Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9249B8B6CEEA11EF86F2AF5B762E951A.roa
File: 9249B8B6CEEA11EF86F2AF5B762E951A.roa (raw, json)
Hash identifier: d00ow98Uyk6yOUgyqu2Zz6sXeLPA5GWDnaDVquJw7TI=
Subject key identifier: A0:17:7D:7F:57:40:F1:CB:DF:99:47:23:72:43:D7:C2:9D:FC:B9:24
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01045A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9249B8B6CEEA11EF86F2AF5B762E951A.roa
Signing time: Fri 10 Jan 2025 00:33:54 +0000
ROA not before: Fri 10 Jan 2025 00:00:51 +0000
ROA not after: Thu 13 Feb 2025 00:00:51 +0000
asID: 395793
IP address blocks: 45.194.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66650 (0x1045a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 00:00:51 2025 GMT
Not After : Feb 13 00:00:51 2025 GMT
Subject: CN=67806af2-19bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4e:92:02:7b:ef:97:ea:00:4a:2e:92:ec:da:
6c:14:b7:51:97:7b:b0:46:44:29:94:73:d9:55:0e:
e4:d9:01:12:53:b4:09:99:d1:9c:ed:4f:c2:8e:b7:
24:39:c0:ee:64:11:7b:b4:f1:22:37:8c:17:05:85:
9e:83:e2:c8:d2:66:be:88:d5:84:f8:1b:44:6e:f3:
7f:3f:8f:4d:bd:26:69:43:ec:ea:eb:c6:9b:71:4a:
16:70:c2:7c:62:2e:3c:6c:5b:15:ae:10:ee:a6:54:
34:5d:fb:ac:07:61:1d:09:a0:7e:10:67:03:85:ba:
98:67:56:92:8b:b9:23:7e:82:49:9b:ce:3c:fc:f9:
54:9b:3f:e6:6c:5d:9a:27:04:41:18:24:28:87:02:
75:cf:eb:9d:85:9b:34:d2:a4:98:75:35:2e:a9:f5:
be:22:ec:79:95:9d:e5:fc:3f:93:7b:20:b6:79:1d:
ed:11:fa:69:d9:9c:b6:97:df:f6:32:e9:77:95:ad:
fc:2c:88:dd:08:fc:2e:14:a6:21:15:f2:e5:2a:d8:
37:c3:a2:0b:48:4b:d2:98:a7:13:49:f9:40:2b:3a:
bc:56:fe:6b:30:8b:e3:00:82:0a:69:c6:76:21:bc:
8c:a9:28:c7:55:5d:1b:62:ee:a7:17:e2:ff:b1:99:
36:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:17:7D:7F:57:40:F1:CB:DF:99:47:23:72:43:D7:C2:9D:FC:B9:24
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9249B8B6CEEA11EF86F2AF5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.1.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:1a:02:78:f9:81:b1:6e:2d:84:ca:86:c5:49:0d:0b:91:ff:
8f:e8:be:07:93:6d:f3:04:61:b8:0e:1f:72:ae:5f:18:30:6f:
52:44:62:26:0e:e2:f1:a9:97:0d:e2:b7:60:65:83:7a:78:9a:
74:a3:7d:27:14:52:90:75:f2:d3:31:64:f7:bc:f6:f9:fc:96:
56:dd:57:0b:b1:46:1c:95:dd:6d:4d:d9:6e:4b:5e:f8:65:6a:
c7:76:be:ef:ec:fa:1e:b0:27:00:85:c5:7a:ef:9b:31:39:a4:
5b:37:22:9e:38:36:4f:02:aa:a5:bc:9a:42:bb:35:e9:fc:d7:
a3:02:b2:3c:f8:07:44:1d:d8:26:eb:16:43:8d:14:b6:6c:40:
fc:61:8f:2c:6e:59:ba:09:8d:9b:9b:94:b9:c7:18:43:20:4d:
b4:6c:1f:ec:64:f7:d4:7a:18:62:4c:79:97:dd:3b:8f:f1:95:
ed:7e:b6:84:f8:98:cb:ac:47:68:d5:f1:39:2f:70:ad:b7:64:
8f:4b:a6:e1:79:63:79:b8:86:dc:e1:7f:ae:6f:1e:02:3e:64:
43:ae:a4:8c:0c:16:a7:21:e4:14:8c:2c:4d:63:d8:b4:0d:d3:
c5:46:ea:32:11:44:e9:0c:bc:69:2d:f9:ed:95:46:c2:d7:6f:
4c:0f:0a:9b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQRaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDAwMDUxWhcNMjUwMjEzMDAwMDUxWjAYMRYw
FAYDVQQDEw02NzgwNmFmMi0xOWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1U6SAnvvl+oASi6S7NpsFLdRl3uwRkQplHPZVQ7k2QESU7QJmdGc7U/C
jrckOcDuZBF7tPEiN4wXBYWeg+LI0ma+iNWE+BtEbvN/P49NvSZpQ+zq68abcUoW
cMJ8Yi48bFsVrhDuplQ0XfusB2EdCaB+EGcDhbqYZ1aSi7kjfoJJm848/PlUmz/m
bF2aJwRBGCQohwJ1z+udhZs00qSYdTUuqfW+Iux5lZ3l/D+TeyC2eR3tEfpp2Zy2
l9/2Mul3la38LIjdCPwuFKYhFfLlKtg3w6ILSEvSmKcTSflAKzq8Vv5rMIvjAIIK
acZ2IbyMqSjHVV0bYu6nF+L/sZk2bwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKAX
fX9XQPHL35lHI3JD18Kd/LkkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MjQ5QjhCNkNFRUExMUVGODZGMkFGNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcIBMA0GCSqGSIb3DQEBCwUA
A4IBAQCMGgJ4+YGxbi2EyobFSQ0Lkf+P6L4Hk23zBGG4Dh9yrl8YMG9SRGImDuLx
qZcN4rdgZYN6eJp0o30nFFKQdfLTMWT3vPb5/JZW3VcLsUYcld1tTdluS174ZWrH
dr7v7PoesCcAhcV675sxOaRbNyKeODZPAqqlvJpCuzXp/NejArI8+AdEHdgm6xZD
jRS2bED8YY8sblm6CY2bm5S5xxhDIE20bB/sZPfUehhiTHmX3TuP8ZXtfraE+JjL
rEdo1fE5L3Ctt2SPS6bheWN5uIbc4X+ubx4CPmRDrqSMDBanIeQUjCxNY9i0DdPF
RuoyEUTpDLxpLfntlUbC129MDwqb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:54 2025 by rpki-client