Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0278BFC8C38E11EF97CBFD9E762E951A.roa
File: 0278BFC8C38E11EF97CBFD9E762E951A.roa (raw, json)
Hash identifier: Wl9dAWrZRH6lAiiVBGpl8q/IsJxmNfdYjgujUx7YHQw=
Subject key identifier: 6B:40:04:C5:FC:19:57:4C:38:B1:5F:82:AB:2C:25:29:BC:6C:4A:48
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECC9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0278BFC8C38E11EF97CBFD9E762E951A.roa
Signing time: Thu 26 Dec 2024 13:33:37 +0000
ROA not before: Thu 26 Dec 2024 13:33:33 +0000
ROA not after: Sun 12 Dec 2027 13:33:33 +0000
asID: 17561
IP address blocks: 45.196.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60617 (0xecc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 13:33:33 2024 GMT
Not After : Dec 12 13:33:33 2027 GMT
Subject: CN=676d5b31-c66d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:93:cb:13:d2:5e:d9:da:ef:27:c2:73:05:50:
95:fd:ef:27:b3:60:95:99:04:ed:70:7e:2f:26:0e:
db:fb:05:39:1c:a6:bc:d2:09:7b:5a:55:f9:15:d4:
fb:20:14:e9:c9:94:3f:c1:6e:cd:04:f8:ba:70:92:
0d:e7:82:6f:e6:07:0c:0e:ce:07:85:8a:d2:86:0e:
b2:88:c7:ab:b5:6a:a6:9b:73:d5:14:c3:80:55:28:
ae:6f:e5:b6:5e:d5:dd:91:25:47:ca:70:23:06:a9:
9f:57:4f:3a:3c:18:d4:20:9a:fd:3e:16:a9:78:ed:
94:2d:32:8d:7f:4f:23:10:94:1e:f8:a7:e7:9a:7c:
45:ff:25:f6:d6:ad:f1:b3:26:ee:95:79:5b:47:ae:
fa:4a:bf:ba:3e:21:e5:9e:a3:15:b9:e6:76:a1:3b:
9b:10:e7:5d:df:f4:17:c7:ac:92:59:e1:89:ff:db:
70:6c:05:26:46:16:77:91:94:20:dd:2c:70:91:84:
a8:73:66:75:30:9a:c3:67:65:11:1f:c6:93:0b:c3:
b1:88:f5:d5:c6:ad:ce:a6:3b:38:e7:dc:a4:fd:7b:
7c:e8:f7:b0:43:45:50:ab:85:90:e6:fe:fc:60:b7:
07:8f:9f:14:a6:66:d7:35:ba:9f:3a:38:66:90:c2:
ed:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:40:04:C5:FC:19:57:4C:38:B1:5F:82:AB:2C:25:29:BC:6C:4A:48
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0278BFC8C38E11EF97CBFD9E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.214.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:06:64:80:45:f3:03:08:d6:8e:e6:c4:2b:08:ab:4c:23:8f:
ab:93:fa:df:5f:f5:1e:e6:a0:04:92:be:59:40:3f:3b:06:16:
4b:c6:88:58:02:88:f8:5a:f8:45:0f:81:2c:67:d2:76:1c:8c:
76:a4:59:69:fd:34:58:b2:75:ac:e5:a0:00:d0:eb:3a:09:ae:
2a:5b:52:47:c9:d5:23:35:49:f9:cb:46:df:fe:b7:59:6f:d5:
36:f8:7f:a9:84:e2:1b:2a:ae:51:ec:28:14:12:0f:0e:d8:94:
0a:db:98:c8:d3:fb:96:16:5f:d3:3d:9e:88:c3:47:64:97:b3:
55:a7:c9:12:2e:38:67:f9:a5:91:66:90:d6:30:5c:ec:20:43:
97:1e:ad:ac:e0:ba:97:e8:68:ce:15:71:50:3b:b4:e9:61:52:
fa:06:8e:b4:bc:43:01:15:6b:dd:a0:70:ce:fe:82:81:87:e5:
09:ac:7d:ea:f7:02:51:b7:1f:cc:ab:62:bf:6e:c4:96:32:e2:
a7:e8:d5:ee:54:a5:ba:84:f9:40:1b:5c:3b:6e:eb:cb:05:5a:
e8:c6:2c:75:3d:e3:9a:18:6f:c0:d7:4d:16:2b:72:fa:df:97:
1c:28:c0:8e:7c:e3:f6:9c:5e:23:cd:6e:ce:15:27:f0:10:e5:
9a:27:b4:0b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOzJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTMzMzMzWhcNMjcxMjEyMTMzMzMzWjAYMRYw
FAYDVQQDEw02NzZkNWIzMS1jNjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3JPLE9Je2drvJ8JzBVCV/e8ns2CVmQTtcH4vJg7b+wU5HKa80gl7WlX5
FdT7IBTpyZQ/wW7NBPi6cJIN54Jv5gcMDs4HhYrShg6yiMertWqmm3PVFMOAVSiu
b+W2XtXdkSVHynAjBqmfV086PBjUIJr9PhapeO2ULTKNf08jEJQe+KfnmnxF/yX2
1q3xsybulXlbR676Sr+6PiHlnqMVueZ2oTubEOdd3/QXx6ySWeGJ/9twbAUmRhZ3
kZQg3SxwkYSoc2Z1MJrDZ2URH8aTC8OxiPXVxq3Opjs459yk/Xt86PewQ0VQq4WQ
5v78YLcHj58UpmbXNbqfOjhmkMLtXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGtA
BMX8GVdMOLFfgqssJSm8bEpIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMjc4QkZDOEMzOEUxMUVGOTdDQkZEOUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTWMA0GCSqGSIb3DQEBCwUA
A4IBAQAvBmSARfMDCNaO5sQrCKtMI4+rk/rfX/Ue5qAEkr5ZQD87BhZLxohYAoj4
WvhFD4EsZ9J2HIx2pFlp/TRYsnWs5aAA0Os6Ca4qW1JHydUjNUn5y0bf/rdZb9U2
+H+phOIbKq5R7CgUEg8O2JQK25jI0/uWFl/TPZ6Iw0dkl7NVp8kSLjhn+aWRZpDW
MFzsIEOXHq2s4LqX6GjOFXFQO7TpYVL6Bo60vEMBFWvdoHDO/oKBh+UJrH3q9wJR
tx/Mq2K/bsSWMuKn6NXuVKW6hPlAG1w7buvLBVroxix1PeOaGG/A100WK3L635cc
KMCOfOP2nF4jzW7OFSfwEOWaJ7QL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:51 2025 by rpki-client