Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE8A7442CADC11EFBCCF228F762E951A.roa
File: EE8A7442CADC11EFBCCF228F762E951A.roa (raw, json)
Hash identifier: eUBUcqFLzSHbpSOxV1832BDJ2ZiFwOOOhmYCwYzpvBo=
Subject key identifier: FD:2C:41:3A:83:AE:39:B2:78:86:27:2F:FB:AC:46:95:07:C3:82:E2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7A6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE8A7442CADC11EFBCCF228F762E951A.roa
Signing time: Sat 04 Jan 2025 20:46:11 +0000
ROA not before: Sun 05 Jan 2025 20:46:08 +0000
ROA not after: Sun 09 Feb 2025 20:46:08 +0000
asID: 137897
IP address blocks: 45.204.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63398 (0xf7a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 20:46:08 2025 GMT
Not After : Feb 9 20:46:08 2025 GMT
Subject: CN=67799e13-2bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:cf:0a:f7:0d:5d:b6:dd:06:94:f7:9f:38:76:
b7:8a:38:de:b6:86:c8:94:2a:d8:75:77:8e:a7:cf:
d8:55:26:8b:57:31:c8:7a:0e:68:7f:13:1b:9c:b2:
b8:75:0b:90:2e:df:c2:f0:ea:92:29:00:c2:13:a5:
6f:a3:43:49:9e:5b:10:17:52:b6:ef:31:2b:d8:e7:
67:a9:12:19:73:69:23:7b:01:c2:28:ca:f5:ad:62:
e6:5c:4f:2f:ba:18:c2:6a:2d:75:cd:d9:0f:43:df:
56:8c:b5:94:84:54:06:99:2a:25:89:4c:82:61:81:
8e:a1:2c:a9:d4:60:f7:f5:85:8d:f8:13:f1:df:c5:
68:40:59:ce:10:41:38:94:7a:fd:7a:c4:ca:6b:a0:
3d:a5:db:29:92:d4:bb:f8:16:3c:a3:ac:ad:49:a4:
34:63:73:9a:4b:ab:39:1a:91:ac:74:a0:25:89:cd:
1f:1f:83:61:6e:70:9a:d0:30:ec:fe:85:9c:f5:ce:
c8:64:18:e7:ec:7d:0d:0c:aa:72:7a:af:a9:d8:ee:
62:6c:e4:76:70:d7:2d:9f:07:92:11:3a:8d:d7:1b:
71:04:a4:4b:4b:18:cf:a5:db:08:a2:35:9e:89:1f:
b0:89:77:24:7f:33:f5:b3:91:87:44:6d:37:95:b5:
d1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:2C:41:3A:83:AE:39:B2:78:86:27:2F:FB:AC:46:95:07:C3:82:E2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE8A7442CADC11EFBCCF228F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.142.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:2c:6e:5f:32:cb:e5:e3:93:19:b0:a8:b1:d6:3d:be:6f:04:
e8:23:7b:06:4f:23:4c:91:30:ec:48:8a:ed:59:1e:3f:1f:32:
42:db:15:da:f4:9d:a7:22:56:b3:f1:08:c9:c4:7b:29:fc:a9:
95:e6:3c:4e:93:e1:6e:31:ad:ac:ee:bc:47:ea:5b:f5:95:2b:
8b:2d:8e:b4:bf:48:1e:e3:eb:29:45:f1:eb:93:22:15:c3:ca:
e7:bf:c9:02:1e:ad:40:b0:70:37:2e:b8:84:1f:67:b1:ef:f0:
66:e3:33:69:16:c6:59:4a:13:a0:28:35:55:18:2d:6c:e3:76:
14:81:9e:a6:d8:b7:a5:1e:19:1f:c9:ba:f9:9a:ba:83:2a:33:
34:86:63:72:19:27:77:22:fb:72:8c:b1:da:b1:69:12:8a:96:
e6:81:7a:5e:d7:44:e7:69:92:ca:91:6c:c5:74:69:17:21:e5:
6c:34:09:c5:e5:59:d4:20:a6:76:cb:db:6a:13:69:37:b4:1a:
90:24:8e:9a:4f:66:b6:1d:aa:f4:61:e9:b9:65:10:05:9d:89:
08:09:bc:4e:56:d1:41:4b:82:f2:9a:b5:2f:b7:5d:2a:f3:ef:
e5:7f:5e:59:77:b0:b3:f9:ad:ff:29:e8:a3:1b:00:c0:cd:ff:
5a:0b:92:60
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPemMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjA0NjA4WhcNMjUwMjA5MjA0NjA4WjAYMRYw
FAYDVQQDEw02Nzc5OWUxMy0yYmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+c8K9w1dtt0GlPefOHa3ijjetobIlCrYdXeOp8/YVSaLVzHIeg5ofxMb
nLK4dQuQLt/C8OqSKQDCE6Vvo0NJnlsQF1K27zEr2OdnqRIZc2kjewHCKMr1rWLm
XE8vuhjCai11zdkPQ99WjLWUhFQGmSoliUyCYYGOoSyp1GD39YWN+BPx38VoQFnO
EEE4lHr9esTKa6A9pdspktS7+BY8o6ytSaQ0Y3OaS6s5GpGsdKAlic0fH4NhbnCa
0DDs/oWc9c7IZBjn7H0NDKpyeq+p2O5ibOR2cNctnweSETqN1xtxBKRLSxjPpdsI
ojWeiR+wiXckfzP1s5GHRG03lbXRRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP0s
QTqDrjmyeIYnL/usRpUHw4LiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRThBNzQ0MkNBREMxMUVGQkNDRjIyOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcyOMA0GCSqGSIb3DQEBCwUA
A4IBAQA7LG5fMsvl45MZsKix1j2+bwToI3sGTyNMkTDsSIrtWR4/HzJC2xXa9J2n
Ilaz8QjJxHsp/KmV5jxOk+FuMa2s7rxH6lv1lSuLLY60v0ge4+spRfHrkyIVw8rn
v8kCHq1AsHA3LriEH2ex7/Bm4zNpFsZZShOgKDVVGC1s43YUgZ6m2LelHhkfybr5
mrqDKjM0hmNyGSd3IvtyjLHasWkSipbmgXpe10TnaZLKkWzFdGkXIeVsNAnF5VnU
IKZ2y9tqE2k3tBqQJI6aT2a2Har0Yem5ZRAFnYkICbxOVtFBS4LymrUvt10q8+/l
f15Zd7Cz+a3/KeijGwDAzf9aC5Jg
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:35 2025 by rpki-client