Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EAA2E770D30A11EFBC0E858F762E951A.roa
File: EAA2E770D30A11EFBC0E858F762E951A.roa (raw, json)
Hash identifier: vghUXL8O7MYGuG/rVmQgw+nQvdoWEbSIreVvb+zR4vo=
Subject key identifier: 49:1A:15:4E:3A:D0:94:1C:F3:E2:B7:F6:4A:46:57:03:E9:30:85:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010829
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EAA2E770D30A11EFBC0E858F762E951A.roa
Signing time: Wed 15 Jan 2025 06:35:31 +0000
ROA not before: Wed 15 Jan 2025 06:35:27 +0000
ROA not after: Sat 19 Jul 2025 06:35:27 +0000
asID: 138995
IP address blocks: 45.194.32.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67625 (0x10829)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 06:35:27 2025 GMT
Not After : Jul 19 06:35:27 2025 GMT
Subject: CN=67875733-4e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5a:a4:28:94:d4:88:33:5e:97:ad:47:09:4a:
45:7f:48:41:dd:39:45:84:14:ce:7c:89:91:30:1d:
16:14:27:40:66:68:d5:02:4a:ba:fb:40:df:e9:38:
f9:1b:95:67:26:0d:63:c9:97:b9:09:7c:c0:a2:c2:
a2:57:cf:af:15:43:8d:01:c8:f9:eb:aa:b5:13:60:
a2:43:4b:72:9a:26:29:e7:26:8c:06:f0:72:32:06:
f8:2b:01:45:f5:af:f8:63:e3:2a:40:a9:1a:53:c3:
2c:ea:f3:b7:0f:01:fb:27:0b:13:a1:3a:8d:ad:63:
ba:8e:33:f7:89:89:f1:c3:ad:69:99:75:b2:4c:c7:
35:85:c0:47:9a:2b:42:5b:39:25:eb:e0:71:3d:55:
85:f1:4f:df:d8:fa:41:14:c3:68:b3:c9:9c:3a:6c:
6d:ed:b2:1f:bd:56:b3:0e:9c:0f:19:f8:a8:ef:12:
93:95:f3:13:b5:8d:51:66:61:c6:30:80:90:cf:a4:
4e:70:36:04:2e:0d:a7:8a:62:95:f9:93:09:25:c2:
d6:84:b4:7f:39:2c:4f:56:8a:ea:d4:ac:a8:88:54:
55:83:35:a6:60:57:52:9b:73:40:20:f6:76:51:7c:
1a:2c:16:2b:c7:c1:a6:91:f1:42:4e:74:66:44:d0:
27:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:1A:15:4E:3A:D0:94:1C:F3:E2:B7:F6:4A:46:57:03:E9:30:85:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EAA2E770D30A11EFBC0E858F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.32.0/21
Signature Algorithm: sha256WithRSAEncryption
53:d5:72:25:da:ff:c4:4b:46:6f:99:47:57:55:c5:4d:3e:0d:
bf:7c:35:ec:18:5a:cc:df:09:27:6b:a2:7c:fd:d8:32:65:bb:
ef:12:2e:e3:56:74:ab:65:02:0b:5d:14:1f:fb:2c:6d:d5:92:
27:c6:2f:f1:f3:20:47:67:7a:b5:96:09:fd:94:7b:cd:44:88:
49:91:52:f6:91:4a:cb:32:1c:94:48:b3:75:23:61:79:2e:e0:
fd:2f:fb:80:2f:8e:f8:70:46:bd:af:a9:48:89:a3:e7:6e:28:
88:9b:36:7b:00:d3:e2:c6:52:65:b5:ae:96:50:74:3e:a9:39:
bf:82:da:32:87:a2:2c:64:9c:6f:a3:aa:cc:c9:f4:ad:dd:24:
2e:a0:d8:3a:7b:77:a8:e6:3a:0e:2f:f5:7d:e8:5b:73:41:69:
b2:12:64:0a:a1:25:05:a2:66:b5:fc:69:a8:4c:b7:1c:2a:12:
ff:1e:c0:08:94:9c:7c:b6:32:90:d7:40:85:55:e1:09:33:df:
3d:ed:16:0a:64:bf:e3:02:b7:f3:b6:ee:60:8a:d6:63:a1:36:
a8:37:5b:34:6b:77:50:50:41:ac:d6:4b:cb:96:65:48:aa:0a:
fe:53:7d:91:6c:52:65:90:2d:f6:9e:4d:44:5b:71:de:cd:42:
cb:71:d2:0f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQgpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDYzNTI3WhcNMjUwNzE5MDYzNTI3WjAYMRYw
FAYDVQQDEw02Nzg3NTczMy00ZTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArFqkKJTUiDNel61HCUpFf0hB3TlFhBTOfImRMB0WFCdAZmjVAkq6+0Df
6Tj5G5VnJg1jyZe5CXzAosKiV8+vFUONAcj566q1E2CiQ0tymiYp5yaMBvByMgb4
KwFF9a/4Y+MqQKkaU8Ms6vO3DwH7JwsToTqNrWO6jjP3iYnxw61pmXWyTMc1hcBH
mitCWzkl6+BxPVWF8U/f2PpBFMNos8mcOmxt7bIfvVazDpwPGfio7xKTlfMTtY1R
ZmHGMICQz6ROcDYELg2nimKV+ZMJJcLWhLR/OSxPVorq1KyoiFRVgzWmYFdSm3NA
IPZ2UXwaLBYrx8GmkfFCTnRmRNAnywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEka
FU460JQc8+K39kpGVwPpMIWQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQUEyRTc3MEQzMEExMUVGQkMwRTg1OEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcIgMA0GCSqGSIb3DQEBCwUA
A4IBAQBT1XIl2v/ES0ZvmUdXVcVNPg2/fDXsGFrM3wkna6J8/dgyZbvvEi7jVnSr
ZQILXRQf+yxt1ZInxi/x8yBHZ3q1lgn9lHvNRIhJkVL2kUrLMhyUSLN1I2F5LuD9
L/uAL474cEa9r6lIiaPnbiiImzZ7ANPixlJlta6WUHQ+qTm/gtoyh6IsZJxvo6rM
yfSt3SQuoNg6e3eo5joOL/V96FtzQWmyEmQKoSUFoma1/GmoTLccKhL/HsAIlJx8
tjKQ10CFVeEJM9897RYKZL/jArfztu5gitZjoTaoN1s0a3dQUEGs1kvLlmVIqgr+
U32RbFJlkC32nk1EW3HezULLcdIP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:22 2025 by rpki-client