Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F932F58CCAE011EFAE76D8A9762E951A.roa
File: F932F58CCAE011EFAE76D8A9762E951A.roa (raw, json)
Hash identifier: HiHKVUHxEuAm4W1Z+jTSQbkWWGsICiQ/w2dC/HbTd+0=
Subject key identifier: CA:70:1D:44:9C:88:CD:E4:38:05:1D:DB:22:65:08:F0:52:98:A6:4D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7B0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F932F58CCAE011EFAE76D8A9762E951A.roa
Signing time: Sat 04 Jan 2025 21:15:07 +0000
ROA not before: Sun 05 Jan 2025 21:15:04 +0000
ROA not after: Fri 07 Feb 2025 21:15:04 +0000
asID: 272854
IP address blocks: 45.195.12.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63408 (0xf7b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 21:15:04 2025 GMT
Not After : Feb 7 21:15:04 2025 GMT
Subject: CN=6779a4db-c7ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e2:e6:bd:03:a9:77:57:6a:01:6b:b3:5d:2e:
4a:cc:4d:27:ec:ab:e4:63:ef:e1:47:10:c5:01:0d:
34:2f:9b:82:75:70:7b:26:85:21:6a:e0:8e:b4:04:
b1:21:ae:e8:27:a1:5f:f6:cd:e7:e8:c5:01:87:4e:
b6:fd:cd:a6:52:78:e1:40:5f:12:da:1e:cd:bf:84:
2e:1e:73:ff:21:61:a8:e4:93:70:63:64:53:70:a4:
f4:4f:a6:8a:dc:fd:6f:62:95:ad:18:89:d6:37:f1:
8c:d7:83:de:7a:24:46:bc:ff:ad:67:ac:42:a3:80:
a7:34:14:d0:fc:1f:ef:97:de:c1:6d:97:d9:46:db:
8e:e5:c4:7d:32:1b:c1:44:0d:fd:e2:cc:a2:7e:70:
be:99:66:fb:d3:2a:38:d1:fe:9a:05:3a:57:b0:39:
67:28:32:24:09:84:47:96:b2:e6:b7:55:96:95:f9:
d9:0b:e3:d4:ea:d6:25:3b:11:63:a1:5f:f8:af:a7:
fb:58:0a:c0:0a:2e:17:c0:a2:e0:c2:14:2c:f7:86:
dc:e6:9a:81:00:13:ff:04:8d:51:ba:fd:56:e6:2b:
8a:45:05:f2:3f:3e:c6:d8:ed:07:2b:75:01:bc:79:
e8:9c:00:c6:a5:4a:ca:43:e3:8e:6b:63:2c:1b:b4:
c9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:70:1D:44:9C:88:CD:E4:38:05:1D:DB:22:65:08:F0:52:98:A6:4D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F932F58CCAE011EFAE76D8A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.12.0/23
Signature Algorithm: sha256WithRSAEncryption
14:b2:55:52:18:c0:b6:a6:e3:70:1e:1c:ed:26:93:c3:27:43:
65:5f:25:ed:1b:95:f4:5a:8f:b4:7d:3f:31:f2:36:fd:59:58:
14:e8:b3:80:f0:34:0e:22:43:6e:b0:ba:65:b3:27:5a:57:47:
ff:a0:a9:45:ee:d5:fc:c5:a0:c1:58:85:06:95:73:78:c5:e4:
93:75:34:ee:33:65:96:97:de:9b:59:2d:29:19:bd:4e:ba:d7:
92:07:a2:84:b9:27:91:4e:c0:33:45:b6:16:a1:65:de:ae:25:
50:e3:b6:47:ae:d1:26:0a:19:57:ef:77:95:63:70:a5:f4:5c:
49:53:a0:07:e0:d5:e3:6f:28:2c:43:9e:01:19:f3:6b:72:b3:
6e:44:72:e3:1b:2d:40:c5:e0:3e:ba:52:03:62:d0:0b:b1:5a:
2f:d4:86:bb:aa:de:39:75:98:db:5b:f9:56:26:6f:3e:1a:ab:
df:2d:ab:44:7f:93:6a:76:d0:0d:18:fb:41:8a:9d:97:85:61:
79:5d:d7:ae:e6:28:12:94:42:f2:87:55:9e:80:28:8d:5a:e7:
52:cf:81:7a:1f:25:e4:a4:33:be:45:2b:94:dd:f4:4e:e0:bd:
ee:b3:da:b3:36:ef:8f:6d:2c:78:52:e0:ba:b7:9e:14:49:4f:
2b:2c:db:8e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPewMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjExNTA0WhcNMjUwMjA3MjExNTA0WjAYMRYw
FAYDVQQDEw02Nzc5YTRkYi1jN2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv+LmvQOpd1dqAWuzXS5KzE0n7KvkY+/hRxDFAQ00L5uCdXB7JoUhauCO
tASxIa7oJ6Ff9s3n6MUBh062/c2mUnjhQF8S2h7Nv4QuHnP/IWGo5JNwY2RTcKT0
T6aK3P1vYpWtGInWN/GM14PeeiRGvP+tZ6xCo4CnNBTQ/B/vl97BbZfZRtuO5cR9
MhvBRA394syifnC+mWb70yo40f6aBTpXsDlnKDIkCYRHlrLmt1WWlfnZC+PU6tYl
OxFjoV/4r6f7WArACi4XwKLgwhQs94bc5pqBABP/BI1Ruv1W5iuKRQXyPz7G2O0H
K3UBvHnonADGpUrKQ+OOa2MsG7TJCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMpw
HUSciM3kOAUd2yJlCPBSmKZNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GOTMyRjU4Q0NBRTAxMUVGQUU3NkQ4QTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcMMMA0GCSqGSIb3DQEBCwUA
A4IBAQAUslVSGMC2puNwHhztJpPDJ0NlXyXtG5X0Wo+0fT8x8jb9WVgU6LOA8DQO
IkNusLplsydaV0f/oKlF7tX8xaDBWIUGlXN4xeSTdTTuM2WWl96bWS0pGb1OuteS
B6KEuSeRTsAzRbYWoWXeriVQ47ZHrtEmChlX73eVY3Cl9FxJU6AH4NXjbygsQ54B
GfNrcrNuRHLjGy1AxeA+ulIDYtALsVov1Ia7qt45dZjbW/lWJm8+GqvfLatEf5Nq
dtANGPtBip2XhWF5Xdeu5igSlELyh1WegCiNWudSz4F6HyXkpDO+RSuU3fRO4L3u
s9qzNu+PbSx4UuC6t54USU8rLNuO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:09 2025 by rpki-client