Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE597C2CCAD711EFA2630C6F762E951A.roa
File: CE597C2CCAD711EFA2630C6F762E951A.roa (raw, json)
Hash identifier: wCGFIkYOh/csu01u1G1wkpwSrF/oaPHf2CNNY0Ue1Ew=
Subject key identifier: C4:2A:DD:C8:D0:34:03:E4:78:A4:79:24:B8:9E:BA:56:55:D0:3D:58
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F792
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE597C2CCAD711EFA2630C6F762E951A.roa
Signing time: Sat 04 Jan 2025 20:09:30 +0000
ROA not before: Sun 05 Jan 2025 20:09:26 +0000
ROA not after: Sat 08 Feb 2025 20:09:26 +0000
asID: 20473
IP address blocks: 45.195.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63378 (0xf792)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 20:09:26 2025 GMT
Not After : Feb 8 20:09:26 2025 GMT
Subject: CN=6779957a-e962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d8:05:b2:c3:70:c5:fe:b6:8c:b4:d8:eb:a2:
37:fd:b0:d1:6b:66:f6:64:6c:45:7c:5d:62:bf:68:
71:84:a9:8f:43:4c:2e:63:4b:93:7d:ec:36:63:88:
e8:26:78:e9:f2:6f:6a:f2:54:37:81:bb:00:27:a7:
25:a9:45:d5:68:01:41:c9:a0:29:97:01:27:79:89:
ab:c6:dd:50:8c:f1:8a:6e:cb:20:cb:93:b3:5f:aa:
c8:e2:59:5e:6f:0f:35:f0:d0:9a:62:a9:f6:a7:46:
97:52:fc:52:cc:bc:99:d8:86:d7:cc:61:e9:f1:ee:
f8:07:1e:17:a5:7c:08:4f:4c:10:42:02:d0:ea:55:
76:0b:3f:1e:ac:59:c3:a9:b2:71:24:95:cd:07:dc:
55:ef:61:82:b3:a0:bb:cc:22:2c:e4:88:a5:dc:1a:
3c:ac:4f:24:0a:93:b9:38:5c:45:91:6d:b1:a3:8b:
dd:29:08:92:0f:cf:0f:68:cf:d2:3b:fa:09:1d:28:
d4:07:6a:bf:d3:2d:e0:58:1d:57:fd:8d:23:fd:4c:
7b:2b:c1:8f:69:0d:a1:52:e4:fb:9c:a5:3a:5b:f6:
e1:d0:ed:76:7b:b9:84:8b:6d:66:11:24:e3:84:78:
69:31:68:47:37:66:18:60:81:af:c3:c5:fe:58:ca:
da:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2A:DD:C8:D0:34:03:E4:78:A4:79:24:B8:9E:BA:56:55:D0:3D:58
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE597C2CCAD711EFA2630C6F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.137.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:b2:42:cb:84:84:c5:ba:f7:b4:60:4a:cb:7b:b6:c1:24:bc:
a5:aa:60:76:ef:e5:a9:3c:7a:fa:6d:5a:3a:98:12:3f:01:1a:
31:7a:bc:77:2e:0e:dd:36:69:69:37:d9:e0:9a:f1:07:3e:1b:
7d:ac:cf:1e:25:6b:73:89:66:ff:f2:c0:1f:0a:04:05:cb:49:
3b:71:54:08:67:aa:1c:eb:5c:a6:55:f7:13:0c:84:d1:93:1c:
f7:9f:63:9b:8e:99:52:de:d2:d9:01:47:6c:ca:3e:a9:c7:10:
a5:0e:52:31:52:2e:fc:c8:5f:08:ba:ed:be:26:94:60:3c:6c:
1a:b3:e6:23:5c:62:bb:fa:ed:75:20:15:0e:31:4e:9b:43:3a:
06:fa:e9:01:7e:7a:ca:e7:ee:fc:e1:d1:ed:b8:50:8c:7e:4a:
0d:a3:3b:44:4a:0f:d7:52:fb:af:9c:b8:b1:01:aa:48:c5:9f:
4e:59:13:80:f9:78:47:64:7c:4e:be:b9:f1:04:d6:a9:97:8d:
d3:6e:68:14:5c:9d:7e:6d:b2:01:aa:11:a3:97:8c:f2:73:d3:
bc:cd:5a:59:d1:21:9b:d4:93:70:20:98:70:cc:62:46:80:e1:
dc:c4:40:72:ed:1f:26:07:4f:f4:47:6a:37:14:95:c7:5d:6b:
6f:84:d8:89
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjAwOTI2WhcNMjUwMjA4MjAwOTI2WjAYMRYw
FAYDVQQDEw02Nzc5OTU3YS1lOTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0NgFssNwxf62jLTY66I3/bDRa2b2ZGxFfF1iv2hxhKmPQ0wuY0uTfew2
Y4joJnjp8m9q8lQ3gbsAJ6clqUXVaAFByaAplwEneYmrxt1QjPGKbssgy5OzX6rI
4llebw818NCaYqn2p0aXUvxSzLyZ2IbXzGHp8e74Bx4XpXwIT0wQQgLQ6lV2Cz8e
rFnDqbJxJJXNB9xV72GCs6C7zCIs5Iil3Bo8rE8kCpO5OFxFkW2xo4vdKQiSD88P
aM/SO/oJHSjUB2q/0y3gWB1X/Y0j/Ux7K8GPaQ2hUuT7nKU6W/bh0O12e7mEi21m
ESTjhHhpMWhHN2YYYIGvw8X+WMraVQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMQq
3cjQNAPkeKR5JLieulZV0D1YMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRTU5N0MyQ0NBRDcxMUVGQTI2MzBDNkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcOJMA0GCSqGSIb3DQEBCwUA
A4IBAQCwskLLhITFuve0YErLe7bBJLylqmB27+WpPHr6bVo6mBI/ARoxerx3Lg7d
NmlpN9ngmvEHPht9rM8eJWtziWb/8sAfCgQFy0k7cVQIZ6oc61ymVfcTDITRkxz3
n2ObjplS3tLZAUdsyj6pxxClDlIxUi78yF8Iuu2+JpRgPGwas+YjXGK7+u11IBUO
MU6bQzoG+ukBfnrK5+784dHtuFCMfkoNoztESg/XUvuvnLixAapIxZ9OWROA+XhH
ZHxOvrnxBNapl43TbmgUXJ1+bbIBqhGjl4zyc9O8zVpZ0SGb1JNwIJhwzGJGgOHc
xEBy7R8mB0/0R2o3FJXHXWtvhNiJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:56 2025 by rpki-client