Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/F4E3CCE6C2FB11EFB2921875762E951A.roa
File: F4E3CCE6C2FB11EFB2921875762E951A.roa (raw, json)
Hash identifier: em5+W6hV5wb4UsoaGm9yNPcphUOmzIzRc/FvZi8E2vQ=
Subject key identifier: 8B:31:F0:DA:67:F9:98:53:76:7C:FF:42:9E:14:33:97:AE:46:01:35
Certificate issuer: /CN=F36776F1AR/serialNumber=A0F7897F67587CA645B35141010A5AA1A3057F6C
Certificate serial: 2F
Authority key identifier: A0:F7:89:7F:67:58:7C:A6:45:B3:51:41:01:0A:5A:A1:A3:05:7F:6C
Authority info access: rsync://rpki.afrinic.net/repository/arin/oPeJf2dYfKZFs1FBAQpaoaMFf2w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/F4E3CCE6C2FB11EFB2921875762E951A.roa
Signing time: Wed 25 Dec 2024 20:08:07 +0000
ROA not before: Wed 25 Dec 2024 20:08:03 +0000
ROA not after: Tue 25 Dec 2029 20:08:03 +0000
asID: 328092
IP address blocks: 45.221.224.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/oPeJf2dYfKZFs1FBAQpaoaMFf2w.crl
rsync://rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/oPeJf2dYfKZFs1FBAQpaoaMFf2w.mft
rsync://rpki.afrinic.net/repository/arin/oPeJf2dYfKZFs1FBAQpaoaMFf2w.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47 (0x2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36776F1AR
Validity
Not Before: Dec 25 20:08:03 2024 GMT
Not After : Dec 25 20:08:03 2029 GMT
Subject: CN=676c6627-323f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:76:19:54:bd:00:2a:5b:f2:4c:7f:67:4b:ff:
90:bc:75:e2:0e:6d:7f:1f:ba:be:26:c8:fd:f5:af:
6f:80:05:47:3e:3e:18:e7:ce:97:8e:05:e0:a8:de:
b6:14:6e:4d:88:5d:77:3b:d9:ae:9c:16:b3:ac:df:
3c:b1:1a:15:5f:06:2c:ca:ef:a0:2c:16:3e:64:3f:
0d:8b:97:a4:0c:ec:60:18:bf:95:3b:2b:16:2a:b2:
bb:e2:73:2b:8a:2c:9c:20:51:b5:35:35:98:da:27:
24:24:e1:b5:6a:d1:45:9d:45:3e:5e:ac:de:34:09:
a4:88:38:9f:0b:03:88:36:69:0d:d7:13:a4:25:d0:
99:d3:73:8c:64:2e:d7:7e:2e:a2:04:da:69:ea:dc:
aa:19:97:31:d5:88:4c:0a:5c:59:25:7b:ed:db:b6:
59:e3:7a:3a:b5:2c:cd:21:ec:1f:18:62:d0:ff:38:
24:68:e9:b1:c1:a7:68:2c:a3:42:a2:37:f3:28:54:
55:06:79:11:5a:6e:fb:2f:92:3f:b1:2c:d5:90:f4:
75:4d:1d:e8:e5:e0:da:fd:b8:7d:09:13:ad:30:8c:
11:10:34:95:b3:1d:14:81:50:59:9a:e9:5d:20:90:
f8:4e:69:3a:70:c5:96:e3:82:3d:bb:e3:b3:cb:a3:
d9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:31:F0:DA:67:F9:98:53:76:7C:FF:42:9E:14:33:97:AE:46:01:35
X509v3 Authority Key Identifier:
keyid:A0:F7:89:7F:67:58:7C:A6:45:B3:51:41:01:0A:5A:A1:A3:05:7F:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/oPeJf2dYfKZFs1FBAQpaoaMFf2w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/oPeJf2dYfKZFs1FBAQpaoaMFf2w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/F4E3CCE6C2FB11EFB2921875762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.221.224.0/24
