Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE1162EAC9C211EFBD7F449D762E951A.roa
File: CE1162EAC9C211EFBD7F449D762E951A.roa (raw, json)
Hash identifier: 2uXZCRLvLvvfbj+xxrOnqdQbSc2QGTPVy3uDNNFRTyA=
Subject key identifier: 7D:48:80:0F:24:A8:71:F8:53:68:25:13:20:1B:5C:49:DE:78:D7:12
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6E7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE1162EAC9C211EFBD7F449D762E951A.roa
Signing time: Fri 03 Jan 2025 11:06:39 +0000
ROA not before: Fri 03 Jan 2025 11:06:35 +0000
ROA not after: Sat 08 Feb 2025 11:06:35 +0000
asID: 395793
IP address blocks: 45.204.148.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63207 (0xf6e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 11:06:35 2025 GMT
Not After : Feb 8 11:06:35 2025 GMT
Subject: CN=6777c4bf-9f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c1:87:64:1f:43:21:53:b0:9b:be:31:09:1d:
8f:59:90:26:7c:84:25:81:8f:87:10:30:a4:67:97:
a0:f6:2a:4a:7e:ca:3c:8b:a8:2e:c6:bc:b1:8e:f5:
86:4b:2d:c8:27:03:5f:e5:06:03:b7:81:aa:d9:90:
a7:23:29:80:62:46:1a:d2:50:26:67:00:0f:95:77:
4c:d3:f8:14:55:4b:e8:cd:d5:6b:b3:e7:72:9b:0e:
48:a9:35:b4:b6:ae:6d:2f:37:ee:a7:02:a8:e5:7e:
59:cf:66:aa:5a:d4:8a:dd:48:82:aa:f8:92:00:49:
51:ea:df:51:cd:09:a8:dd:42:1c:46:cd:17:4b:af:
aa:12:54:10:c9:81:73:4b:5c:62:e0:9f:f4:72:f9:
0b:c3:d2:3f:19:32:29:d6:ac:de:01:46:d4:2c:4c:
c5:5e:58:c7:c5:99:aa:e6:7e:39:68:5e:46:64:c5:
a8:02:ae:fc:3a:4c:1e:3e:ae:9d:6a:aa:b0:32:40:
75:8b:41:1d:c2:71:d5:fa:aa:66:87:3e:21:60:0e:
a0:13:3a:46:2d:c8:16:55:1f:82:5c:8d:ca:eb:b1:
d6:49:fc:a2:d3:28:de:d1:4b:86:b1:b8:65:84:16:
a0:7b:d0:84:25:36:63:9d:06:c7:31:b6:f7:5c:d0:
de:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:48:80:0F:24:A8:71:F8:53:68:25:13:20:1B:5C:49:DE:78:D7:12
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE1162EAC9C211EFBD7F449D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.148.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:df:7c:04:98:af:1c:ed:f7:0b:b4:06:12:6a:7d:8b:1e:22:
62:ef:73:d2:a4:1a:7f:b8:dc:80:4c:19:fe:3c:4d:92:88:ac:
62:18:90:10:af:8a:35:ab:19:13:be:bd:0a:58:5e:58:a2:77:
c4:d7:f5:26:ff:fd:0a:78:83:ab:43:d8:99:bc:1e:0d:b0:64:
31:0c:95:94:27:e3:2f:83:31:d7:0b:5b:c1:fe:ed:75:18:f2:
58:ea:8a:26:72:2b:94:b0:e5:9e:17:8c:a7:af:ad:3a:17:ef:
40:c6:03:dd:51:85:1e:a1:86:2a:6c:ae:3c:d5:71:4e:c6:ae:
4b:c1:8e:94:0d:54:cf:c7:81:48:51:ff:be:4a:f2:c7:dc:db:
b0:d2:db:d4:0b:40:d8:8f:d0:f1:88:b3:f7:88:bf:98:35:5d:
ca:e4:02:37:65:37:50:ba:19:7f:d8:32:0e:2d:19:d2:49:fd:
cc:c2:3d:e6:89:06:21:53:2e:c6:ef:7b:c8:08:e3:01:83:c5:
b9:b1:49:68:04:40:92:79:62:80:e0:51:37:54:dd:ce:2f:45:
cc:70:4c:4e:c0:fc:9d:6b:f5:1f:c2:b0:13:00:57:49:ac:7e:
33:2f:e7:78:c1:0e:eb:7d:06:8f:0e:d8:b9:47:ca:3a:7a:bc:
38:e7:94:59
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPbnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMTEwNjM1WhcNMjUwMjA4MTEwNjM1WjAYMRYw
FAYDVQQDEw02Nzc3YzRiZi05ZjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwMGHZB9DIVOwm74xCR2PWZAmfIQlgY+HEDCkZ5eg9ipKfso8i6guxryx
jvWGSy3IJwNf5QYDt4Gq2ZCnIymAYkYa0lAmZwAPlXdM0/gUVUvozdVrs+dymw5I
qTW0tq5tLzfupwKo5X5Zz2aqWtSK3UiCqviSAElR6t9RzQmo3UIcRs0XS6+qElQQ
yYFzS1xi4J/0cvkLw9I/GTIp1qzeAUbULEzFXljHxZmq5n45aF5GZMWoAq78Okwe
Pq6daqqwMkB1i0EdwnHV+qpmhz4hYA6gEzpGLcgWVR+CXI3K67HWSfyi0yje0UuG
sbhlhBage9CEJTZjnQbHMbb3XNDemQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH1I
gA8kqHH4U2glEyAbXEneeNcSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRTExNjJFQUM5QzIxMUVGQkQ3RjQ0OUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcyUMA0GCSqGSIb3DQEBCwUA
A4IBAQCi33wEmK8c7fcLtAYSan2LHiJi73PSpBp/uNyATBn+PE2SiKxiGJAQr4o1
qxkTvr0KWF5YonfE1/Um//0KeIOrQ9iZvB4NsGQxDJWUJ+MvgzHXC1vB/u11GPJY
6oomciuUsOWeF4ynr606F+9AxgPdUYUeoYYqbK481XFOxq5LwY6UDVTPx4FIUf++
SvLH3Nuw0tvUC0DYj9DxiLP3iL+YNV3K5AI3ZTdQuhl/2DIOLRnSSf3Mwj3miQYh
Uy7G73vICOMBg8W5sUloBECSeWKA4FE3VN3OL0XMcExOwPyda/UfwrATAFdJrH4z
L+d4wQ7rfQaPDti5R8o6erw455RZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:22 2025 by rpki-client