Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B750849CCDD111EFA7DF5969762E951A.roa
File: B750849CCDD111EFA7DF5969762E951A.roa (raw, json)
Hash identifier: lj0CO+ObtB9F+I/DT59dA1P2lX7hwWSlf+iu85wjtsY=
Subject key identifier: 02:D1:D7:CF:1D:84:14:5A:DE:20:D8:7C:0D:7F:54:AF:6B:89:D1:10
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01020E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B750849CCDD111EFA7DF5969762E951A.roa
Signing time: Wed 08 Jan 2025 15:03:28 +0000
ROA not before: Wed 08 Jan 2025 15:03:24 +0000
ROA not after: Sat 03 Jan 2026 15:03:24 +0000
asID: 984
IP address blocks: 45.197.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66062 (0x1020e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 15:03:24 2025 GMT
Not After : Jan 3 15:03:24 2026 GMT
Subject: CN=677e93c0-c11f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:54:be:50:32:7f:70:15:af:bc:43:84:a0:81:
c8:61:33:69:b3:f1:38:cb:d2:f0:6e:f8:63:b7:91:
d0:e7:bb:3f:7f:bf:a4:88:05:6a:e8:bd:96:2c:07:
f6:d8:8a:02:96:a4:6c:1b:22:00:36:a0:83:a7:a6:
45:08:d3:f2:c9:6f:1b:ae:5a:b1:a8:16:06:89:d7:
c1:e6:f8:f4:c6:86:77:b8:bd:b0:75:31:dc:59:a1:
b0:40:3c:b2:75:dd:2e:05:7d:2d:6f:3b:7c:c7:5d:
6e:7d:e5:ac:f0:df:2b:e5:ff:56:9d:3e:ac:e7:39:
fd:39:60:e7:4a:04:87:1c:1b:91:e5:a4:16:b3:1f:
25:1a:57:c3:0c:d3:7a:ad:fc:2b:07:00:2e:c8:5c:
39:bd:e6:81:50:9c:29:e7:ad:99:0c:8e:d7:68:7f:
c4:17:6b:5f:6f:6f:2d:a2:74:4d:ed:6a:d0:92:ac:
cd:77:07:96:07:57:37:cc:5f:a1:8f:17:da:4b:7b:
d6:51:4a:51:27:0a:56:8b:e1:9b:e8:1d:c3:6f:c3:
76:b1:c9:95:8f:4f:19:26:df:15:d3:f2:9a:d1:6e:
55:ad:26:f1:5e:11:08:4e:be:21:b1:ee:e8:e5:52:
5c:62:bf:56:a8:4f:6c:4c:c0:43:df:66:7e:54:5c:
e4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D1:D7:CF:1D:84:14:5A:DE:20:D8:7C:0D:7F:54:AF:6B:89:D1:10
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B750849CCDD111EFA7DF5969762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.137.0/24
Signature Algorithm: sha256WithRSAEncryption
77:a3:fb:ad:65:7a:07:33:15:56:a5:e8:68:0d:0a:33:6d:b1:
ad:b0:6d:97:08:ba:e0:88:cd:ee:f8:8c:d6:f3:70:67:f5:18:
34:7d:c5:8b:e6:d0:b7:04:0e:13:9d:7f:69:2f:38:d6:99:23:
c1:95:05:17:f8:c5:ec:2a:70:df:42:5f:ea:77:37:8c:a9:42:
f0:f2:56:cc:10:0a:35:11:40:bd:c7:d6:86:68:60:ac:1a:09:
8d:1c:59:a9:e8:72:0f:da:96:b8:79:2d:54:31:fc:85:78:1a:
8a:76:95:26:72:4a:71:66:06:dc:07:35:2e:1f:ea:91:0d:64:
fe:ce:6c:d5:5b:3e:b0:ea:69:5a:a4:e4:2e:0f:25:8c:1a:36:
ed:df:46:db:b0:f4:63:fa:ed:99:06:7a:f1:cb:8e:1c:09:13:
85:6f:a9:46:0a:0f:73:ed:4c:85:e1:60:cf:94:5d:8d:aa:ef:
b8:49:1c:92:a8:4d:81:c4:09:21:24:8b:3a:23:12:f6:67:bd:
4d:d6:8e:24:54:62:69:a2:e4:c6:7b:a4:a7:3c:bf:e3:c7:00:
c3:c2:3e:19:8c:3c:6c:89:16:b5:8d:05:b0:82:fc:cd:b9:70:
dd:1e:29:90:0c:70:7d:a6:a7:54:31:21:ef:a3:69:9b:c9:60:
6b:ee:24:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQIOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTUwMzI0WhcNMjYwMTAzMTUwMzI0WjAYMRYw
FAYDVQQDEw02NzdlOTNjMC1jMTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAslS+UDJ/cBWvvEOEoIHIYTNps/E4y9Lwbvhjt5HQ57s/f7+kiAVq6L2W
LAf22IoClqRsGyIANqCDp6ZFCNPyyW8brlqxqBYGidfB5vj0xoZ3uL2wdTHcWaGw
QDyydd0uBX0tbzt8x11ufeWs8N8r5f9WnT6s5zn9OWDnSgSHHBuR5aQWsx8lGlfD
DNN6rfwrBwAuyFw5veaBUJwp562ZDI7XaH/EF2tfb28tonRN7WrQkqzNdweWB1c3
zF+hjxfaS3vWUUpRJwpWi+Gb6B3Db8N2scmVj08ZJt8V0/Ka0W5VrSbxXhEITr4h
se7o5VJcYr9WqE9sTMBD32Z+VFzk+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFALR
188dhBRa3iDYfA1/VK9ridEQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNzUwODQ5Q0NERDExMUVGQTdERjU5Njk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcWJMA0GCSqGSIb3DQEBCwUA
A4IBAQB3o/utZXoHMxVWpehoDQozbbGtsG2XCLrgiM3u+IzW83Bn9Rg0fcWL5tC3
BA4TnX9pLzjWmSPBlQUX+MXsKnDfQl/qdzeMqULw8lbMEAo1EUC9x9aGaGCsGgmN
HFmp6HIP2pa4eS1UMfyFeBqKdpUmckpxZgbcBzUuH+qRDWT+zmzVWz6w6mlapOQu
DyWMGjbt30bbsPRj+u2ZBnrxy44cCROFb6lGCg9z7UyF4WDPlF2Nqu+4SRySqE2B
xAkhJIs6IxL2Z71N1o4kVGJpouTGe6SnPL/jxwDDwj4ZjDxsiRa1jQWwgvzNuXDd
HimQDHB9pqdUMSHvo2mbyWBr7iS6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:11 2025 by rpki-client