Signature Algorithm: sha256WithRSAEncryption
84:41:34:68:b5:2d:22:e8:ae:93:cc:25:a8:28:42:f1:74:9e:
4e:91:b3:e3:f0:1b:fa:9d:69:19:2d:70:71:64:ac:9f:19:52:
d8:b2:a5:e0:17:f0:c6:66:ac:b1:07:f0:00:0a:4e:66:d1:a6:
c4:1b:91:84:f0:e8:e3:4a:2d:f3:a6:cd:18:78:64:60:c2:8e:
4b:73:d2:31:9a:e2:b3:f2:1c:02:c5:d5:00:8d:65:86:b7:4f:
bb:6e:d5:12:7a:0b:c8:c6:e6:c5:71:05:71:2c:41:e5:80:95:
2a:f6:05:12:ae:d6:ac:58:a0:93:2a:69:40:07:6f:01:7a:65:
c2:2b:ab:0a:6e:89:5e:f0:f0:7f:f6:72:d9:4a:b9:a4:58:e9:
3d:81:41:64:7c:f3:19:ed:09:a7:58:8b:8b:3e:6a:55:d8:5b:
63:bc:4f:fc:21:5a:d5:cf:c5:31:ca:d2:b4:d2:ff:f7:11:6d:
9a:e4:14:7f:79:9a:d3:90:60:7e:1f:87:03:20:09:59:86:c7:
e5:30:4c:c8:b8:a1:ee:5d:2e:62:b1:e3:b8:45:51:af:b7:0f:
b5:78:e6:25:e1:a5:ec:34:10:b2:e6:23:77:0c:fd:17:68:53:
d2:c0:0d:85:d5:d5:ae:8c:7b:cb:96:dd:9a:13:f2:a4:55:f2:
6a:9c:23:d9
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBLzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NzZGMUFSMTEwLwYDVQQFEyhBMEY3ODk3RjY3NTg3Q0E2NDVCMzUxNDEwMTBBNUFB
MUEzMDU3RjZDMB4XDTI0MTIyNTIwMDgwM1oXDTI5MTIyNTIwMDgwM1owGDEWMBQG
A1UEAxMNNjc2YzY2MjctMzIzZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANh2GVS9ACpb8kx/Z0v/kLx14g5tfx+6vibI/fWvb4AFRz4+GOfOl44F4Kje
thRuTYhddzvZrpwWs6zfPLEaFV8GLMrvoCwWPmQ/DYuXpAzsYBi/lTsrFiqyu+Jz
K4osnCBRtTU1mNonJCThtWrRRZ1FPl6s3jQJpIg4nwsDiDZpDdcTpCXQmdNzjGQu
134uogTaaercqhmXMdWITApcWSV77du2WeN6OrUszSHsHxhi0P84JGjpscGnaCyj
QqI38yhUVQZ5EVpu+y+SP7Es1ZD0dU0d6OXg2v24fQkTrTCMERA0lbMdFIFQWZrp
XSCQ+E5pOnDFluOCPbvjs8uj2dECAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSLMfDa
Z/mYU3Z8/0KeFDOXrkYBNTAfBgNVHSMEGDAWgBSg94l/Z1h8pkWzUUEBClqhowV/
bDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Nzc2RjEvNTkyREY2QTJCODk1MTFFRjkzNzUyRDZCNzYyRTk1MUEvb1BlSmYy
ZFlmS1pGczFGQkFRcGFvYU1GZjJ3LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
b1BlSmYyZFlmS1pGczFGQkFRcGFvYU1GZjJ3LmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2Nzc2RjEvNTkyREY2QTJCODk1MTFFRjkzNzUyRDZCNzYyRTk1
MUEvRjRFM0NDRTZDMkZCMTFFRkIyOTIxODc1NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC3d4DANBgkqhkiG9w0BAQsFAAOC
AQEAhEE0aLUtIuiuk8wlqChC8XSeTpGz4/Ab+p1pGS1wcWSsnxlS2LKl4Bfwxmas
sQfwAApOZtGmxBuRhPDo40ot86bNGHhkYMKOS3PSMZris/IcAsXVAI1lhrdPu27V
EnoLyMbmxXEFcSxB5YCVKvYFEq7WrFigkyppQAdvAXplwiurCm6JXvDwf/Zy2Uq5
pFjpPYFBZHzzGe0Jp1iLiz5qVdhbY7xP/CFa1c/FMcrStNL/9xFtmuQUf3ma05Bg
fh+HAyAJWYbH5TBMyLih7l0uYrHjuEVRr7cPtXjmJeGl7DQQsuYjdwz9F2hT0sAN
hdXVrox7y5bdmhPypFXyapwj2Q==
-----END CERTIFICATE-----
Generated at Wed Feb 5 20:46:43 2025 by rpki-client