Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E7AF3EA4CDD011EF9E4F0065762E951A.roa
File: E7AF3EA4CDD011EF9E4F0065762E951A.roa (raw, json)
Hash identifier: 2IARZBj4KSPxIHMEr/viOceRjU2ss+ooemtY/9MmxEw=
Subject key identifier: 19:AD:0E:36:69:98:60:A8:B6:3C:A9:B4:B0:7D:59:10:84:9B:5C:C1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010208
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E7AF3EA4CDD011EF9E4F0065762E951A.roa
Signing time: Wed 08 Jan 2025 14:57:39 +0000
ROA not before: Wed 08 Jan 2025 14:57:36 +0000
ROA not after: Mon 03 Jan 2028 14:57:36 +0000
asID: 17561
IP address blocks: 45.197.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66056 (0x10208)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:57:36 2025 GMT
Not After : Jan 3 14:57:36 2028 GMT
Subject: CN=677e9263-334c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f0:3d:4f:6b:9d:79:2d:f1:8d:11:a9:c5:99:
ca:b8:6c:c4:08:d5:6c:4f:f5:0c:eb:06:ef:a8:e2:
0f:46:53:f7:19:b3:eb:b1:27:b9:4d:61:f3:a9:ff:
2e:52:ce:33:05:22:e0:a5:86:99:f5:c8:cc:be:8e:
ea:dd:31:41:f2:0c:20:1a:6f:1b:08:e9:54:41:16:
8a:a5:41:a5:a2:86:c1:5b:39:02:11:18:c2:b3:fb:
26:1b:82:f4:22:3d:82:04:19:25:7a:c2:4c:31:d5:
22:37:8a:a1:cb:c1:96:11:5a:3f:8e:e0:46:9c:f2:
3d:74:e4:dd:b3:1b:d8:db:ab:3e:1b:7a:f5:b5:e0:
b1:16:4b:3e:1f:64:c8:86:16:41:28:d1:40:3c:3e:
38:05:be:08:2f:c3:27:6f:e5:68:2c:7f:61:ce:45:
b3:bd:bb:85:20:fe:83:3e:98:d0:cf:0c:bb:b9:2f:
d9:9b:dc:a2:3c:23:97:87:3e:6b:2c:2d:f0:53:ab:
35:56:3e:55:c0:18:41:1d:55:f7:e5:7d:ed:d6:91:
b5:80:05:1b:91:d7:e4:77:3a:23:07:f8:b1:8d:ce:
f3:c5:c5:fb:31:86:d3:62:b7:d2:f5:e6:30:9c:87:
f0:f4:ce:cd:ea:d3:a9:e2:38:89:53:25:c6:d7:cd:
ad:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:AD:0E:36:69:98:60:A8:B6:3C:A9:B4:B0:7D:59:10:84:9B:5C:C1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E7AF3EA4CDD011EF9E4F0065762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.5.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:cd:09:91:9e:9e:76:bb:b0:e0:66:ed:a2:79:e6:03:7f:8f:
66:27:e7:0c:f5:f6:40:04:0e:8b:ee:77:15:9f:f5:e9:65:21:
79:6a:30:f8:90:d5:5e:bd:c8:24:10:d2:9d:fc:52:e8:4d:e8:
77:06:02:e0:96:68:99:4a:76:a7:79:be:5d:ac:0d:9c:8f:5a:
d8:9f:c3:1b:48:cd:e1:6e:5b:bd:0b:22:4f:81:00:6a:82:b7:
1c:c9:ad:5a:02:e9:b9:71:35:a6:11:4e:f6:b7:50:84:dc:3b:
10:32:99:1f:4d:ad:c6:dd:7a:ad:49:6b:15:b2:e4:14:d5:ce:
b4:08:be:4b:e3:7f:1d:12:a8:c5:4c:2a:4b:4f:e4:50:8a:2c:
14:2d:c2:c1:91:cf:09:f2:a9:51:01:7e:bc:24:14:28:e2:ff:
0d:29:b3:8c:e1:d1:d0:39:0e:57:7f:54:dd:6c:5a:20:bf:31:
52:06:2e:5a:2a:a8:dc:bc:a0:2a:d9:08:ad:3e:66:ec:1d:b0:
6c:d7:c6:e8:6d:b8:34:a7:82:db:dd:d0:7e:06:e7:13:1e:61:
9f:a6:10:31:17:a5:c9:4e:34:5e:1b:97:06:c8:0f:d0:e1:5b:
dc:b1:8e:f0:4d:af:e7:1c:02:a8:47:7d:b1:8a:38:94:e7:38:
fe:10:ce:30
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQIIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQ1NzM2WhcNMjgwMTAzMTQ1NzM2WjAYMRYw
FAYDVQQDEw02NzdlOTI2My0zMzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwvA9T2udeS3xjRGpxZnKuGzECNVsT/UM6wbvqOIPRlP3GbPrsSe5TWHz
qf8uUs4zBSLgpYaZ9cjMvo7q3TFB8gwgGm8bCOlUQRaKpUGloobBWzkCERjCs/sm
G4L0Ij2CBBklesJMMdUiN4qhy8GWEVo/juBGnPI9dOTdsxvY26s+G3r1teCxFks+
H2TIhhZBKNFAPD44Bb4IL8Mnb+VoLH9hzkWzvbuFIP6DPpjQzwy7uS/Zm9yiPCOX
hz5rLC3wU6s1Vj5VwBhBHVX35X3t1pG1gAUbkdfkdzojB/ixjc7zxcX7MYbTYrfS
9eYwnIfw9M7N6tOp4jiJUyXG182tSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBmt
DjZpmGCotjyptLB9WRCEm1zBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FN0FGM0VBNENERDAxMUVGOUU0RjAwNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcUFMA0GCSqGSIb3DQEBCwUA
A4IBAQClzQmRnp52u7DgZu2ieeYDf49mJ+cM9fZABA6L7ncVn/XpZSF5ajD4kNVe
vcgkENKd/FLoTeh3BgLglmiZSnaneb5drA2cj1rYn8MbSM3hblu9CyJPgQBqgrcc
ya1aAum5cTWmEU72t1CE3DsQMpkfTa3G3XqtSWsVsuQU1c60CL5L438dEqjFTCpL
T+RQiiwULcLBkc8J8qlRAX68JBQo4v8NKbOM4dHQOQ5Xf1TdbFogvzFSBi5aKqjc
vKAq2QitPmbsHbBs18bobbg0p4Lb3dB+BucTHmGfphAxF6XJTjReG5cGyA/Q4Vvc
sY7wTa/nHAKoR32xijiU5zj+EM4w
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:59 2025 by rpki-client