Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00FB0FAACBE711EFB8A041B3762E951A.roa
File: 00FB0FAACBE711EFB8A041B3762E951A.roa (raw, json)
Hash identifier: qIAWUhg4kYK6m5ipbyTqwVlXqHljIEzZW5CYstVGo1U=
Subject key identifier: 6B:37:20:37:78:B7:E8:0F:2B:5F:79:32:BC:DC:95:C1:D2:AF:49:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F814
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00FB0FAACBE711EFB8A041B3762E951A.roa
Signing time: Mon 06 Jan 2025 04:30:49 +0000
ROA not before: Mon 06 Jan 2025 04:30:45 +0000
ROA not after: Sun 09 Feb 2025 04:30:45 +0000
asID: 9304
IP address blocks: 45.204.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63508 (0xf814)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 04:30:45 2025 GMT
Not After : Feb 9 04:30:45 2025 GMT
Subject: CN=677b5c78-cdf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e6:6a:c1:d2:37:62:95:f8:be:a2:c0:e7:f2:
14:33:fa:04:3d:05:b8:6f:57:90:c7:2f:74:2a:5c:
ef:4c:83:d6:8e:c9:65:7c:90:f2:b9:ac:4d:e0:04:
0f:36:26:30:47:7e:39:ac:81:1a:59:17:8e:01:7c:
c1:e9:d8:f7:79:f9:68:cf:ff:02:48:86:76:91:cf:
c0:09:1f:c5:ca:e3:72:05:5a:d4:75:b6:97:50:81:
3a:f9:f4:3d:f1:56:af:ea:54:84:d4:6d:b1:b1:27:
4d:b1:bd:5f:48:69:95:b0:60:d6:1a:89:ca:c7:1d:
a0:8e:77:fd:58:25:a2:1d:58:b6:0f:2d:7f:10:1a:
42:1f:2a:39:23:de:cc:f5:71:b9:73:d1:56:88:9f:
0f:c4:ab:a7:1f:0d:30:09:27:4e:66:b8:81:58:5a:
10:c6:f7:9b:17:f6:e9:8d:aa:b1:b4:8b:f5:cd:d7:
61:2e:48:1c:7e:86:9a:70:cb:04:fc:83:d2:90:9d:
db:e0:34:85:94:bb:ea:78:d9:d2:4e:6c:d7:ae:15:
29:a7:c6:14:38:50:ed:ab:5f:34:34:16:0b:fb:9b:
39:62:57:79:e5:7a:fa:d8:52:24:52:76:9d:0a:4a:
25:6a:1b:19:21:8c:95:76:92:75:40:5a:d3:e4:c0:
23:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:37:20:37:78:B7:E8:0F:2B:5F:79:32:BC:DC:95:C1:D2:AF:49:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00FB0FAACBE711EFB8A041B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.141.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:af:e9:da:fb:de:7b:02:eb:7c:e5:30:52:27:15:7a:ca:be:
9a:ec:9e:ca:0a:e5:20:b7:09:9c:ad:a9:f5:1d:24:ae:f1:dc:
bf:44:ec:2b:78:fe:af:2f:f6:61:13:94:3c:66:7e:d6:41:2d:
64:8f:83:b1:8c:0f:3a:10:87:cd:68:07:bc:15:4e:a3:d3:46:
1d:f2:62:42:4a:fe:9d:02:af:9e:f8:61:fa:ba:28:04:cd:9c:
9a:d5:be:40:50:03:e9:4e:41:c4:f9:a7:01:e4:db:c8:c6:94:
52:33:8a:57:d6:4f:80:20:3b:cf:b7:9b:e0:50:9f:82:e5:95:
54:05:64:64:cb:27:2c:ae:36:d0:eb:2c:92:48:42:dc:0f:73:
f7:89:d4:06:03:9f:7e:a5:0e:f5:a0:0f:e3:9c:b7:3d:e2:bc:
97:6a:bb:eb:ad:71:c4:34:29:c0:41:90:f6:e7:b7:63:0a:aa:
e3:27:a4:1c:b5:31:f6:21:0b:02:05:ab:7f:34:37:5f:ed:f1:
d1:f8:c8:12:82:40:14:96:c2:ea:6a:c1:c9:58:7d:e9:2c:a7:
34:41:d9:dc:38:f1:49:79:db:ac:e6:a7:82:46:72:2c:86:77:
21:af:09:d6:3b:87:5e:a6:00:d4:cd:df:b6:98:3a:4e:68:19:
8a:b2:d7:d9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPgUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDQzMDQ1WhcNMjUwMjA5MDQzMDQ1WjAYMRYw
FAYDVQQDEw02NzdiNWM3OC1jZGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnOZqwdI3YpX4vqLA5/IUM/oEPQW4b1eQxy90KlzvTIPWjsllfJDyuaxN
4AQPNiYwR345rIEaWReOAXzB6dj3efloz/8CSIZ2kc/ACR/FyuNyBVrUdbaXUIE6
+fQ98Vav6lSE1G2xsSdNsb1fSGmVsGDWGonKxx2gjnf9WCWiHVi2Dy1/EBpCHyo5
I97M9XG5c9FWiJ8PxKunHw0wCSdOZriBWFoQxvebF/bpjaqxtIv1zddhLkgcfoaa
cMsE/IPSkJ3b4DSFlLvqeNnSTmzXrhUpp8YUOFDtq180NBYL+5s5Yld55Xr62FIk
UnadCkolahsZIYyVdpJ1QFrT5MAjMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGs3
IDd4t+gPK195MrzclcHSr0kGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMEZCMEZBQUNCRTcxMUVGQjhBMDQxQjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcyNMA0GCSqGSIb3DQEBCwUA
A4IBAQCdr+na+957Aut85TBSJxV6yr6a7J7KCuUgtwmcran1HSSu8dy/ROwreP6v
L/ZhE5Q8Zn7WQS1kj4OxjA86EIfNaAe8FU6j00Yd8mJCSv6dAq+e+GH6uigEzZya
1b5AUAPpTkHE+acB5NvIxpRSM4pX1k+AIDvPt5vgUJ+C5ZVUBWRkyycsrjbQ6yyS
SELcD3P3idQGA59+pQ71oA/jnLc94ryXarvrrXHENCnAQZD257djCqrjJ6QctTH2
IQsCBat/NDdf7fHR+MgSgkAUlsLqasHJWH3pLKc0QdncOPFJedus5qeCRnIshnch
rwnWO4depgDUzd+2mDpOaBmKstfZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:36 2025 by rpki-client