Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/F891118CBE3711EF94207A53762E951A.roa
File: F891118CBE3711EF94207A53762E951A.roa (raw, json)
Hash identifier: /BSsoHmVYWT3uZmtUs29hLyCS4VFjhVXegvsldImsTY=
Subject key identifier: 14:D9:45:47:7C:AF:13:CF:A4:6B:04:36:AB:60:F4:91:39:20:29:AD
Certificate issuer: /CN=F36776F1AR/serialNumber=A0F7897F67587CA645B35141010A5AA1A3057F6C
Certificate serial: 1A
Authority key identifier: A0:F7:89:7F:67:58:7C:A6:45:B3:51:41:01:0A:5A:A1:A3:05:7F:6C
Authority info access: rsync://rpki.afrinic.net/repository/arin/oPeJf2dYfKZFs1FBAQpaoaMFf2w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/F891118CBE3711EF94207A53762E951A.roa
Signing time: Thu 19 Dec 2024 18:35:07 +0000
ROA not before: Thu 19 Dec 2024 18:35:04 +0000
ROA not after: Wed 19 Dec 2029 18:35:04 +0000
asID: 29286
IP address blocks: 45.221.252.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/oPeJf2dYfKZFs1FBAQpaoaMFf2w.crl
rsync://rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/oPeJf2dYfKZFs1FBAQpaoaMFf2w.mft
rsync://rpki.afrinic.net/repository/arin/oPeJf2dYfKZFs1FBAQpaoaMFf2w.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36776F1AR
Validity
Not Before: Dec 19 18:35:04 2024 GMT
Not After : Dec 19 18:35:04 2029 GMT
Subject: CN=6764675b-4f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fb:49:b6:f5:7f:c5:d6:ed:0f:9e:65:f6:f2:
8e:5a:70:ff:17:5b:b9:e9:a7:d1:9a:df:ad:e2:74:
75:cd:a5:08:2b:76:e0:70:13:be:d9:9e:85:b6:cb:
23:0b:45:73:cc:6f:3b:53:e6:fe:0c:8c:c2:82:21:
23:7c:6a:2d:a2:91:23:67:d5:e6:33:5f:93:fd:f6:
ce:c7:23:3c:6d:9b:67:81:90:b2:82:b8:a1:43:bf:
4c:e2:7f:dc:ca:6c:e8:74:3e:db:32:27:b2:bc:a3:
a9:8f:ea:c9:f7:0b:26:8d:64:8c:2c:ef:58:22:92:
3e:d8:c6:61:8b:60:bc:89:c9:db:54:cf:c0:9b:80:
ff:cf:77:07:32:45:4c:70:db:b4:4e:9f:cf:34:f4:
25:3a:1b:0c:33:22:df:ea:38:95:76:e5:b4:ea:30:
e1:79:46:37:eb:f3:88:13:31:d1:38:15:11:59:cd:
0d:79:dc:22:40:b8:5d:14:f3:ee:6e:af:5b:ce:86:
af:d7:3a:0f:f7:99:28:3f:f4:fb:e2:d2:c4:71:b2:
b3:5f:5b:62:0c:f8:7f:0f:6d:39:69:39:fd:bc:87:
f1:60:7e:b7:48:1d:e3:b8:81:ab:7b:4c:c5:c3:3f:
26:af:57:0a:0c:da:6b:a0:81:a1:a7:19:15:e3:5b:
52:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D9:45:47:7C:AF:13:CF:A4:6B:04:36:AB:60:F4:91:39:20:29:AD
X509v3 Authority Key Identifier:
keyid:A0:F7:89:7F:67:58:7C:A6:45:B3:51:41:01:0A:5A:A1:A3:05:7F:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/oPeJf2dYfKZFs1FBAQpaoaMFf2w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/oPeJf2dYfKZFs1FBAQpaoaMFf2w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36776F1/592DF6A2B89511EF93752D6B762E951A/F891118CBE3711EF94207A53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.221.252.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:17:88:9c:0e:29:60:ae:a5:cd:fa:a0:db:31:9b:eb:63:3c:
