Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F58C2CA8D24911EF8C9B7642762E951A.roa
File: F58C2CA8D24911EF8C9B7642762E951A.roa (raw, json)
Hash identifier: TSzRbxYr50eNY65mxzax/noUK47EXmpg1ilERo0arUo=
Subject key identifier: 2A:00:AA:E0:D2:75:B6:C7:C3:B6:B7:1D:51:E4:0B:34:82:47:0B:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106EA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F58C2CA8D24911EF8C9B7642762E951A.roa
Signing time: Tue 14 Jan 2025 07:34:17 +0000
ROA not before: Tue 14 Jan 2025 07:34:13 +0000
ROA not after: Tue 18 Feb 2025 07:34:13 +0000
asID: 214413
IP address blocks: 45.194.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67306 (0x106ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 07:34:13 2025 GMT
Not After : Feb 18 07:34:13 2025 GMT
Subject: CN=67861378-f0af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5c:68:95:2d:5b:24:6f:85:b9:5f:1a:bf:53:
8e:f7:1d:ec:d1:d1:71:47:83:3a:fd:63:6f:a6:e4:
84:4d:67:54:83:cc:7f:ec:2f:4c:68:b7:8c:ea:8d:
d5:91:62:b4:6d:f4:f8:53:2a:4a:41:5a:a3:0b:45:
d6:a4:99:7e:69:3c:9a:9d:35:fe:2f:32:70:8f:09:
4a:e9:47:b7:51:58:b6:c3:1a:fc:e8:2a:15:c5:ed:
08:9d:eb:22:dd:91:71:13:9a:3f:78:41:7f:95:26:
16:76:bd:b9:2d:2e:43:72:c2:38:e9:96:87:e0:85:
26:1e:69:1f:44:bc:fc:14:a3:e3:56:b0:24:44:21:
d4:a6:a6:f3:da:47:fe:43:43:de:0e:d2:d0:75:1e:
c9:fb:be:f0:94:c9:1a:ac:11:8a:16:97:01:08:50:
8d:e7:6f:b0:47:54:c9:8d:19:3b:a7:3c:b2:08:5f:
c8:03:0f:58:58:82:a6:1b:01:67:7d:ab:c4:b7:af:
9a:64:e1:91:0c:f7:67:78:4b:c4:ad:24:33:10:14:
37:bd:33:fa:cd:54:20:b6:81:bd:96:67:3b:53:5a:
2d:2a:c9:fa:37:9b:58:3d:7e:a2:bf:2b:db:ed:d2:
17:ee:4b:e3:cb:d6:1a:48:d4:d9:d4:49:2c:f2:82:
4c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:00:AA:E0:D2:75:B6:C7:C3:B6:B7:1D:51:E4:0B:34:82:47:0B:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F58C2CA8D24911EF8C9B7642762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.87.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:78:13:16:cd:5b:82:91:56:5e:80:f9:c9:ea:3c:54:73:4d:
5b:66:ec:db:9d:8b:93:99:7a:10:0f:4a:cb:67:8c:ce:07:24:
6f:52:20:1a:8b:0f:72:e1:8d:b3:c9:66:17:c3:0a:73:fe:38:
69:ba:01:23:db:bc:00:41:28:74:c0:a5:c0:87:23:9a:30:16:
45:ac:34:24:6c:18:be:70:98:6a:e1:85:e4:12:42:52:76:f7:
f9:b7:02:44:c7:08:52:90:09:df:52:2a:cb:93:ba:f1:b7:c8:
80:66:d6:fa:0f:67:a6:72:8a:4a:5e:bd:90:ee:af:dd:22:54:
da:81:d2:b9:e6:78:f1:53:37:98:06:0b:b8:3c:a2:04:f4:81:
ce:10:0f:67:36:75:8f:50:1f:04:21:f8:9d:97:3c:9f:f1:6c:
36:e9:e8:a0:73:7e:0f:c5:de:f7:0f:2c:1c:13:5c:3b:11:75:
12:31:84:97:4b:9c:fc:b3:6b:3c:a5:3e:ac:a8:94:5b:f2:db:
89:33:9a:ab:2d:b3:30:bb:a1:ae:e9:68:7d:2f:ff:01:dd:7c:
47:45:42:3d:c6:a0:bd:23:18:d1:74:aa:b7:8d:59:5c:62:e8:
80:87:f7:e4:74:c7:35:00:d0:98:30:7c:8d:12:8d:8c:85:27:
59:e7:08:79
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQbqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDczNDEzWhcNMjUwMjE4MDczNDEzWjAYMRYw
FAYDVQQDEw02Nzg2MTM3OC1mMGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxFxolS1bJG+FuV8av1OO9x3s0dFxR4M6/WNvpuSETWdUg8x/7C9MaLeM
6o3VkWK0bfT4UypKQVqjC0XWpJl+aTyanTX+LzJwjwlK6Ue3UVi2wxr86CoVxe0I
nesi3ZFxE5o/eEF/lSYWdr25LS5DcsI46ZaH4IUmHmkfRLz8FKPjVrAkRCHUpqbz
2kf+Q0PeDtLQdR7J+77wlMkarBGKFpcBCFCN52+wR1TJjRk7pzyyCF/IAw9YWIKm
GwFnfavEt6+aZOGRDPdneEvErSQzEBQ3vTP6zVQgtoG9lmc7U1otKsn6N5tYPX6i
vyvb7dIX7kvjy9YaSNTZ1Eks8oJMFQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCoA
quDSdbbHw7a3HVHkCzSCRwuoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNThDMkNBOEQyNDkxMUVGOEM5Qjc2NDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcJXMA0GCSqGSIb3DQEBCwUA
A4IBAQC7eBMWzVuCkVZegPnJ6jxUc01bZuzbnYuTmXoQD0rLZ4zOByRvUiAaiw9y
4Y2zyWYXwwpz/jhpugEj27wAQSh0wKXAhyOaMBZFrDQkbBi+cJhq4YXkEkJSdvf5
twJExwhSkAnfUirLk7rxt8iAZtb6D2emcopKXr2Q7q/dIlTagdK55njxUzeYBgu4
PKIE9IHOEA9nNnWPUB8EIfidlzyf8Ww26eigc34Pxd73DywcE1w7EXUSMYSXS5z8
s2s8pT6sqJRb8tuJM5qrLbMwu6Gu6Wh9L/8B3XxHRUI9xqC9IxjRdKq3jVlcYuiA
h/fkdMc1ANCYMHyNEo2MhSdZ5wh5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:19 2025 by rpki-client