Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C687DA46CCD711EFB527F2AA762E951A.roa
File: C687DA46CCD711EFB527F2AA762E951A.roa (raw, json)
Hash identifier: jXG/QpnQkIx67qMqahneYrDEq8h5BLFoVmYqGLX2rLs=
Subject key identifier: 2A:BD:AC:54:0B:86:F0:95:38:26:01:7F:FA:11:B6:5C:CC:87:FB:45
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB1B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C687DA46CCD711EFB527F2AA762E951A.roa
Signing time: Tue 07 Jan 2025 09:14:19 +0000
ROA not before: Tue 07 Jan 2025 09:14:16 +0000
ROA not after: Tue 11 Feb 2025 09:14:16 +0000
asID: 141718
IP address blocks: 45.194.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64283 (0xfb1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:14:16 2025 GMT
Not After : Feb 11 09:14:16 2025 GMT
Subject: CN=677cf06b-e58f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:25:5f:48:6c:9f:8d:7a:26:d3:9b:c1:53:c5:
36:cd:b0:32:3d:4d:d3:cd:01:45:f9:09:39:0c:52:
d3:27:93:4b:f7:91:63:a5:fc:d9:c0:fb:0f:bb:24:
c3:94:67:be:d1:a9:0c:6b:12:97:a8:61:76:cd:2c:
fd:97:69:19:a3:40:ba:cc:4b:c9:2f:91:6c:26:49:
0b:1a:93:51:57:f8:76:33:a4:95:32:6d:47:cb:5e:
4c:4b:e4:59:f8:08:7b:78:64:92:1e:5e:be:00:11:
d3:6b:e3:a8:c4:26:a6:35:6b:ed:1d:0b:48:5a:3e:
f8:d4:f0:db:c8:bf:fd:b7:9d:47:10:d8:63:c3:e8:
27:c4:a9:5f:73:3f:8f:a4:45:7b:ae:28:46:ab:c4:
eb:61:73:47:22:0e:da:1e:3c:d9:e4:c8:0b:e4:6d:
76:e3:25:cf:dd:11:f1:f6:af:9d:0a:a0:40:e0:a1:
df:04:0b:0a:ff:f0:86:89:3f:43:e7:65:ba:4a:9d:
21:a2:22:b4:cb:e5:86:e7:2e:3b:a6:a4:73:0a:c2:
da:92:9f:2f:67:4b:dd:bb:2b:54:96:f3:b1:82:67:
de:4d:11:c0:9a:59:0a:3c:e1:8f:50:9a:dc:e5:dc:
bd:cb:10:30:93:74:8d:a8:75:4f:ff:b8:83:f4:1b:
c6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BD:AC:54:0B:86:F0:95:38:26:01:7F:FA:11:B6:5C:CC:87:FB:45
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C687DA46CCD711EFB527F2AA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.86.0/24
Signature Algorithm: sha256WithRSAEncryption
02:fb:1c:03:e3:2a:10:45:a7:70:4a:7d:ae:ba:7f:29:10:a6:
05:06:c4:3e:2e:94:d7:5c:64:3d:68:45:c4:3a:28:1b:1c:38:
2f:35:4f:8a:3b:a5:7c:3f:67:96:41:d6:01:3d:0f:b0:94:52:
da:f6:16:9a:7b:d9:17:0b:47:9e:2e:2c:05:e0:ea:39:75:cb:
a3:80:ec:5f:a3:5f:3b:7e:a2:f9:ba:f0:6a:58:d7:8b:3e:73:
7b:fe:57:6b:25:ae:99:d5:1f:7c:82:cc:fe:9a:9f:08:18:91:
bb:e9:6f:d9:ab:2e:62:ee:07:28:b2:c4:7a:27:71:49:6d:8d:
42:d9:59:b4:2a:5c:d4:90:01:04:7a:1e:e7:0f:f3:a6:2c:2b:
92:42:45:49:06:b1:77:90:79:8a:ce:2c:f9:27:9e:52:d1:7e:
4b:27:82:10:9e:b6:91:44:00:fb:50:b6:65:25:04:30:2f:41:
42:c8:87:6f:c6:38:aa:92:50:5f:75:63:03:ab:96:cf:5b:a4:
2d:f2:2a:be:30:25:49:7d:b1:42:1e:e0:3a:4d:ad:52:d7:05:
96:44:1d:eb:ae:87:df:55:76:ff:e6:a5:be:a1:90:79:82:dc:
5c:0a:e8:3d:e2:78:54:dc:47:3f:7d:55:36:40:a1:6f:db:7e:
50:72:52:f8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPsbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkxNDE2WhcNMjUwMjExMDkxNDE2WjAYMRYw
FAYDVQQDEw02NzdjZjA2Yi1lNThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuSVfSGyfjXom05vBU8U2zbAyPU3TzQFF+Qk5DFLTJ5NL95FjpfzZwPsP
uyTDlGe+0akMaxKXqGF2zSz9l2kZo0C6zEvJL5FsJkkLGpNRV/h2M6SVMm1Hy15M
S+RZ+Ah7eGSSHl6+ABHTa+OoxCamNWvtHQtIWj741PDbyL/9t51HENhjw+gnxKlf
cz+PpEV7rihGq8TrYXNHIg7aHjzZ5MgL5G124yXP3RHx9q+dCqBA4KHfBAsK//CG
iT9D52W6Sp0hoiK0y+WG5y47pqRzCsLakp8vZ0vduytUlvOxgmfeTRHAmlkKPOGP
UJrc5dy9yxAwk3SNqHVP/7iD9BvGBwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCq9
rFQLhvCVOCYBf/oRtlzMh/tFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNjg3REE0NkNDRDcxMUVGQjUyN0YyQUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcJWMA0GCSqGSIb3DQEBCwUA
A4IBAQAC+xwD4yoQRadwSn2uun8pEKYFBsQ+LpTXXGQ9aEXEOigbHDgvNU+KO6V8
P2eWQdYBPQ+wlFLa9haae9kXC0eeLiwF4Oo5dcujgOxfo187fqL5uvBqWNeLPnN7
/ldrJa6Z1R98gsz+mp8IGJG76W/Zqy5i7gcossR6J3FJbY1C2Vm0KlzUkAEEeh7n
D/OmLCuSQkVJBrF3kHmKziz5J55S0X5LJ4IQnraRRAD7ULZlJQQwL0FCyIdvxjiq
klBfdWMDq5bPW6Qt8iq+MCVJfbFCHuA6Ta1S1wWWRB3rroffVXb/5qW+oZB5gtxc
Cug94nhU3Ec/fVU2QKFv235QclL4
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:11 2025 by rpki-client