Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7B0271ECF2911EFB29AD87E762E951A.roa
File: A7B0271ECF2911EFB29AD87E762E951A.roa (raw, json)
Hash identifier: q+mAdHVjDkcS8Cth/eNFI6YeJjrmwHY7IP8/1GPAkQc=
Subject key identifier: A8:39:64:F9:64:88:67:98:0A:54:E0:CD:EE:FE:D5:85:83:FE:E6:18
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010509
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7B0271ECF2911EFB29AD87E762E951A.roa
Signing time: Fri 10 Jan 2025 08:05:29 +0000
ROA not before: Fri 10 Jan 2025 08:05:25 +0000
ROA not after: Sun 16 Feb 2025 08:05:25 +0000
asID: 6079
IP address blocks: 45.205.86.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66825 (0x10509)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 08:05:25 2025 GMT
Not After : Feb 16 08:05:25 2025 GMT
Subject: CN=6780d4c8-d3d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0d:21:5a:af:c0:65:4d:f4:f0:86:bb:51:39:
69:5e:7f:55:4d:3b:6c:fb:fe:af:b9:be:59:57:d7:
1b:d2:21:1e:5d:5e:8d:f8:94:1f:57:df:4a:43:5e:
70:58:3d:c0:8a:d7:88:07:98:7b:75:15:50:bc:25:
4c:5b:1d:0e:8a:49:41:93:2f:c6:56:37:6a:09:80:
b1:39:ad:d3:05:eb:90:52:f1:b6:de:07:60:9d:0d:
83:0e:e3:fa:cf:23:f9:69:9f:04:90:9b:33:63:80:
18:bc:29:f6:ae:48:cd:6f:70:04:37:06:d8:f1:da:
a9:dc:3e:b6:38:76:9e:28:e1:1d:d1:11:e2:f9:50:
f3:20:70:31:da:50:8b:5f:7c:7e:ab:09:c6:ea:39:
52:87:a0:99:59:b5:83:41:c7:8d:4d:7b:6b:29:7b:
f2:cf:5f:31:4b:a9:d8:76:49:45:ec:44:6a:69:5d:
3c:4d:9f:91:3e:eb:4c:81:b5:97:8b:14:96:c0:35:
c1:ed:8a:b4:a2:f2:e9:bc:fb:54:e6:88:d5:11:8f:
08:8a:e4:96:5f:41:5f:7c:5e:d1:39:b0:bd:77:d2:
14:d7:45:e0:8b:0f:a3:df:8b:a3:a3:57:2b:83:41:
21:a7:f0:74:2a:ae:e6:72:75:0a:52:3a:8f:bc:c0:
ad:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:39:64:F9:64:88:67:98:0A:54:E0:CD:EE:FE:D5:85:83:FE:E6:18
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7B0271ECF2911EFB29AD87E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.86.0/23
Signature Algorithm: sha256WithRSAEncryption
51:9d:2b:bb:8a:73:f6:5c:7c:a2:e0:4e:a7:ce:37:d0:e2:59:
3b:2c:f3:fc:86:0b:e3:c1:76:27:4d:da:da:39:37:71:30:17:
8a:a8:9d:36:2f:d5:99:77:8c:34:c6:1e:0e:ed:4f:82:c8:27:
d3:13:80:82:75:0e:a4:d4:7d:59:d3:d1:e5:01:f2:f5:13:36:
46:ec:81:4a:a0:1b:d6:a3:72:a2:0a:fc:e0:ea:b4:28:5f:c8:
ff:7e:55:93:2a:a8:c4:ad:9a:78:96:21:fb:87:5c:1d:38:4d:
14:04:bd:c2:ff:0a:55:36:57:a3:af:3e:f5:50:71:a4:37:7f:
43:bd:c8:4e:cb:aa:e0:99:2b:2c:3b:42:8a:a0:0a:83:81:49:
e8:1b:15:77:52:6e:65:cc:72:71:90:32:85:d9:0b:6d:c1:bb:
d7:79:16:c0:de:f9:4e:a5:9d:0a:1d:6c:58:39:de:6f:62:66:
61:70:cb:31:72:96:41:b3:17:d0:84:a2:ea:29:3b:01:5a:8f:
5b:c6:6a:1e:5b:56:d0:65:8f:74:c0:cc:42:a3:4d:81:db:a0:
20:54:b3:f2:62:9e:fe:3a:0e:80:f0:a1:ca:69:f2:67:23:73:
a9:b5:d8:2c:83:14:31:20:99:89:2d:9d:74:7e:41:10:fd:07:
93:67:3c:3d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQUJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDgwNTI1WhcNMjUwMjE2MDgwNTI1WjAYMRYw
FAYDVQQDEw02NzgwZDRjOC1kM2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvA0hWq/AZU308Ia7UTlpXn9VTTts+/6vub5ZV9cb0iEeXV6N+JQfV99K
Q15wWD3AiteIB5h7dRVQvCVMWx0OiklBky/GVjdqCYCxOa3TBeuQUvG23gdgnQ2D
DuP6zyP5aZ8EkJszY4AYvCn2rkjNb3AENwbY8dqp3D62OHaeKOEd0RHi+VDzIHAx
2lCLX3x+qwnG6jlSh6CZWbWDQceNTXtrKXvyz18xS6nYdklF7ERqaV08TZ+RPutM
gbWXixSWwDXB7Yq0ovLpvPtU5ojVEY8IiuSWX0FffF7RObC9d9IU10Xgiw+j34uj
o1crg0Ehp/B0Kq7mcnUKUjqPvMCtOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKg5
ZPlkiGeYClTgze7+1YWD/uYYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BN0IwMjcxRUNGMjkxMUVGQjI5QUQ4N0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLc1WMA0GCSqGSIb3DQEBCwUA
A4IBAQBRnSu7inP2XHyi4E6nzjfQ4lk7LPP8hgvjwXYnTdraOTdxMBeKqJ02L9WZ
d4w0xh4O7U+CyCfTE4CCdQ6k1H1Z09HlAfL1EzZG7IFKoBvWo3KiCvzg6rQoX8j/
flWTKqjErZp4liH7h1wdOE0UBL3C/wpVNlejrz71UHGkN39DvchOy6rgmSssO0KK
oAqDgUnoGxV3Um5lzHJxkDKF2QttwbvXeRbA3vlOpZ0KHWxYOd5vYmZhcMsxcpZB
sxfQhKLqKTsBWo9bxmoeW1bQZY90wMxCo02B26AgVLPyYp7+Og6A8KHKafJnI3Op
tdgsgxQxIJmJLZ10fkEQ/QeTZzw9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:34 2025 by rpki-client