Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B6028BF0CADC11EF93840F8D762E951A.roa
File: B6028BF0CADC11EF93840F8D762E951A.roa (raw, json)
Hash identifier: hbsOpmaJigjMc7dxtS00TuXg6gKGa609Pb4SLVz5hoQ=
Subject key identifier: 12:FA:02:EA:93:0B:92:DB:D7:F4:82:1F:E3:7D:7D:C7:C5:F4:1E:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7A4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B6028BF0CADC11EF93840F8D762E951A.roa
Signing time: Sat 04 Jan 2025 20:44:37 +0000
ROA not before: Sun 05 Jan 2025 20:44:33 +0000
ROA not after: Sun 09 Feb 2025 20:44:33 +0000
asID: 137897
IP address blocks: 45.204.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63396 (0xf7a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 20:44:33 2025 GMT
Not After : Feb 9 20:44:33 2025 GMT
Subject: CN=67799db5-58ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c3:69:a9:21:68:2d:f6:d0:47:b8:e2:55:e8:
10:84:c7:9c:ed:e7:b0:f1:f1:4d:f7:26:b3:a3:90:
a0:56:0c:f3:bb:00:8b:44:45:52:32:4f:c7:75:48:
17:47:ad:ab:eb:7f:b3:9e:32:e0:b4:84:69:39:c7:
71:99:0e:3c:76:66:f9:c1:f9:2a:4f:2f:98:cf:be:
19:ae:6b:79:ef:26:85:fc:87:4f:16:82:29:59:00:
c0:cc:e3:d7:37:f4:3d:f6:e5:f9:16:24:f8:a7:b8:
b8:b6:e2:9a:0f:d8:d1:2f:ba:cb:1e:2f:41:98:6e:
b5:4a:9f:00:0b:bb:dc:9f:e0:f9:40:6c:3a:50:ed:
3c:22:f5:5e:b4:e5:73:92:50:f9:ec:c2:0a:96:fa:
58:65:8b:10:57:f4:07:37:78:bf:b9:36:15:05:eb:
b5:28:07:ff:6c:11:1e:3c:c1:33:f6:c5:69:88:6e:
58:f5:75:a2:9f:1e:bc:d7:1c:0b:12:63:ac:b9:ff:
43:72:ec:57:42:4b:1b:0b:8a:7b:54:01:43:ef:0d:
10:f4:53:b1:6a:36:bd:42:65:b4:7b:79:50:97:3e:
e6:17:f2:0c:61:10:b9:9c:28:1b:8d:b1:fa:46:7c:
44:32:98:15:13:35:db:69:65:83:0d:cb:79:4e:4e:
cf:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:FA:02:EA:93:0B:92:DB:D7:F4:82:1F:E3:7D:7D:C7:C5:F4:1E:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B6028BF0CADC11EF93840F8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.141.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:44:51:ec:c5:1b:9c:7d:7b:fa:46:af:0a:b2:bc:6b:07:e9:
ad:18:a8:6e:72:85:a3:38:2f:0f:42:2a:21:d2:df:72:5a:5d:
ac:2e:73:65:77:e6:bd:91:74:1a:5d:33:cf:53:da:85:bc:bd:
a4:36:f7:b7:93:b3:c7:ad:59:ea:3e:6c:a9:3e:01:47:9f:73:
a5:ed:68:e7:29:73:f1:9a:11:58:ee:fd:e1:98:72:2a:74:05:
ec:db:03:8e:c7:f9:04:45:db:b2:59:78:8c:57:36:df:13:9c:
f7:28:90:e4:fc:1a:33:f9:3a:13:9c:fd:7e:5a:6a:20:81:36:
eb:b4:59:67:36:38:e5:94:ea:88:8b:13:e9:7a:fc:7b:68:43:
b6:7a:58:6d:41:f5:36:5a:ee:68:c1:01:24:8d:1e:f9:4d:3e:
d0:e6:08:c0:ef:26:af:5f:81:c9:3f:af:7b:cb:0f:7b:d7:f8:
70:66:27:37:df:f3:29:e0:7e:1e:04:89:4a:5e:b4:de:83:61:
ed:1a:c0:9d:56:37:8d:81:82:7c:59:31:b2:ec:e1:ce:ce:95:
cf:60:8f:d2:97:77:6e:5a:cd:96:7a:b2:39:a9:73:b6:62:62:
45:3b:c1:ac:dd:18:fc:db:db:c6:d9:bc:5f:cb:7c:ad:70:3d:
25:1b:94:9c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPekMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjA0NDMzWhcNMjUwMjA5MjA0NDMzWjAYMRYw
FAYDVQQDEw02Nzc5OWRiNS01OGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArcNpqSFoLfbQR7jiVegQhMec7eew8fFN9yazo5CgVgzzuwCLREVSMk/H
dUgXR62r63+znjLgtIRpOcdxmQ48dmb5wfkqTy+Yz74Zrmt57yaF/IdPFoIpWQDA
zOPXN/Q99uX5FiT4p7i4tuKaD9jRL7rLHi9BmG61Sp8AC7vcn+D5QGw6UO08IvVe
tOVzklD57MIKlvpYZYsQV/QHN3i/uTYVBeu1KAf/bBEePMEz9sVpiG5Y9XWinx68
1xwLEmOsuf9DcuxXQksbC4p7VAFD7w0Q9FOxaja9QmW0e3lQlz7mF/IMYRC5nCgb
jbH6RnxEMpgVEzXbaWWDDct5Tk7PYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBL6
AuqTC5Lb1/SCH+N9fcfF9B6+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNjAyOEJGMENBREMxMUVGOTM4NDBGOEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcyNMA0GCSqGSIb3DQEBCwUA
A4IBAQClRFHsxRucfXv6Rq8KsrxrB+mtGKhucoWjOC8PQioh0t9yWl2sLnNld+a9
kXQaXTPPU9qFvL2kNve3k7PHrVnqPmypPgFHn3Ol7WjnKXPxmhFY7v3hmHIqdAXs
2wOOx/kERduyWXiMVzbfE5z3KJDk/Boz+ToTnP1+WmoggTbrtFlnNjjllOqIixPp
evx7aEO2elhtQfU2Wu5owQEkjR75TT7Q5gjA7yavX4HJP697yw971/hwZic33/Mp
4H4eBIlKXrTeg2HtGsCdVjeNgYJ8WTGy7OHOzpXPYI/Sl3duWs2WerI5qXO2YmJF
O8Gs3Rj829vG2bxfy3ytcD0lG5Sc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:34 2025 by rpki-client