Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C95BC9F4D0BE11EF9CFA3C76762E951A.roa
File: C95BC9F4D0BE11EF9CFA3C76762E951A.roa (raw, json)
Hash identifier: reRYwAmVr2czU5IA1sorC3VltDLkBF2crWnUBJDN4Wg=
Subject key identifier: CC:2F:E5:9B:7A:AF:0C:46:A3:CF:2B:B7:70:66:E7:CB:93:4F:B8:77
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01062B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C95BC9F4D0BE11EF9CFA3C76762E951A.roa
Signing time: Sun 12 Jan 2025 08:25:31 +0000
ROA not before: Sun 12 Jan 2025 08:25:28 +0000
ROA not after: Fri 14 Feb 2025 08:25:28 +0000
asID: 137899
IP address blocks: 45.192.104.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67115 (0x1062b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 12 08:25:28 2025 GMT
Not After : Feb 14 08:25:28 2025 GMT
Subject: CN=67837c7b-2d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d0:ff:d4:6c:18:bc:d1:6e:20:73:81:8d:44:
d6:58:9a:20:64:48:c1:28:54:23:9b:66:8b:b1:b6:
30:ce:18:d7:01:d7:9e:b1:75:d7:55:78:89:94:73:
36:44:db:39:1d:e3:58:31:a0:08:e5:90:c7:b9:10:
04:42:14:82:2c:80:95:b0:7a:8b:8f:b0:24:60:23:
5b:62:9e:c7:29:42:e1:d1:d6:d4:e9:95:59:91:25:
06:ca:43:34:46:3f:73:32:7f:68:95:91:a2:38:d0:
b4:24:4c:86:ab:53:91:00:c0:b5:b2:95:b9:66:ef:
83:61:2b:18:4a:ed:f4:c2:dc:a2:95:af:98:3b:97:
f7:2a:5e:fb:35:cf:67:9f:d1:4a:93:02:c6:b3:81:
d1:8a:16:16:4e:e8:f3:7b:a9:35:0b:0c:c8:ab:d7:
15:2a:cb:6f:3b:2d:72:35:c1:79:da:b8:4e:9d:89:
21:80:f7:e2:67:90:c9:10:c2:57:2e:cd:80:79:d0:
ea:ba:82:f6:81:ce:69:95:c1:93:62:86:80:b0:f5:
2c:c8:db:4f:ee:70:20:b5:69:83:45:c6:01:d2:e4:
ca:fb:ed:72:5c:c9:9d:74:37:84:2a:eb:36:39:f4:
6a:a4:8e:0d:55:b6:1f:c7:5a:f6:e4:dc:df:8d:56:
69:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:2F:E5:9B:7A:AF:0C:46:A3:CF:2B:B7:70:66:E7:CB:93:4F:B8:77
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C95BC9F4D0BE11EF9CFA3C76762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.104.0/22
Signature Algorithm: sha256WithRSAEncryption
25:0d:a1:b2:4e:55:00:67:31:62:df:e2:f4:f3:0f:0d:25:ff:
92:d7:fa:60:00:dd:8e:0e:32:e9:0e:39:4e:ed:c3:a9:9e:5a:
55:10:b7:85:c1:dc:89:f7:c0:62:ce:76:c9:af:47:dd:6e:0d:
be:ce:f8:a8:3c:4c:7e:0b:0b:b8:1f:27:82:d2:95:99:66:45:
9b:2b:59:69:c0:cc:d9:44:d4:52:0e:d9:7a:2f:8d:3b:ed:1d:
20:72:3e:d1:43:fd:01:77:d0:6e:53:f7:33:20:3d:74:6b:fe:
46:6c:8e:7d:e9:60:f5:12:fc:56:2a:14:59:1a:f0:82:ec:83:
76:d3:52:f0:ea:c1:74:68:89:e8:02:e7:38:0b:27:d1:f9:d7:
86:9a:ce:23:27:a2:b3:5b:b1:1e:ec:c8:cc:b8:65:e1:62:79:
a0:eb:ae:f2:34:ff:e1:ad:a2:02:cd:ff:29:d0:6a:1d:95:d0:
b9:81:8c:cf:a9:7f:a6:9c:c4:99:0f:ec:5d:50:7f:3e:bb:d4:
ec:98:a5:a0:6e:1b:46:42:41:24:9f:e1:2f:da:e6:28:86:43:
20:c8:34:a5:c2:f9:36:b3:c8:0b:78:bd:61:87:8c:f1:5a:25:
f5:11:00:79:62:25:a0:5b:d2:bc:66:94:a8:d7:06:e6:05:34:
a5:20:01:09
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQYrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEyMDgyNTI4WhcNMjUwMjE0MDgyNTI4WjAYMRYw
FAYDVQQDEw02NzgzN2M3Yi0yZDhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq9D/1GwYvNFuIHOBjUTWWJogZEjBKFQjm2aLsbYwzhjXAdeesXXXVXiJ
lHM2RNs5HeNYMaAI5ZDHuRAEQhSCLICVsHqLj7AkYCNbYp7HKULh0dbU6ZVZkSUG
ykM0Rj9zMn9olZGiONC0JEyGq1ORAMC1spW5Zu+DYSsYSu30wtyila+YO5f3Kl77
Nc9nn9FKkwLGs4HRihYWTujze6k1CwzIq9cVKstvOy1yNcF52rhOnYkhgPfiZ5DJ
EMJXLs2AedDquoL2gc5plcGTYoaAsPUsyNtP7nAgtWmDRcYB0uTK++1yXMmddDeE
Kus2OfRqpI4NVbYfx1r25NzfjVZpqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMwv
5Zt6rwxGo88rt3Bm58uTT7h3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOTVCQzlGNEQwQkUxMUVGOUNGQTNDNzY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcBoMA0GCSqGSIb3DQEBCwUA
A4IBAQAlDaGyTlUAZzFi3+L08w8NJf+S1/pgAN2ODjLpDjlO7cOpnlpVELeFwdyJ
98BiznbJr0fdbg2+zvioPEx+Cwu4HyeC0pWZZkWbK1lpwMzZRNRSDtl6L4077R0g
cj7RQ/0Bd9BuU/czID10a/5GbI596WD1EvxWKhRZGvCC7IN201Lw6sF0aInoAuc4
CyfR+deGms4jJ6KzW7Ee7MjMuGXhYnmg667yNP/hraICzf8p0GodldC5gYzPqX+m
nMSZD+xdUH8+u9TsmKWgbhtGQkEkn+Ev2uYohkMgyDSlwvk2s8gLeL1hh4zxWiX1
EQB5YiWgW9K8ZpSo1wbmBTSlIAEJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:28 2025 by rpki-client