Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1DFA124CC1A11EF9E24D876762E951A.roa
File: E1DFA124CC1A11EF9E24D876762E951A.roa (raw, json)
Hash identifier: QKz69ppPgxy3+8eqXz/f7Dv4OqXxgIX+5VbHOtiSfEI=
Subject key identifier: 71:81:D0:BC:C5:92:E6:4E:B4:64:9A:60:4B:E5:AD:95:E6:37:02:1C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F899
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1DFA124CC1A11EF9E24D876762E951A.roa
Signing time: Mon 06 Jan 2025 10:42:10 +0000
ROA not before: Mon 06 Jan 2025 10:42:06 +0000
ROA not after: Mon 10 Feb 2025 10:42:06 +0000
asID: 48266
IP address blocks: 45.207.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63641 (0xf899)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 10:42:06 2025 GMT
Not After : Feb 10 10:42:06 2025 GMT
Subject: CN=677bb382-e438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:27:c6:da:e8:88:62:1d:49:45:3e:c8:8f:35:
1d:b7:a1:36:9b:22:c4:64:b0:b1:d3:3a:48:53:3a:
b1:99:75:74:3a:31:7e:fa:be:e7:1c:29:f4:fa:e6:
9e:ca:b1:c2:3f:cc:7d:ea:4b:19:48:bb:7e:ff:c2:
dc:12:31:c6:04:ea:4f:17:5f:cb:55:82:46:56:a3:
b3:cb:74:b2:c3:37:71:c3:92:e6:53:be:a0:a2:17:
76:87:75:54:8c:f0:e8:5a:98:21:37:53:97:98:09:
50:95:d5:78:7a:83:ad:7c:6e:b9:88:63:7b:d9:71:
36:6e:c7:74:ec:6b:07:cf:81:e4:6e:8d:be:4a:c5:
06:8f:10:23:ee:65:e8:4e:90:5a:4b:b5:7b:4f:af:
39:33:42:1f:d8:8e:6b:64:39:a2:6f:39:03:f5:e8:
64:17:6e:70:0a:0a:5a:9a:4d:13:22:c0:56:43:f2:
7f:ae:3a:4a:2e:fa:cd:69:a0:6a:69:e8:9a:ae:d8:
e3:79:1a:08:b1:ae:0f:aa:3b:f9:c6:88:3f:64:be:
08:54:c8:d1:51:2f:b3:bb:6e:cc:74:b5:ba:32:3d:
10:a1:39:7a:65:2d:33:7f:0e:c8:3e:1b:4b:6b:88:
df:86:22:0b:b1:a5:c6:29:35:7b:29:6e:5c:f3:64:
45:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:81:D0:BC:C5:92:E6:4E:B4:64:9A:60:4B:E5:AD:95:E6:37:02:1C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1DFA124CC1A11EF9E24D876762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.218.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:19:11:11:24:f5:cd:3c:84:02:8c:74:8b:9c:c1:13:f8:b1:
8b:d5:24:9c:94:e4:14:8a:64:29:bd:6c:8c:6a:0c:d7:be:fd:
13:40:fe:aa:ab:71:bf:fc:8c:30:8d:4b:9e:cd:a8:6f:04:38:
26:00:c6:d5:37:7a:46:ee:2a:c9:3d:87:3c:ea:ec:fc:02:42:
c4:f8:97:70:7e:2e:e2:b8:f8:33:98:b4:5b:f4:65:40:bb:af:
c5:db:18:0d:34:1d:a0:31:9d:51:3c:e7:5f:8f:95:18:66:9d:
10:c1:66:ef:a1:58:5d:49:12:6b:d1:f5:6a:4a:60:9c:a1:41:
ad:e7:61:86:93:1a:c1:48:88:f1:7d:f2:e1:49:ee:c2:75:46:
29:35:14:95:69:be:5a:4b:2d:61:e3:25:0b:a1:d6:e2:3c:15:
1d:78:46:3d:87:e1:02:14:57:1e:9c:03:35:83:31:e5:78:7c:
f9:cd:bf:54:62:19:1a:69:1a:ae:42:65:97:6d:06:78:f6:20:
1a:39:37:5a:45:7c:77:7c:be:a2:9b:e9:55:7e:0e:c4:6b:2f:
34:cf:6b:3d:b8:75:5c:68:d8:77:9d:32:8a:dc:6d:64:c4:5f:
3b:c7:6d:aa:21:1d:ee:23:d2:65:8e:07:1d:f9:e0:2b:a3:38:
c3:f5:d6:d6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPiZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MTA0MjA2WhcNMjUwMjEwMTA0MjA2WjAYMRYw
FAYDVQQDEw02NzdiYjM4Mi1lNDM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtCfG2uiIYh1JRT7IjzUdt6E2myLEZLCx0zpIUzqxmXV0OjF++r7nHCn0
+uaeyrHCP8x96ksZSLt+/8LcEjHGBOpPF1/LVYJGVqOzy3Sywzdxw5LmU76gohd2
h3VUjPDoWpghN1OXmAlQldV4eoOtfG65iGN72XE2bsd07GsHz4Hkbo2+SsUGjxAj
7mXoTpBaS7V7T685M0If2I5rZDmibzkD9ehkF25wCgpamk0TIsBWQ/J/rjpKLvrN
aaBqaeiartjjeRoIsa4Pqjv5xog/ZL4IVMjRUS+zu27MdLW6Mj0QoTl6ZS0zfw7I
PhtLa4jfhiILsaXGKTV7KW5c82RFTQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHGB
0LzFkuZOtGSaYEvlrZXmNwIcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMURGQTEyNENDMUExMUVGOUUyNEQ4NzY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLc/aMA0GCSqGSIb3DQEBCwUA
A4IBAQCKGRERJPXNPIQCjHSLnMET+LGL1SSclOQUimQpvWyMagzXvv0TQP6qq3G/
/IwwjUuezahvBDgmAMbVN3pG7irJPYc86uz8AkLE+Jdwfi7iuPgzmLRb9GVAu6/F
2xgNNB2gMZ1RPOdfj5UYZp0QwWbvoVhdSRJr0fVqSmCcoUGt52GGkxrBSIjxffLh
Se7CdUYpNRSVab5aSy1h4yULodbiPBUdeEY9h+ECFFcenAM1gzHleHz5zb9UYhka
aRquQmWXbQZ49iAaOTdaRXx3fL6im+lVfg7Eay80z2s9uHVcaNh3nTKK3G1kxF87
x22qIR3uI9Jljgcd+eArozjD9dbW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:17 2025 by rpki-client