0:0a:1b:3f:2e:8c:6a:aa:95:17:
7e:a3:28:52:92:31:c9:a8:0d:46:9c:b3:de:4b:02:
ef:19:3e:83:4c:27:df:9d:22:22:02:89:26:ec:4e:
6f:23:34:31:8a:e0:30:5d:ca:43:65:e0:d6:3c:a6:
3e:d0:cc:c1:b6:09:cb:cc:13:33:36:6a:26:39:b3:
81:4f:58:76:f6:e3:02:c1:95:7b:8d:4a:50:63:25:
67:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:75:D1:2B:65:33:71:D3:E7:B6:72:CD:A5:70:0C:BF:AA:1B:BC:F1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7969B5F8CF3511EF88399D4A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.129.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:91:ea:6f:e9:1b:ba:dc:68:b7:41:0e:ce:18:6d:a9:cb:e2:
b9:e1:dc:67:db:93:9a:ff:cc:ff:5d:16:a9:08:09:b7:0a:93:
8b:c6:27:29:94:9e:6f:de:39:14:f4:12:de:c1:d2:18:8f:f6:
19:38:be:6a:80:1a:05:5f:ad:64:93:e2:59:af:75:99:c7:3a:
b3:93:bc:01:f1:e4:bc:c7:f5:9a:82:67:64:c4:87:da:4b:37:
c4:f5:92:9b:b8:52:1c:be:c1:43:04:93:76:13:00:93:d0:13:
28:1e:ba:56:f3:07:20:f1:92:f7:15:2e:43:61:b3:e1:42:0d:
ba:b3:bd:96:b5:8e:ec:d3:e4:75:38:47:16:d2:d1:fb:1d:0f:
fe:4e:e8:15:0f:f0:ee:2a:39:db:fe:c9:e6:98:a5:15:99:90:
52:76:c9:38:03:79:74:04:bf:be:41:cd:4f:2c:4d:cd:bb:df:
cc:ff:16:a2:2f:79:b9:7a:91:1e:64:ae:79:23:8a:3c:34:c9:
ff:98:99:4e:86:c4:c7:a7:6a:5f:ed:fd:e4:0e:5e:88:7d:47:
3b:e3:55:59:00:c0:d2:41:e3:b2:d3:18:00:89:40:94:7b:28:
fd:92:a8:7a:7e:57:77:3c:ec:c3:a6:13:3d:f7:99:ff:90:37:
66:ca:c6:a2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQUpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDkzMDAxWhcNMjUwMjIyMDkzMDAxWjAYMRYw
FAYDVQQDEw02NzgwZTg5ZC1lN2Y1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5uEj/bPmSpjn5uOoSkTTvztPjS7Pk1sBCZISpxBNT6oGOz05nBzvsQeM
JnEkh5q7ih8sn5GqAPKpGEoPiPHs4SPg6cXRGDGCUDn2i7df843Wv4Cf1ebOsf3u
wqh5LVn7w/hWdvztr4RsYx4c4NyHHZlRUof6bCnPo28npJp7Zt+XD6wLtmsxndYb
kOTiKhZ+63deeVskFU1emydDvUjBBsQT5mmOwHowW8AKGz8ujGqqlRd+oyhSkjHJ
qA1GnLPeSwLvGT6DTCffnSIiAokm7E5vIzQxiuAwXcpDZeDWPKY+0MzBtgnLzBMz
NmomObOBT1h29uMCwZV7jUpQYyVnmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG91
0StlM3HT57ZyzaVwDL+qG7zxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OTY5QjVGOENGMzUxMUVGODgzOTlENEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcCBMA0GCSqGSIb3DQEBCwUA
A4IBAQBskepv6Ru63Gi3QQ7OGG2py+K54dxn25Oa/8z/XRapCAm3CpOLxicplJ5v
3jkU9BLewdIYj/YZOL5qgBoFX61kk+JZr3WZxzqzk7wB8eS8x/WagmdkxIfaSzfE
9ZKbuFIcvsFDBJN2EwCT0BMoHrpW8wcg8ZL3FS5DYbPhQg26s72WtY7s0+R1OEcW
0tH7HQ/+TugVD/DuKjnb/snmmKUVmZBSdsk4A3l0BL++Qc1PLE3Nu9/M/xaiL3m5
epEeZK55I4o8NMn/mJlOhsTHp2pf7f3kDl6IfUc741VZAMDSQeOy0xgAiUCUeyj9
kqh6fld3POzDphM995n/kDdmysai
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:12 2025 by rpki-client