Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97A64156D15811EFAEC9DE42762E951A.roa
File: 97A64156D15811EFAEC9DE42762E951A.roa (raw, json)
Hash identifier: rCNEybUBy+He3I1LZ92jitHru5EjNHa0zD8VO6mh40c=
Subject key identifier: 5B:DE:F9:13:5A:63:17:4B:52:6C:6B:4E:CD:4B:11:99:36:82:08:44
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010658
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97A64156D15811EFAEC9DE42762E951A.roa
Signing time: Mon 13 Jan 2025 02:46:30 +0000
ROA not before: Mon 13 Jan 2025 02:46:27 +0000
ROA not after: Thu 13 Mar 2025 02:46:27 +0000
asID: 17561
IP address blocks: 45.202.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67160 (0x10658)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 02:46:27 2025 GMT
Not After : Mar 13 02:46:27 2025 GMT
Subject: CN=67847e86-cd64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bc:2c:d8:c1:24:78:06:94:5d:e5:96:70:73:
94:57:23:a4:73:f7:88:b6:d3:c4:a9:74:82:04:8b:
e4:43:fd:0b:6e:df:f9:be:c7:0a:a0:38:34:07:93:
9b:ce:ba:e9:4e:68:2e:b9:43:eb:9b:40:29:91:8b:
69:0f:98:41:49:36:bd:d0:48:10:ae:0e:6d:55:ab:
81:97:cb:f8:60:04:54:a2:38:3b:4b:75:a5:c4:56:
76:87:c3:8b:dd:9a:0e:b4:74:14:2b:56:75:e3:56:
66:78:36:83:5f:60:66:33:ab:db:4f:a3:45:67:0e:
d9:6d:3f:36:79:2c:6f:04:68:b2:2a:f3:0c:66:62:
c4:22:90:e7:87:31:ce:62:36:6b:15:63:6c:93:bc:
17:d4:c3:e0:2f:e8:7b:e4:31:1d:c2:0a:55:3f:26:
72:dd:cb:2c:62:78:23:c9:76:dd:dd:98:e3:8e:d5:
50:b3:95:e4:de:3e:29:05:62:eb:bb:52:4d:96:19:
8f:d4:65:e0:9a:78:ec:4a:cc:6c:80:37:9c:b3:20:
34:d9:d8:21:ae:29:4c:47:35:74:ee:a7:34:06:72:
60:50:84:8a:4a:d5:a1:ae:86:4f:28:de:6c:bb:ef:
94:9c:f6:f0:36:66:90:c0:fc:c4:99:39:18:4f:ce:
76:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DE:F9:13:5A:63:17:4B:52:6C:6B:4E:CD:4B:11:99:36:82:08:44
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97A64156D15811EFAEC9DE42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.34.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:02:49:fe:26:8b:a3:0b:7d:cf:4b:6d:06:d6:23:06:eb:4a:
33:fc:2d:71:63:f7:4d:d8:b5:79:ce:a5:e9:e9:18:bd:d3:19:
b2:1e:5a:4b:6d:c4:29:c6:38:b7:c4:1d:70:70:68:a4:f2:c3:
be:94:11:b8:dc:ef:b9:31:b9:f7:98:e6:fc:41:b8:a2:fa:e8:
ab:26:fb:56:e8:4c:9c:5c:34:7a:5f:3d:49:17:43:24:4a:61:
52:b0:b3:59:f7:6f:fa:d0:97:d2:15:b3:d4:a5:9b:e1:46:6a:
fb:00:34:65:25:52:7a:4c:e6:5a:8d:b0:c8:46:ce:62:99:eb:
8d:fb:bb:15:89:4b:ac:54:e0:2f:e9:76:a7:d5:dc:c9:3b:65:
34:4f:54:49:5f:dc:0a:ab:1a:e6:ff:3e:ab:a0:6b:d4:70:24:
68:d6:9d:45:5d:65:2b:55:72:e9:23:a3:20:53:46:ae:19:1d:
0f:87:3c:78:04:03:77:6e:34:5a:0c:bd:36:75:06:8b:b9:42:
d2:a3:e6:c4:2d:df:69:43:f8:f5:1b:de:09:0e:12:6b:83:7e:
3d:35:28:e2:0b:61:2f:13:44:2c:ea:e8:d1:10:0c:91:02:dc:
ae:0a:34:a2:0f:85:cf:f2:4f:fb:be:20:12:9c:e8:b7:3a:64:
cb:c2:0b:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQZYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDI0NjI3WhcNMjUwMzEzMDI0NjI3WjAYMRYw
FAYDVQQDEw02Nzg0N2U4Ni1jZDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA07ws2MEkeAaUXeWWcHOUVyOkc/eIttPEqXSCBIvkQ/0Lbt/5vscKoDg0
B5ObzrrpTmguuUPrm0ApkYtpD5hBSTa90EgQrg5tVauBl8v4YARUojg7S3WlxFZ2
h8OL3ZoOtHQUK1Z141ZmeDaDX2BmM6vbT6NFZw7ZbT82eSxvBGiyKvMMZmLEIpDn
hzHOYjZrFWNsk7wX1MPgL+h75DEdwgpVPyZy3cssYngjyXbd3ZjjjtVQs5Xk3j4p
BWLru1JNlhmP1GXgmnjsSsxsgDecsyA02dghrilMRzV07qc0BnJgUISKStWhroZP
KN5su++UnPbwNmaQwPzEmTkYT852UwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFve
+RNaYxdLUmxrTs1LEZk2gghEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85N0E2NDE1NkQxNTgxMUVGQUVDOURFNDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcoiMA0GCSqGSIb3DQEBCwUA
A4IBAQCNAkn+JoujC33PS20G1iMG60oz/C1xY/dN2LV5zqXp6Ri90xmyHlpLbcQp
xji3xB1wcGik8sO+lBG43O+5Mbn3mOb8Qbii+uirJvtW6EycXDR6Xz1JF0MkSmFS
sLNZ92/60JfSFbPUpZvhRmr7ADRlJVJ6TOZajbDIRs5imeuN+7sViUusVOAv6Xan
1dzJO2U0T1RJX9wKqxrm/z6roGvUcCRo1p1FXWUrVXLpI6MgU0auGR0Phzx4BAN3
bjRaDL02dQaLuULSo+bELd9pQ/j1G94JDhJrg349NSjiC2EvE0Qs6ujREAyRAtyu
CjSiD4XP8k/7viASnOi3OmTLwgu6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:24 2025 by rpki-client