Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EB81EFD4CFF811EF9696D6A1762E951A.roa
File: EB81EFD4CFF811EF9696D6A1762E951A.roa (raw, json)
Hash identifier: /h66ss01iepHlacHw7DamkqyYc36G/I0IdS/vW6nDIU=
Subject key identifier: 8E:80:8E:BA:BE:89:16:B4:BF:05:BA:88:3F:6F:52:5B:3E:E8:53:28
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01057A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EB81EFD4CFF811EF9696D6A1762E951A.roa
Signing time: Sat 11 Jan 2025 08:49:08 +0000
ROA not before: Sat 11 Jan 2025 08:49:04 +0000
ROA not after: Sat 15 Feb 2025 08:49:04 +0000
asID: 16276
IP address blocks: 45.194.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66938 (0x1057a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 08:49:04 2025 GMT
Not After : Feb 15 08:49:04 2025 GMT
Subject: CN=67823084-d07f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e5:9b:c0:41:b1:1a:d9:9a:aa:c0:1a:0c:11:
ba:2e:01:26:fc:67:f5:dc:9d:ec:77:1b:3d:33:91:
4d:12:18:e3:6d:08:63:a8:7e:99:d3:96:48:75:42:
95:4c:88:c4:dd:15:8a:58:58:25:c2:ba:13:aa:00:
40:eb:8d:1d:aa:76:44:c1:d3:0a:ff:9a:01:aa:28:
c3:b2:11:58:d3:ba:33:36:92:ae:c6:2f:83:cb:1d:
bb:4e:4d:b5:b3:cf:bf:70:00:0f:44:05:31:cf:82:
d2:70:c4:32:35:5d:f5:00:1a:f0:52:59:bd:52:d3:
0e:e1:a9:47:8a:11:50:55:36:ee:9e:8f:67:7b:22:
36:82:82:fd:2f:cf:6a:4e:33:5e:66:86:3a:72:e3:
d6:f2:31:cc:68:2c:f7:ea:04:ae:c3:96:9a:53:ed:
cf:d2:37:b6:f9:92:a6:82:86:19:09:3e:2a:ac:03:
3e:3f:06:89:7c:6a:4f:44:0b:22:08:2b:fa:36:24:
36:62:54:97:a6:eb:2b:59:19:f8:61:9a:7f:28:f0:
ec:dc:ae:f2:e7:a1:29:04:35:86:6a:69:53:04:6f:
2a:3d:e3:10:d2:0b:0c:a8:02:b7:8f:4f:9e:4e:44:
50:ac:fb:5d:f3:b7:a3:fb:6d:9e:78:cd:df:78:b5:
b0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:80:8E:BA:BE:89:16:B4:BF:05:BA:88:3F:6F:52:5B:3E:E8:53:28
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EB81EFD4CFF811EF9696D6A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.6.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:81:47:6f:86:e9:16:83:d0:2b:54:d1:21:17:04:de:b0:cb:
59:fd:f1:90:92:c3:b2:8b:81:e8:a7:24:42:44:b6:0c:2f:5a:
be:41:c6:5e:e8:7f:e0:18:a1:57:33:57:4c:85:0d:0f:03:41:
64:cf:4a:af:41:41:28:07:88:16:3f:2a:2f:d2:1b:29:25:36:
83:9e:6a:94:7f:99:99:1b:7d:46:ec:a5:ed:8d:ee:6f:07:08:
12:60:0e:20:b7:01:12:97:57:f7:e3:33:28:3d:05:44:20:f2:
84:2f:8e:4d:23:0f:c1:b4:e4:80:66:1f:a1:c1:29:b1:a1:43:
dd:86:da:cf:57:51:ba:9f:a4:d1:e6:0d:c2:7d:91:b6:70:6d:
1f:3e:2e:d4:ff:18:2f:c2:65:71:47:20:9b:b0:54:60:80:0b:
3a:9c:2e:9b:21:ac:65:32:5e:b2:f2:44:16:c9:15:0d:73:bf:
2f:49:a6:d8:9a:4b:a1:2e:a8:a7:e9:b2:51:fa:35:e6:0a:24:
6c:7b:28:64:01:36:52:7b:18:c3:02:6f:f0:a7:61:bf:af:ac:
78:0d:b5:f8:77:0a:13:1b:ac:06:d5:a0:65:5f:84:56:ab:04:
c3:ee:43:dc:42:ca:34:c3:b6:3b:58:c4:41:22:89:c1:bd:a8:
73:bf:3f:64
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQV6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMDg0OTA0WhcNMjUwMjE1MDg0OTA0WjAYMRYw
FAYDVQQDEw02NzgyMzA4NC1kMDdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3OWbwEGxGtmaqsAaDBG6LgEm/Gf13J3sdxs9M5FNEhjjbQhjqH6Z05ZI
dUKVTIjE3RWKWFglwroTqgBA640dqnZEwdMK/5oBqijDshFY07ozNpKuxi+Dyx27
Tk21s8+/cAAPRAUxz4LScMQyNV31ABrwUlm9UtMO4alHihFQVTbuno9neyI2goL9
L89qTjNeZoY6cuPW8jHMaCz36gSuw5aaU+3P0je2+ZKmgoYZCT4qrAM+PwaJfGpP
RAsiCCv6NiQ2YlSXpusrWRn4YZp/KPDs3K7y56EpBDWGamlTBG8qPeMQ0gsMqAK3
j0+eTkRQrPtd87ej+22eeM3feLWwZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI6A
jrq+iRa0vwW6iD9vUls+6FMoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQjgxRUZENENGRjgxMUVGOTY5NkQ2QTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcIGMA0GCSqGSIb3DQEBCwUA
A4IBAQAdgUdvhukWg9ArVNEhFwTesMtZ/fGQksOyi4HopyRCRLYML1q+QcZe6H/g
GKFXM1dMhQ0PA0Fkz0qvQUEoB4gWPyov0hspJTaDnmqUf5mZG31G7KXtje5vBwgS
YA4gtwESl1f34zMoPQVEIPKEL45NIw/BtOSAZh+hwSmxoUPdhtrPV1G6n6TR5g3C
fZG2cG0fPi7U/xgvwmVxRyCbsFRggAs6nC6bIaxlMl6y8kQWyRUNc78vSabYmkuh
Lqin6bJR+jXmCiRseyhkATZSexjDAm/wp2G/r6x4DbX4dwoTG6wG1aBlX4RWqwTD
7kPcQso0w7Y7WMRBIonBvahzvz9k
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:35 2025 by rpki-client