Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9A7B2B2CFF911EF8B813EA8762E951A.roa
File: C9A7B2B2CFF911EF8B813EA8762E951A.roa (raw, json)
Hash identifier: 5filN2BWbVsQCPNgp8nGVBdGSKpUyMWzoHMDPzM+GQk=
Subject key identifier: 66:E4:55:EE:C1:4B:F9:75:18:17:EB:78:7E:A6:79:D7:0E:0C:13:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010580
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9A7B2B2CFF911EF8B813EA8762E951A.roa
Signing time: Sat 11 Jan 2025 08:55:21 +0000
ROA not before: Sat 11 Jan 2025 08:55:17 +0000
ROA not after: Sat 15 Feb 2025 08:55:17 +0000
asID: 10103
IP address blocks: 45.196.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66944 (0x10580)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 08:55:17 2025 GMT
Not After : Feb 15 08:55:17 2025 GMT
Subject: CN=678231f9-6a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e2:06:08:57:e6:85:4b:50:76:14:34:a5:8e:
b4:c8:5d:86:fc:31:64:35:f3:3b:74:61:24:99:b4:
89:21:a3:a0:f5:c1:a3:69:c2:5a:a4:02:32:30:42:
0b:20:3e:de:0f:97:42:c4:4c:b9:a0:f6:e2:78:a9:
ea:c2:59:97:2a:05:dc:1d:02:95:c8:96:dd:a8:b8:
41:d2:51:a9:ee:e8:2a:7c:b1:22:56:84:60:d1:12:
97:0d:62:0f:cd:72:4c:2f:17:aa:b6:cd:52:46:e1:
36:3c:ed:64:a3:2f:2f:e6:e8:57:37:11:e4:9b:5f:
24:97:5e:c6:4c:a1:ee:a5:97:1b:5c:17:b1:26:ca:
f1:da:fd:df:aa:25:3b:73:fb:ef:d4:3c:40:6d:b4:
6c:2a:89:02:a3:95:54:09:62:bd:9f:bc:d6:a5:5f:
74:fe:57:c3:57:af:7b:34:a3:2e:96:7e:1c:ea:a0:
0a:a2:18:e7:6b:f0:90:7b:66:97:ab:02:ac:f3:f4:
a4:49:f6:8a:9e:d4:bb:dc:ff:31:39:06:3e:77:21:
31:e8:81:21:4a:a5:e2:4e:25:b6:c0:bc:65:cd:c7:
0a:d2:d6:ba:f5:b2:98:07:e4:eb:78:2d:49:9a:04:
09:d5:53:55:47:4c:5c:80:3c:db:7f:4d:82:f3:78:
1f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E4:55:EE:C1:4B:F9:75:18:17:EB:78:7E:A6:79:D7:0E:0C:13:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9A7B2B2CFF911EF8B813EA8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.228.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:8c:a3:aa:43:17:8a:bb:47:67:6e:0c:73:b7:c1:c7:11:d3:
f8:f1:04:ff:3e:b9:ed:cf:d2:6a:77:c6:8d:4f:4f:8c:cd:78:
2d:87:39:7a:45:22:d9:b7:eb:b3:cf:2c:e9:18:95:29:af:c3:
57:e4:8b:27:b6:cf:b8:46:5b:af:50:de:f3:64:3a:86:a7:f3:
a1:94:fa:5c:42:a3:b4:9c:4f:89:61:a5:53:44:70:af:f9:ae:
29:af:d2:7d:50:bd:9d:e8:ef:6f:fa:b4:51:f8:87:ae:30:49:
29:af:1e:e0:65:8d:8b:48:be:1b:55:27:d0:e0:45:ee:7c:3e:
dd:b4:14:51:63:04:06:63:0f:a6:ab:17:fe:c4:cb:62:32:62:
20:c9:c4:da:c7:45:2b:12:9a:a2:6b:ce:1b:f2:55:fa:de:36:
04:db:3b:f1:86:e6:ac:ac:79:ef:02:88:9f:ca:de:b6:c0:5a:
72:44:ed:32:6e:28:57:3f:0a:05:86:d3:4f:66:4b:7a:e1:c9:
74:8f:34:d4:0a:ee:48:9f:ea:23:42:98:e6:0f:a9:af:50:d8:
98:41:d2:2d:ba:2f:f2:e5:5e:1d:22:e6:0f:a3:17:93:b1:4f:
57:63:66:98:dd:28:90:28:d2:f0:0f:75:0e:03:9a:26:f0:44:
27:7f:02:b0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQWAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMDg1NTE3WhcNMjUwMjE1MDg1NTE3WjAYMRYw
FAYDVQQDEw02NzgyMzFmOS02YTVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzeIGCFfmhUtQdhQ0pY60yF2G/DFkNfM7dGEkmbSJIaOg9cGjacJapAIy
MEILID7eD5dCxEy5oPbieKnqwlmXKgXcHQKVyJbdqLhB0lGp7ugqfLEiVoRg0RKX
DWIPzXJMLxeqts1SRuE2PO1koy8v5uhXNxHkm18kl17GTKHupZcbXBexJsrx2v3f
qiU7c/vv1DxAbbRsKokCo5VUCWK9n7zWpV90/lfDV697NKMuln4c6qAKohjna/CQ
e2aXqwKs8/SkSfaKntS73P8xOQY+dyEx6IEhSqXiTiW2wLxlzccK0ta69bKYB+Tr
eC1JmgQJ1VNVR0xcgDzbf02C83gfwQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGbk
Ve7BS/l1GBfreH6medcODBM3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOUE3QjJCMkNGRjkxMUVGOEI4MTNFQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTkMA0GCSqGSIb3DQEBCwUA
A4IBAQBqjKOqQxeKu0dnbgxzt8HHEdP48QT/Prntz9Jqd8aNT0+MzXgthzl6RSLZ
t+uzzyzpGJUpr8NX5Isnts+4RluvUN7zZDqGp/OhlPpcQqO0nE+JYaVTRHCv+a4p
r9J9UL2d6O9v+rRR+IeuMEkprx7gZY2LSL4bVSfQ4EXufD7dtBRRYwQGYw+mqxf+
xMtiMmIgycTax0UrEpqia84b8lX63jYE2zvxhuasrHnvAoifyt62wFpyRO0ybihX
PwoFhtNPZkt64cl0jzTUCu5In+ojQpjmD6mvUNiYQdItui/y5V4dIuYPoxeTsU9X
Y2aY3SiQKNLwD3UOA5om8EQnfwKw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:40 2025 by rpki-client