Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE05D6F2CDCD11EF89089F4F762E951A.roa
File: AE05D6F2CDCD11EF89089F4F762E951A.roa (raw, json)
Hash identifier: wusnbobM8kRGESbewZmILFscV68h8c/NswcfH9CS658=
Subject key identifier: 6C:7C:00:2B:79:8E:6A:57:9E:E8:81:F2:62:25:49:04:F5:E6:B7:13
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101F0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE05D6F2CDCD11EF89089F4F762E951A.roa
Signing time: Wed 08 Jan 2025 14:34:34 +0000
ROA not before: Wed 08 Jan 2025 14:34:31 +0000
ROA not after: Sat 03 Jan 2026 14:34:31 +0000
asID: 984
IP address blocks: 45.195.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66032 (0x101f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:34:31 2025 GMT
Not After : Jan 3 14:34:31 2026 GMT
Subject: CN=677e8cfa-45da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d5:78:6c:7b:0a:78:63:18:8e:1b:12:dd:96:
62:cb:cf:a1:b1:76:01:3a:d8:98:4b:e4:51:fe:82:
fc:12:61:58:4a:0e:94:7a:e7:9d:d8:df:06:89:19:
50:19:31:3b:bd:f7:ca:e4:37:77:05:8b:a4:f8:3a:
0a:d2:03:a7:fa:60:ef:9b:af:97:9e:07:34:fe:de:
a9:7e:7c:41:ed:32:bd:26:06:bc:51:f4:66:3c:3e:
aa:62:82:3e:8a:0a:07:d8:77:03:ba:ea:5a:f2:c5:
05:28:f2:ed:15:7a:c4:ff:13:56:0a:76:7e:b4:db:
5e:fc:5c:5b:60:c8:fc:5e:5d:76:cf:5d:59:cc:f4:
d6:37:34:44:72:33:da:07:8a:7a:de:d9:33:67:d1:
f2:c4:ed:40:ef:f9:9f:83:d7:4a:0a:08:64:a2:26:
13:08:ad:d6:fa:96:17:0e:f7:90:57:56:71:f9:ad:
f3:48:e9:c1:60:c9:79:7b:47:e4:a5:04:47:4b:76:
a0:f2:14:d9:51:cc:2c:35:46:a1:75:88:d6:5c:b5:
76:7b:be:eb:4e:d8:00:ab:94:a9:bc:7b:45:92:ee:
bd:b4:42:fb:15:f9:ee:26:41:5f:8e:8f:67:39:81:
15:68:d5:4d:d0:5d:94:66:e4:b3:75:96:97:d7:b6:
07:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7C:00:2B:79:8E:6A:57:9E:E8:81:F2:62:25:49:04:F5:E6:B7:13
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE05D6F2CDCD11EF89089F4F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.229.0/24
Signature Algorithm: sha256WithRSAEncryption
06:fe:28:f0:e0:0e:bb:8a:54:45:96:27:96:26:4c:8e:00:15:
2a:02:36:c7:3d:07:72:fc:c3:6d:d0:ae:7c:87:25:85:ac:7e:
85:f4:2b:36:10:23:61:98:b0:cb:bb:92:1f:04:b5:ae:be:56:
4c:6c:08:ad:af:25:4f:13:be:fe:72:a1:26:be:b7:b3:0c:d1:
df:a0:10:5e:72:9e:f8:4a:d9:02:1c:19:d2:11:ca:94:b1:12:
68:78:4a:13:9d:63:f5:47:6c:d0:07:87:ae:e3:7b:5b:75:dd:
41:1b:85:af:ce:08:b9:be:46:67:b3:09:d6:9c:37:51:79:ca:
14:86:ea:b1:90:99:92:c2:c0:b7:62:24:aa:76:19:48:13:27:
08:8d:ce:69:79:bf:45:29:0d:24:11:98:82:53:f5:7b:03:28:
80:59:26:7f:58:77:bc:bc:fb:f9:5d:4d:9f:19:13:0e:52:65:
9f:eb:0f:ab:80:3b:08:da:e5:51:69:0e:bd:c6:80:2b:30:f8:
d2:81:61:2b:a2:a9:63:df:2a:13:07:1d:fa:89:e9:cb:b1:ff:
9d:05:4f:70:96:f9:53:5b:e4:40:e2:e0:6d:2e:d3:c8:e5:78:
fb:ef:59:c6:d9:b3:f1:e5:cc:b7:f4:23:f5:a1:96:03:d1:fa:
98:17:76:11
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQHwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQzNDMxWhcNMjYwMTAzMTQzNDMxWjAYMRYw
FAYDVQQDEw02NzdlOGNmYS00NWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAntV4bHsKeGMYjhsS3ZZiy8+hsXYBOtiYS+RR/oL8EmFYSg6Ueued2N8G
iRlQGTE7vffK5Dd3BYuk+DoK0gOn+mDvm6+Xngc0/t6pfnxB7TK9Jga8UfRmPD6q
YoI+igoH2HcDuupa8sUFKPLtFXrE/xNWCnZ+tNte/FxbYMj8Xl12z11ZzPTWNzRE
cjPaB4p63tkzZ9HyxO1A7/mfg9dKCghkoiYTCK3W+pYXDveQV1Zx+a3zSOnBYMl5
e0fkpQRHS3ag8hTZUcwsNUahdYjWXLV2e77rTtgAq5SpvHtFku69tEL7FfnuJkFf
jo9nOYEVaNVN0F2UZuSzdZaX17YHIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGx8
ACt5jmpXnuiB8mIlSQT15rcTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRTA1RDZGMkNEQ0QxMUVGODkwODlGNEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcPlMA0GCSqGSIb3DQEBCwUA
A4IBAQAG/ijw4A67ilRFlieWJkyOABUqAjbHPQdy/MNt0K58hyWFrH6F9Cs2ECNh
mLDLu5IfBLWuvlZMbAitryVPE77+cqEmvrezDNHfoBBecp74StkCHBnSEcqUsRJo
eEoTnWP1R2zQB4eu43tbdd1BG4Wvzgi5vkZnswnWnDdRecoUhuqxkJmSwsC3YiSq
dhlIEycIjc5peb9FKQ0kEZiCU/V7AyiAWSZ/WHe8vPv5XU2fGRMOUmWf6w+rgDsI
2uVRaQ69xoArMPjSgWEroqlj3yoTBx36ienLsf+dBU9wlvlTW+RA4uBtLtPI5Xj7
71nG2bPx5cy39CP1oZYD0fqYF3YR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:49 2025 by rpki-client