Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8666562CCDB311EF910C62A9762E951A.roa
File: 8666562CCDB311EF910C62A9762E951A.roa (raw, json)
Hash identifier: R4+JOnxfNfJ+JUMQbg1Ou/tpPOsdVeNesjZWxoVGo4o=
Subject key identifier: D8:B0:A1:7C:76:2D:77:B7:3D:31:46:8E:22:A3:3D:1B:0A:6D:40:D2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010193
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8666562CCDB311EF910C62A9762E951A.roa
Signing time: Wed 08 Jan 2025 11:27:21 +0000
ROA not before: Wed 08 Jan 2025 11:27:17 +0000
ROA not after: Tue 16 Dec 2025 11:27:17 +0000
asID: 984
IP address blocks: 45.201.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65939 (0x10193)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 11:27:17 2025 GMT
Not After : Dec 16 11:27:17 2025 GMT
Subject: CN=677e6119-a064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ba:06:09:39:62:15:a8:77:53:d9:4b:3d:c0:
00:59:3b:22:50:54:a6:dd:c5:e4:7c:40:40:49:fe:
73:34:51:f4:8b:a0:f1:63:7d:a7:17:ee:19:96:16:
3b:17:c3:d3:a1:da:26:71:69:d2:4d:5a:75:b8:78:
17:59:8c:f1:39:b8:61:6f:a3:21:0e:90:43:5a:41:
cd:76:fa:b1:57:18:46:20:67:de:56:74:3b:05:c4:
5b:db:63:11:96:18:a1:a2:8b:8b:fe:73:28:16:1d:
81:9f:45:45:0c:d6:8f:2f:a5:4b:7c:46:47:2d:5c:
fc:8c:ab:19:bf:a5:24:c9:2d:86:2d:d4:a1:7b:07:
89:d3:60:3d:24:26:2f:79:95:0e:f2:4d:48:4e:ed:
0e:9b:c2:7a:e0:a3:c3:3e:a1:6f:e2:5d:b8:58:2d:
8f:b8:06:7d:74:20:81:74:23:92:4c:c0:bc:d7:32:
17:57:7e:ba:82:9d:7a:ef:62:f4:b1:56:a7:64:66:
c9:5d:af:7b:fb:41:94:db:d6:0b:be:3a:52:e4:af:
de:5d:30:c9:de:7d:34:03:24:b8:fb:f4:3f:6a:0f:
a5:f4:81:ed:de:04:d7:1c:38:da:58:5f:48:0f:73:
e8:1b:02:4b:7b:4b:95:72:da:39:27:21:15:72:10:
d1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B0:A1:7C:76:2D:77:B7:3D:31:46:8E:22:A3:3D:1B:0A:6D:40:D2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8666562CCDB311EF910C62A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.234.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:21:6d:76:25:f4:0f:8d:8b:13:3d:bb:cb:a4:e9:95:5b:5d:
10:5f:44:f1:3a:aa:8a:1c:ee:6c:8e:e0:88:1c:eb:1e:0c:99:
9b:4a:7a:7b:d1:fa:88:d1:ef:1d:03:d0:0e:dd:87:4d:0e:46:
fc:bf:eb:3b:d0:be:ea:74:dc:b8:00:9e:bb:46:e6:4c:9b:a5:
d9:c5:92:31:a8:7e:c4:45:f9:20:b2:e4:27:91:20:a3:8f:3d:
a3:c9:b7:78:41:ea:5f:b0:60:16:d0:8c:04:97:83:2e:c4:25:
19:fa:c0:b9:7f:92:93:c0:f4:19:e3:35:84:37:e8:e9:8f:84:
bf:79:40:2f:f4:a0:8c:20:33:03:2c:a2:24:86:5d:83:9d:cf:
72:71:cc:b2:5d:6e:72:9d:2b:13:66:96:21:65:c1:29:ac:a0:
2b:99:03:19:f5:1f:b1:84:ff:df:19:07:43:ff:59:cf:5d:b8:
63:b2:85:39:28:a0:ca:a0:b8:b5:61:6f:61:43:a4:89:49:1b:
e1:77:d3:40:cd:a2:8d:d9:ab:b1:6a:97:28:01:fe:ce:36:4e:
3f:68:a5:d8:63:e8:ad:31:b8:bf:8e:d6:29:bf:77:2a:37:e1:
3d:d2:c3:75:14:a2:44:4a:98:ea:39:0c:ee:a2:65:2c:9e:23:
89:f7:c5:b2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQGTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTEyNzE3WhcNMjUxMjE2MTEyNzE3WjAYMRYw
FAYDVQQDEw02NzdlNjExOS1hMDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsboGCTliFah3U9lLPcAAWTsiUFSm3cXkfEBASf5zNFH0i6DxY32nF+4Z
lhY7F8PTodomcWnSTVp1uHgXWYzxObhhb6MhDpBDWkHNdvqxVxhGIGfeVnQ7BcRb
22MRlhihoouL/nMoFh2Bn0VFDNaPL6VLfEZHLVz8jKsZv6UkyS2GLdSheweJ02A9
JCYveZUO8k1ITu0Om8J64KPDPqFv4l24WC2PuAZ9dCCBdCOSTMC81zIXV366gp16
72L0sVanZGbJXa97+0GU29YLvjpS5K/eXTDJ3n00AyS4+/Q/ag+l9IHt3gTXHDja
WF9ID3PoGwJLe0uVcto5JyEVchDRpwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNiw
oXx2LXe3PTFGjiKjPRsKbUDSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NjY2NTYyQ0NEQjMxMUVGOTEwQzYyQTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcnqMA0GCSqGSIb3DQEBCwUA
A4IBAQBuIW12JfQPjYsTPbvLpOmVW10QX0TxOqqKHO5sjuCIHOseDJmbSnp70fqI
0e8dA9AO3YdNDkb8v+s70L7qdNy4AJ67RuZMm6XZxZIxqH7ERfkgsuQnkSCjjz2j
ybd4QepfsGAW0IwEl4MuxCUZ+sC5f5KTwPQZ4zWEN+jpj4S/eUAv9KCMIDMDLKIk
hl2Dnc9yccyyXW5ynSsTZpYhZcEprKArmQMZ9R+xhP/fGQdD/1nPXbhjsoU5KKDK
oLi1YW9hQ6SJSRvhd9NAzaKN2auxapcoAf7ONk4/aKXYY+itMbi/jtYpv3cqN+E9
0sN1FKJESpjqOQzuomUsniOJ98Wy
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:37 2025 by rpki-client