Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9DD2E40C29F11EFB3BD6BBB762E951A.roa
File: C9DD2E40C29F11EFB3BD6BBB762E951A.roa (raw, json)
Hash identifier: MjVamCD9jAwYcYqdIEQGjxdO8SEKBQOvVlAxznqjMsg=
Subject key identifier: 83:93:8B:3B:70:7A:F0:B3:32:84:01:AC:42:0A:F5:CC:47:6D:59:C4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E9EB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9DD2E40C29F11EFB3BD6BBB762E951A.roa
Signing time: Wed 25 Dec 2024 09:08:21 +0000
ROA not before: Wed 25 Dec 2024 09:08:18 +0000
ROA not after: Tue 11 Feb 2025 09:08:18 +0000
asID: 63139
IP address blocks: 45.197.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59883 (0xe9eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 09:08:18 2024 GMT
Not After : Feb 11 09:08:18 2025 GMT
Subject: CN=676bcb85-a138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d5:8f:e3:e0:42:21:6c:79:3e:57:b3:64:9b:
37:72:54:dd:c1:e1:e8:00:e6:ca:0b:fb:58:79:ad:
6b:ea:ac:56:e4:86:e2:4c:96:5e:1c:d0:d9:b4:e3:
83:1f:a1:2b:0e:74:25:1e:e9:7f:c3:12:05:9b:90:
65:59:3d:3b:16:2c:83:8c:7e:c2:b3:bd:c6:f5:c4:
07:a0:90:49:47:19:c5:cd:0e:ab:30:ad:f7:57:be:
6b:fd:c9:4a:76:01:42:dc:8e:9e:e4:ee:cf:97:d0:
7b:aa:0c:b9:dd:be:fc:91:c6:ae:f0:72:6f:5b:12:
29:97:8a:0a:22:f2:44:af:05:56:a2:84:f5:82:86:
a4:34:6b:91:0a:cf:f3:c5:e4:62:d0:d5:07:01:f2:
90:ea:d4:7c:c7:07:3f:a6:00:23:d2:25:47:82:11:
2d:cc:e9:14:b8:cf:1c:27:fd:68:f1:8d:91:92:af:
f9:95:3d:a4:63:9c:00:98:c2:7f:e4:ca:44:c0:3c:
ff:f5:e3:75:cf:ae:4e:3d:b6:ca:ea:d2:3a:ee:15:
f0:37:ee:28:22:18:cc:52:88:ce:9b:1e:f6:65:c2:
c3:4d:30:7f:23:5b:6f:08:05:ed:ae:1b:44:ff:41:
49:02:32:55:82:55:dd:f0:94:9a:1c:d7:20:ee:b9:
df:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:93:8B:3B:70:7A:F0:B3:32:84:01:AC:42:0A:F5:CC:47:6D:59:C4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9DD2E40C29F11EFB3BD6BBB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.64.0/18
Signature Algorithm: sha256WithRSAEncryption
11:c4:10:6e:1b:51:9a:2f:51:32:a8:05:73:fa:48:87:5f:53:
88:80:99:85:21:6b:4f:0e:c8:3d:e7:1c:77:3f:34:e2:c6:da:
3f:92:2f:16:71:92:0a:1c:5f:e5:02:20:9a:52:a8:49:16:6b:
76:0c:a3:5e:b5:cc:4d:15:ea:57:20:d2:b0:36:5b:31:54:1c:
1e:35:1d:a9:9c:07:39:dc:ee:6d:d5:dc:cd:34:f9:fd:73:fd:
69:f1:63:40:93:45:26:fb:84:9d:74:7f:fe:b1:63:d9:e1:05:
bb:46:b0:93:93:9c:0f:a4:e4:12:ef:14:cf:23:0b:2d:07:64:
6c:44:a3:f0:73:c4:75:c4:7a:84:0a:48:5e:36:2d:5f:23:49:
3e:21:30:65:29:f7:4f:11:aa:ca:0e:fe:aa:85:be:79:8e:0a:
66:1b:e2:1a:59:b6:3b:b8:d3:0a:83:85:08:35:f1:8a:b6:d3:
8d:3f:b8:25:51:30:16:ce:aa:81:4c:70:d6:4d:c3:11:6f:61:
61:68:2e:4f:d3:52:3e:2b:bb:a7:5a:15:d5:20:fc:d7:7d:4f:
b1:7d:d7:fc:3c:4c:5c:d4:77:4f:33:27:d2:b4:5a:93:9e:58:
0b:98:73:d6:83:b2:b1:81:e9:e8:6d:22:f8:cb:7b:b2:b8:42:
ba:c4:51:41
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOnrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDkwODE4WhcNMjUwMjExMDkwODE4WjAYMRYw
FAYDVQQDEw02NzZiY2I4NS1hMTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtNWP4+BCIWx5PlezZJs3clTdweHoAObKC/tYea1r6qxW5IbiTJZeHNDZ
tOODH6ErDnQlHul/wxIFm5BlWT07FiyDjH7Cs73G9cQHoJBJRxnFzQ6rMK33V75r
/clKdgFC3I6e5O7Pl9B7qgy53b78kcau8HJvWxIpl4oKIvJErwVWooT1goakNGuR
Cs/zxeRi0NUHAfKQ6tR8xwc/pgAj0iVHghEtzOkUuM8cJ/1o8Y2Rkq/5lT2kY5wA
mMJ/5MpEwDz/9eN1z65OPbbK6tI67hXwN+4oIhjMUojOmx72ZcLDTTB/I1tvCAXt
rhtE/0FJAjJVglXd8JSaHNcg7rnfswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIOT
iztwevCzMoQBrEIK9cxHbVnEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOUREMkU0MEMyOUYxMUVGQjNCRDZCQkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGLcVAMA0GCSqGSIb3DQEBCwUA
A4IBAQARxBBuG1GaL1EyqAVz+kiHX1OIgJmFIWtPDsg95xx3PzTixto/ki8WcZIK
HF/lAiCaUqhJFmt2DKNetcxNFepXINKwNlsxVBweNR2pnAc53O5t1dzNNPn9c/1p
8WNAk0Um+4SddH/+sWPZ4QW7RrCTk5wPpOQS7xTPIwstB2RsRKPwc8R1xHqECkhe
Ni1fI0k+ITBlKfdPEarKDv6qhb55jgpmG+IaWbY7uNMKg4UINfGKttONP7glUTAW
zqqBTHDWTcMRb2FhaC5P01I+K7unWhXVIPzXfU+xfdf8PExc1HdPMyfStFqTnlgL
mHPWg7KxgenobSL4y3uyuEK6xFFB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:25 2025 by rpki-client