75:74:2c:26:be:d6:de:f9:a8:14:fb:13:99:a3:cb:e0:28:88:
71:31:7d:f4:b9:91:9f:12:30:8b:a6:d0:bd:4f:e6:da:56:20:
32:cc:ad:53:aa:9b:13:b9:d4:6c:5a:ad:e5:9d:b6:0b:8e:55:
dd:11:86:19:29:7f:46:25:a5:bd:ac:59:1d:1f:f3:2e:c0:a4:
4f:5f:05:25:17:4c:b1:56:d7:f0:63:9f:08:c9:f9:0e:13:1c:
d3:db:6e:e9:99:69:d5:83:e8:f0:41:0b:65:c9:7d:d0:20:17:
bd:da:cc:e7:74:04:a5:54:21:ec:96:80:2d:c8:28:e0:e3:73:
68:9c:6a:2f:43:a8:ad:a9:64:66:8e:08:4d:44:83:9f:e2:ea:
af:bd:7a:0c:ef:6c:65:07:53:21:99:f7:3a:8e:1f:10:5c:a4:
dc:fc:87:b6:34:aa:37:f8:f2:71:7c:27:1f:7a:e8:25:62:2c:
ae:0f:43:a7:79:b7:c2:90:91:99:74:14:42:cc:00:d1:90:1e:
3f:fe:61:7b:42:3e:00:4d:19:7d:64:fb:68:45:ab:cc:41:36:
4c:9c:8f:66:a2:6c:05:6b:17:e6:fd:0f:b1:46:11:ff:ac:88:
35:52:5f:dd
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBGjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NzZGMUFSMTEwLwYDVQQFEyhBMEY3ODk3RjY3NTg3Q0E2NDVCMzUxNDEwMTBBNUFB
MUEzMDU3RjZDMB4XDTI0MTIxOTE4MzUwNFoXDTI5MTIxOTE4MzUwNFowGDEWMBQG
A1UEAxMNNjc2NDY3NWItNGY2YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM37Sbb1f8XW7Q+eZfbyjlpw/xdbuemn0ZrfreJ0dc2lCCt24HATvtmehbbL
IwtFc8xvO1Pm/gyMwoIhI3xqLaKRI2fV5jNfk/32zscjPG2bZ4GQsoK4oUO/TOJ/
3Mps6HQ+2zInsryjqY/qyfcLJo1kjCzvWCKSPtjGYYtgvInJ21TPwJuA/893BzJF
THDbtE6fzzT0JTobDDMi3+o4lXbltOow4XlGN+vziBMx0TgVEVnNDXncIkC4XRTz
7m6vW86Gr9c6D/eZKD/0++LSxHGys19bYgz4fw9tOWk5/byH8WB+t0gd47iBq3tM
xcM/Jq9XCgzaa6CBoacZFeNbUvcCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQU2UVH
fK8Tz6RrBDarYPSROSAprTAfBgNVHSMEGDAWgBSg94l/Z1h8pkWzUUEBClqhowV/
bDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Nzc2RjEvNTkyREY2QTJCODk1MTFFRjkzNzUyRDZCNzYyRTk1MUEvb1BlSmYy
ZFlmS1pGczFGQkFRcGFvYU1GZjJ3LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
b1BlSmYyZFlmS1pGczFGQkFRcGFvYU1GZjJ3LmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2Nzc2RjEvNTkyREY2QTJCODk1MTFFRjkzNzUyRDZCNzYyRTk1
MUEvRjg5MTExOENCRTM3MTFFRjk0MjA3QTUzNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC3d/DANBgkqhkiG9w0BAQsFAAOC
AQEALBeInA4pYK6lzfqg2zGb62M8dXQsJr7W3vmoFPsTmaPL4CiIcTF99LmRnxIw
i6bQvU/m2lYgMsytU6qbE7nUbFqt5Z22C45V3RGGGSl/RiWlvaxZHR/zLsCkT18F
JRdMsVbX8GOfCMn5DhMc09tu6Zlp1YPo8EELZcl90CAXvdrM53QEpVQh7JaALcgo
4ONzaJxqL0OoralkZo4ITUSDn+Lqr716DO9sZQdTIZn3Oo4fEFyk3PyHtjSqN/jy
cXwnH3roJWIsrg9Dp3m3wpCRmXQUQswA0ZAeP/5he0I+AE0ZfWT7aEWrzEE2TJyP
ZqJsBWsX5v0PsUYR/6yINVJf3Q==
-----END CERTIFICATE-----
Generated at Wed Feb 5 20:36:36 2025 by rpki-client