Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEC2E7C2CDCE11EFAEA64A56762E951A.roa
File: BEC2E7C2CDCE11EFAEA64A56762E951A.roa (raw, json)
Hash identifier: f9eFOOCT0LfOnTszxKR+Mas09Yq1F1ALcUutjyzNObk=
Subject key identifier: 58:48:E7:9E:3D:42:22:08:15:C9:76:8C:40:34:68:87:87:D7:76:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101F8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEC2E7C2CDCE11EFAEA64A56762E951A.roa
Signing time: Wed 08 Jan 2025 14:42:12 +0000
ROA not before: Wed 08 Jan 2025 14:42:08 +0000
ROA not after: Mon 03 Jan 2028 14:42:08 +0000
asID: 17561
IP address blocks: 45.196.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66040 (0x101f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:42:08 2025 GMT
Not After : Jan 3 14:42:08 2028 GMT
Subject: CN=677e8ec4-406e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:14:ba:82:34:0a:0f:44:61:a7:13:f0:7b:cf:
68:1b:7d:e1:77:2b:fe:64:c7:0c:a9:3b:e7:b0:25:
2e:cf:61:54:fc:dd:ef:60:60:a9:a7:1b:cc:ec:89:
d1:d3:29:a6:01:1d:96:67:7a:2e:74:d9:27:99:1d:
b7:64:3a:14:dc:51:43:64:78:9d:98:cb:cf:d4:7d:
a7:48:a1:af:c5:cb:dd:8f:a4:3e:f0:e0:b6:91:90:
3b:7d:04:41:8f:53:5d:e5:1e:bc:08:00:c9:66:0d:
7e:ab:7d:47:09:8f:a2:27:4f:e6:cf:b8:2e:14:8f:
dd:1f:de:45:80:4b:1c:a2:f9:4d:1a:f5:89:e3:02:
bf:9f:96:e4:56:fa:4e:f3:aa:fe:82:45:bf:6e:ec:
d9:f7:1a:3a:ed:97:32:74:c7:53:f0:34:d2:59:64:
67:29:e4:3f:a8:1e:6d:2d:32:c2:12:a4:36:a6:5c:
39:31:75:21:28:25:88:5f:8c:1c:03:6f:77:16:fa:
b4:f4:d7:7e:05:22:3e:26:73:b6:ee:20:b8:51:6a:
89:37:ae:35:dd:a9:44:10:e9:11:c7:e9:bf:08:86:
ce:d8:01:f5:5a:da:66:27:34:b1:2d:12:26:b0:f0:
c1:85:a5:9d:15:c8:d2:5c:81:63:76:14:de:4b:23:
f9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:48:E7:9E:3D:42:22:08:15:C9:76:8C:40:34:68:87:87:D7:76:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEC2E7C2CDCE11EFAEA64A56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.197.0/24
Signature Algorithm: sha256WithRSAEncryption
41:fa:82:21:c7:04:d9:4f:14:8b:8d:e7:18:d4:a7:c2:8c:62:
a2:47:59:a0:60:60:90:55:fb:ef:43:19:b6:80:ad:d6:94:95:
9a:3d:de:d7:34:5f:f3:d9:97:9f:0f:65:e3:04:76:00:8f:5d:
a7:ba:a9:4d:88:d7:e3:51:9d:c1:dc:18:b8:f9:95:d1:b0:af:
4c:f6:f7:03:c2:ba:53:c8:84:57:5d:0d:64:99:00:4d:fb:b8:
dd:0b:17:59:60:13:25:63:12:2a:75:31:ac:b0:a9:a4:2f:d3:
ec:6a:42:4f:c4:42:c7:67:1f:df:e9:47:68:03:80:61:df:0c:
54:d6:ff:42:b6:02:54:2f:8a:81:7b:47:0c:df:5c:28:f8:2e:
c9:0c:36:15:af:3b:93:bb:26:3e:6e:d1:27:04:88:c4:a8:25:
67:b3:bc:f8:4f:aa:fa:47:a6:d8:50:d4:1b:9a:0f:3c:e4:97:
02:ff:b3:ed:13:05:fd:d6:3f:6f:14:dc:50:40:57:93:d9:6d:
4c:ec:6f:f3:d1:4b:d4:80:83:00:ae:c4:f7:d8:03:1e:09:49:
d9:b3:bb:0b:f3:08:28:b7:9e:74:82:35:b0:f8:fa:fe:37:8c:
91:3a:f9:3f:89:8d:b9:df:cc:65:13:08:bb:7c:ba:4d:12:d1:
17:e5:72:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQH4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQ0MjA4WhcNMjgwMTAzMTQ0MjA4WjAYMRYw
FAYDVQQDEw02NzdlOGVjNC00MDZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwhS6gjQKD0RhpxPwe89oG33hdyv+ZMcMqTvnsCUuz2FU/N3vYGCppxvM
7InR0ymmAR2WZ3oudNknmR23ZDoU3FFDZHidmMvP1H2nSKGvxcvdj6Q+8OC2kZA7
fQRBj1Nd5R68CADJZg1+q31HCY+iJ0/mz7guFI/dH95FgEscovlNGvWJ4wK/n5bk
VvpO86r+gkW/buzZ9xo67ZcydMdT8DTSWWRnKeQ/qB5tLTLCEqQ2plw5MXUhKCWI
X4wcA293Fvq09Nd+BSI+JnO27iC4UWqJN6413alEEOkRx+m/CIbO2AH1WtpmJzSx
LRImsPDBhaWdFcjSXIFjdhTeSyP5bwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFhI
5549QiIIFcl2jEA0aIeH13bdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRUMyRTdDMkNEQ0UxMUVGQUVBNjRBNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTFMA0GCSqGSIb3DQEBCwUA
A4IBAQBB+oIhxwTZTxSLjecY1KfCjGKiR1mgYGCQVfvvQxm2gK3WlJWaPd7XNF/z
2ZefD2XjBHYAj12nuqlNiNfjUZ3B3Bi4+ZXRsK9M9vcDwrpTyIRXXQ1kmQBN+7jd
CxdZYBMlYxIqdTGssKmkL9PsakJPxELHZx/f6UdoA4Bh3wxU1v9CtgJUL4qBe0cM
31wo+C7JDDYVrzuTuyY+btEnBIjEqCVns7z4T6r6R6bYUNQbmg885JcC/7PtEwX9
1j9vFNxQQFeT2W1M7G/z0UvUgIMArsT32AMeCUnZs7sL8wgot550gjWw+Pr+N4yR
Ovk/iY2538xlEwi7fLpNEtEX5XJ/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:57 2025 by rpki-client