Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B39BD42D24511EFA2D360A5762E951A.roa
File: 8B39BD42D24511EFA2D360A5762E951A.roa (raw, json)
Hash identifier: wY46C1pP8uJ43OwR5VGZKy4IuwmnRiWsv6vERVLS8+k=
Subject key identifier: 59:DD:12:86:9A:2C:27:7B:86:96:C9:BF:D2:76:2C:C3:3F:B4:6E:E2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106CE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B39BD42D24511EFA2D360A5762E951A.roa
Signing time: Tue 14 Jan 2025 07:02:40 +0000
ROA not before: Tue 14 Jan 2025 07:02:36 +0000
ROA not after: Fri 14 Mar 2025 07:02:36 +0000
asID: 142002
IP address blocks: 45.197.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67278 (0x106ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 07:02:36 2025 GMT
Not After : Mar 14 07:02:36 2025 GMT
Subject: CN=67860c10-511f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:80:59:ad:bd:2e:e7:9e:6f:12:2b:2d:14:60:
e3:a9:0f:77:f3:aa:e0:a9:a9:85:68:d7:df:f9:c9:
8c:3a:da:ed:14:e0:6a:e0:4a:a7:ec:f7:55:b3:26:
72:37:2a:7c:c0:ab:e3:83:54:4e:be:f7:7c:53:a9:
8e:84:3c:29:a3:52:01:b7:28:9c:6c:17:76:c4:dd:
e1:62:52:ec:f1:c6:de:23:c2:10:90:ef:6e:ad:b6:
a7:d9:9b:e8:8e:3e:79:d5:c4:1e:c4:99:74:18:a6:
2d:3f:db:0a:89:86:0a:8e:a3:f5:b0:a2:f9:df:af:
ee:f5:47:7e:9c:aa:1e:82:9e:37:b8:2d:42:1e:3c:
85:08:ac:93:ec:cf:40:5c:34:3f:31:82:1b:0d:14:
33:68:4c:9d:36:4b:2f:a7:2b:2a:6a:45:64:35:6a:
e7:68:0f:55:60:e4:a0:59:34:72:c2:90:72:66:fd:
ad:f6:c4:64:a0:f7:63:ec:b9:f4:ab:76:cc:7d:5b:
97:e6:e9:0d:b4:99:ed:89:3c:0b:9e:32:5c:b5:bd:
13:e6:6e:65:44:ee:83:98:60:d1:e6:4b:17:24:85:
1c:4c:e1:91:77:b5:87:2f:c5:10:29:95:34:b5:6b:
6b:40:cb:71:f9:be:fd:eb:7e:7f:76:38:c0:6e:89:
0a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:DD:12:86:9A:2C:27:7B:86:96:C9:BF:D2:76:2C:C3:3F:B4:6E:E2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B39BD42D24511EFA2D360A5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.15.0/24
Signature Algorithm: sha256WithRSAEncryption
14:af:f3:d0:12:b3:84:d8:cb:8b:b8:e8:01:d0:4e:ef:9f:0a:
e9:7a:e8:65:f5:d8:5c:94:b6:21:ca:11:05:65:f3:f6:49:80:
4e:d5:ce:b4:36:b2:77:85:a3:8e:1f:3b:fa:eb:8e:e6:d6:cb:
b5:05:5c:5d:42:b3:c0:73:31:15:43:15:f1:59:9d:00:db:82:
90:0b:12:ba:74:e0:8b:7b:66:ac:df:08:0c:7c:e3:c3:25:63:
a6:ee:b6:1e:8e:b5:ea:50:60:c6:74:b6:0d:c1:b9:87:b2:77:
c0:49:49:5c:cb:b0:ba:94:1a:13:67:73:03:18:fb:b6:41:02:
5f:b8:4b:c2:f7:d4:f2:22:72:e4:fc:9e:bc:56:ca:bc:5a:ba:
97:44:1f:2f:3d:ed:16:53:22:99:d9:05:aa:b7:37:68:73:b0:
01:5b:11:1a:6d:89:f3:f8:3d:34:0f:b4:7f:da:b8:e9:75:73:
33:bd:1b:1f:0b:df:82:fe:22:f9:03:da:ae:00:1f:5d:71:90:
1c:f0:64:f6:ac:97:f5:16:09:97:0c:a3:0e:75:cd:e0:44:b2:
32:94:0f:ba:45:8e:de:6c:10:1d:e0:bb:8f:77:0e:9a:d0:69:
52:3f:37:c7:dc:46:ad:41:af:73:c6:b7:ce:10:9b:06:b3:09:
0c:d2:5f:45
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQbOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDcwMjM2WhcNMjUwMzE0MDcwMjM2WjAYMRYw
FAYDVQQDEw02Nzg2MGMxMC01MTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1oBZrb0u555vEistFGDjqQ9386rgqamFaNff+cmMOtrtFOBq4Eqn7PdV
syZyNyp8wKvjg1ROvvd8U6mOhDwpo1IBtyicbBd2xN3hYlLs8cbeI8IQkO9urban
2Zvojj551cQexJl0GKYtP9sKiYYKjqP1sKL536/u9Ud+nKoegp43uC1CHjyFCKyT
7M9AXDQ/MYIbDRQzaEydNksvpysqakVkNWrnaA9VYOSgWTRywpByZv2t9sRkoPdj
7Ln0q3bMfVuX5ukNtJntiTwLnjJctb0T5m5lRO6DmGDR5ksXJIUcTOGRd7WHL8UQ
KZU0tWtrQMtx+b79635/djjAbokK7wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFnd
EoaaLCd7hpbJv9J2LMM/tG7iMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QjM5QkQ0MkQyNDUxMUVGQTJEMzYwQTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcUPMA0GCSqGSIb3DQEBCwUA
A4IBAQAUr/PQErOE2MuLuOgB0E7vnwrpeuhl9dhclLYhyhEFZfP2SYBO1c60NrJ3
haOOHzv6647m1su1BVxdQrPAczEVQxXxWZ0A24KQCxK6dOCLe2as3wgMfOPDJWOm
7rYejrXqUGDGdLYNwbmHsnfASUlcy7C6lBoTZ3MDGPu2QQJfuEvC99TyInLk/J68
Vsq8WrqXRB8vPe0WUyKZ2QWqtzdoc7ABWxEabYnz+D00D7R/2rjpdXMzvRsfC9+C
/iL5A9quAB9dcZAc8GT2rJf1FgmXDKMOdc3gRLIylA+6RY7ebBAd4LuPdw6a0GlS
PzfH3EatQa9zxrfOEJsGswkM0l9F
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:17 2025 by rpki-client