Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C24D5098CBE511EF972CDDAA762E951A.roa
File: C24D5098CBE511EF972CDDAA762E951A.roa (raw, json)
Hash identifier: 8L4R+jBQtPQFgzU9XCAZNF6oSRmM3i9cqTjipzIEnhE=
Subject key identifier: CF:59:5C:D3:89:B2:03:5F:98:D8:B7:B7:DB:BB:48:7A:39:0A:A8:05
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F80E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C24D5098CBE511EF972CDDAA762E951A.roa
Signing time: Mon 06 Jan 2025 04:21:54 +0000
ROA not before: Mon 06 Jan 2025 04:21:50 +0000
ROA not after: Sat 08 Feb 2025 04:21:50 +0000
asID: 9304
IP address blocks: 45.204.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63502 (0xf80e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 04:21:50 2025 GMT
Not After : Feb 8 04:21:50 2025 GMT
Subject: CN=677b5a62-25cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:07:38:8c:d3:fe:df:c4:23:99:df:d1:08:cd:
3f:14:17:d6:98:20:28:eb:a5:2c:91:c1:90:07:75:
06:aa:b0:32:48:5c:95:11:21:07:75:bd:86:a9:0b:
ca:6d:aa:ff:eb:54:f9:f1:66:0e:5f:a7:4a:6d:fd:
cb:07:06:f1:ec:f7:37:59:c8:fa:5c:67:d5:97:e1:
ff:3e:8b:7e:e5:68:82:26:c2:5a:a1:4f:66:49:a7:
33:9d:a5:35:2f:7a:e5:1c:9c:9d:24:24:ee:16:72:
fb:72:8e:3c:e0:1a:e6:ac:a6:0b:41:79:b0:04:67:
df:e5:a5:ca:b9:2b:07:84:83:1e:02:53:57:04:88:
28:f8:e6:d1:1b:76:2b:6f:9b:39:fd:f8:88:ea:b2:
d8:71:e6:58:ad:7e:af:a9:20:f6:d8:6f:db:a5:df:
55:93:41:4c:c5:aa:52:88:0b:80:2d:fb:67:44:d3:
f3:73:e2:32:4c:d4:08:30:b3:33:4d:79:aa:b8:ba:
80:8d:52:c2:44:db:cf:cf:3d:a3:b0:eb:86:29:35:
58:bf:ef:b3:e9:1e:1a:29:51:58:85:ec:59:95:a6:
d2:50:97:38:d6:24:62:95:eb:fc:13:73:5e:b8:78:
89:88:28:6d:a1:76:53:8b:8b:a7:5a:1e:0f:32:2d:
9c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:59:5C:D3:89:B2:03:5F:98:D8:B7:B7:DB:BB:48:7A:39:0A:A8:05
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C24D5098CBE511EF972CDDAA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.142.0/24
Signature Algorithm: sha256WithRSAEncryption
52:8e:38:2e:cc:c7:23:a1:f1:22:04:39:39:31:11:56:e0:0a:
8e:47:f1:5f:17:d2:56:33:13:65:47:2c:8a:91:a1:65:d6:b1:
76:c2:81:6b:14:9b:7b:a0:c9:69:99:01:c2:30:19:f6:1a:6b:
18:80:d2:8b:1f:e7:c6:ac:ff:c7:76:27:90:77:ee:95:19:20:
e3:a5:55:07:d1:97:23:51:dc:58:4f:a6:94:31:36:33:5f:c5:
c1:2d:8e:60:1a:b3:ff:29:30:f6:44:26:0f:f0:8b:08:e3:8c:
f8:d2:ce:fe:5a:e2:f7:4d:e1:22:de:91:1b:9c:c9:fc:99:bb:
88:a6:92:d6:4d:de:ee:63:49:42:64:80:4f:4c:5d:f1:14:50:
d5:6c:6a:8b:6f:6c:aa:13:9b:24:54:e7:36:6e:13:3a:87:b7:
e3:c1:81:4f:16:0c:78:fb:88:a7:2a:bb:42:1f:b0:65:15:79:
7c:7b:e6:65:72:dc:ff:2c:70:16:a5:63:d0:3b:1a:65:95:c5:
87:d4:76:04:c7:2d:dc:e5:2f:ed:bb:82:cd:cb:32:1a:12:2b:
d4:08:bb:65:1b:cd:90:07:b0:b8:7e:fa:9b:a2:35:2b:a1:54:
2a:5b:35:1e:31:42:2c:25:b6:56:66:31:63:72:11:ab:d8:9a:
33:91:49:11
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPgOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDQyMTUwWhcNMjUwMjA4MDQyMTUwWjAYMRYw
FAYDVQQDEw02NzdiNWE2Mi0yNWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArAc4jNP+38Qjmd/RCM0/FBfWmCAo66UskcGQB3UGqrAySFyVESEHdb2G
qQvKbar/61T58WYOX6dKbf3LBwbx7Pc3Wcj6XGfVl+H/Pot+5WiCJsJaoU9mSacz
naU1L3rlHJydJCTuFnL7co484BrmrKYLQXmwBGff5aXKuSsHhIMeAlNXBIgo+ObR
G3Yrb5s5/fiI6rLYceZYrX6vqSD22G/bpd9Vk0FMxapSiAuALftnRNPzc+IyTNQI
MLMzTXmquLqAjVLCRNvPzz2jsOuGKTVYv++z6R4aKVFYhexZlabSUJc41iRilev8
E3NeuHiJiChtoXZTi4unWh4PMi2cXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM9Z
XNOJsgNfmNi3t9u7SHo5CqgFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMjRENTA5OENCRTUxMUVGOTcyQ0REQUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcyOMA0GCSqGSIb3DQEBCwUA
A4IBAQBSjjguzMcjofEiBDk5MRFW4AqOR/FfF9JWMxNlRyyKkaFl1rF2woFrFJt7
oMlpmQHCMBn2GmsYgNKLH+fGrP/HdieQd+6VGSDjpVUH0ZcjUdxYT6aUMTYzX8XB
LY5gGrP/KTD2RCYP8IsI44z40s7+WuL3TeEi3pEbnMn8mbuIppLWTd7uY0lCZIBP
TF3xFFDVbGqLb2yqE5skVOc2bhM6h7fjwYFPFgx4+4inKrtCH7BlFXl8e+Zlctz/
LHAWpWPQOxpllcWH1HYExy3c5S/tu4LNyzIaEivUCLtlG82QB7C4fvqbojUroVQq
WzUeMUIsJbZWZjFjchGr2JozkUkR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:53 2025 by rpki-client