Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE0A1DB4CEF211EF8E787196762E951A.roa
File: EE0A1DB4CEF211EF8E787196762E951A.roa (raw, json)
Hash identifier: OQWeogDFQOJOFPFW7v0u+hCooSextB3BHxjgRoy2JOc=
Subject key identifier: 48:7D:71:A3:12:4A:A3:58:65:DE:8A:64:45:D3:C0:A2:BE:EB:B6:D2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010481
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE0A1DB4CEF211EF8E787196762E951A.roa
Signing time: Fri 10 Jan 2025 01:33:44 +0000
ROA not before: Fri 10 Jan 2025 01:33:41 +0000
ROA not after: Thu 13 Feb 2025 01:33:41 +0000
asID: 54801
IP address blocks: 45.195.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66689 (0x10481)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 01:33:41 2025 GMT
Not After : Feb 13 01:33:41 2025 GMT
Subject: CN=678078f8-5774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:28:55:29:95:12:eb:e9:a9:a1:81:c7:5c:41:
4b:a6:56:2e:39:17:df:39:c9:40:0b:39:d7:9c:87:
72:c0:02:a7:a4:0e:cb:bd:f8:36:4a:7e:a5:14:fd:
0b:3e:d9:64:5f:5c:cd:27:af:de:b1:c0:35:28:33:
71:19:2d:3b:1d:9c:b4:5a:f3:61:46:64:97:30:ac:
07:38:9b:4a:d2:17:a8:21:5c:72:78:d0:b2:2b:4e:
f8:cb:c2:05:fa:7d:52:9e:75:a7:a4:89:80:1b:18:
95:c6:13:15:1f:d8:7e:f7:7b:8f:31:6e:c0:f2:80:
6a:e9:0e:ec:64:c9:aa:98:e2:be:81:c4:49:78:e4:
13:bc:9d:eb:f1:39:7d:fc:46:2f:6b:7f:c3:1b:a3:
87:2d:29:f7:0a:c7:12:57:1d:cc:a8:c0:61:a7:d4:
3d:f4:e9:f2:db:e1:2c:90:c7:b5:80:54:fc:50:ee:
dd:fa:17:dd:38:99:99:58:6e:68:b9:d8:43:38:1b:
66:94:26:3c:e0:aa:81:bc:65:6a:a0:0c:69:25:31:
de:6d:86:7e:b6:a0:21:70:04:ac:52:4c:91:37:86:
bf:83:c6:fa:65:86:79:9b:79:6e:d4:28:a7:60:6f:
8e:94:0b:ad:2b:57:f0:79:05:c8:8e:10:bd:35:a1:
cf:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:7D:71:A3:12:4A:A3:58:65:DE:8A:64:45:D3:C0:A2:BE:EB:B6:D2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE0A1DB4CEF211EF8E787196762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.60.0/24
Signature Algorithm: sha256WithRSAEncryption
48:20:b8:32:aa:74:13:8c:09:2c:ea:4c:18:b2:0e:c5:2b:33:
ad:b6:ac:22:47:25:27:24:ed:a9:00:b7:86:93:0b:22:02:8e:
91:35:ba:79:df:b2:68:67:79:21:9e:4d:b7:e9:f8:67:d0:dc:
cf:30:b2:6d:5b:2e:80:ec:fe:53:86:08:85:7f:04:2c:ba:07:
cc:0b:ed:bf:35:ec:af:7e:5a:10:fe:e7:ff:80:09:4d:73:a5:
ad:6d:66:00:5a:57:39:3d:b2:5f:da:b5:5d:d7:1f:91:97:b9:
6d:d5:bc:2e:db:46:00:26:cc:54:1e:eb:33:90:99:bf:fe:ff:
c8:f1:7e:49:7c:f9:5d:30:32:64:94:de:fc:a8:51:44:23:60:
36:bf:1e:a3:34:70:79:b6:ca:cd:93:aa:02:0f:2a:e0:84:99:
76:97:f7:8c:25:86:a5:0d:b9:47:8d:3c:b0:9c:08:9e:2e:f1:
b6:25:cb:d9:7d:2d:4f:4e:be:67:2c:ae:11:cd:77:81:1a:3f:
28:75:3f:c4:80:2f:47:26:1e:a6:80:e3:cf:03:a2:68:fd:d2:
b8:c6:07:f4:4f:80:3c:cc:d0:b6:81:38:53:ef:15:46:0d:57:
6d:62:6b:e5:16:e8:6c:f7:dc:94:66:97:fc:41:ae:3a:df:d3:
88:c8:d9:9d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQSBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDEzMzQxWhcNMjUwMjEzMDEzMzQxWjAYMRYw
FAYDVQQDEw02NzgwNzhmOC01Nzc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8ChVKZUS6+mpoYHHXEFLplYuORffOclACznXnIdywAKnpA7Lvfg2Sn6l
FP0LPtlkX1zNJ6/escA1KDNxGS07HZy0WvNhRmSXMKwHOJtK0heoIVxyeNCyK074
y8IF+n1SnnWnpImAGxiVxhMVH9h+93uPMW7A8oBq6Q7sZMmqmOK+gcRJeOQTvJ3r
8Tl9/EYva3/DG6OHLSn3CscSVx3MqMBhp9Q99Ony2+EskMe1gFT8UO7d+hfdOJmZ
WG5oudhDOBtmlCY84KqBvGVqoAxpJTHebYZ+tqAhcASsUkyRN4a/g8b6ZYZ5m3lu
1CinYG+OlAutK1fweQXIjhC9NaHP1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEh9
caMSSqNYZd6KZEXTwKK+67bSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRTBBMURCNENFRjIxMUVGOEU3ODcxOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcM8MA0GCSqGSIb3DQEBCwUA
A4IBAQBIILgyqnQTjAks6kwYsg7FKzOttqwiRyUnJO2pALeGkwsiAo6RNbp537Jo
Z3khnk236fhn0NzPMLJtWy6A7P5ThgiFfwQsugfMC+2/NeyvfloQ/uf/gAlNc6Wt
bWYAWlc5PbJf2rVd1x+Rl7lt1bwu20YAJsxUHuszkJm//v/I8X5JfPldMDJklN78
qFFEI2A2vx6jNHB5tsrNk6oCDyrghJl2l/eMJYalDblHjTywnAieLvG2JcvZfS1P
Tr5nLK4RzXeBGj8odT/EgC9HJh6mgOPPA6Jo/dK4xgf0T4A8zNC2gThT7xVGDVdt
YmvlFuhs99yUZpf8Qa4639OIyNmd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:15 2025 by rpki-client