Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05F33A1AC39E11EF8B529B84762E951A.roa
File: 05F33A1AC39E11EF8B529B84762E951A.roa (raw, json)
Hash identifier: UoN2ZqA31rw3NNWzpJBvR/Aur4thYg7Z/LTmUTgh22E=
Subject key identifier: B4:1D:AB:5B:58:49:8C:6E:61:79:2B:EA:C1:56:BC:67:1E:57:C9:AB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ED77
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05F33A1AC39E11EF8B529B84762E951A.roa
Signing time: Thu 26 Dec 2024 15:28:14 +0000
ROA not before: Thu 26 Dec 2024 15:28:11 +0000
ROA not after: Fri 12 Dec 2025 15:28:11 +0000
asID: 984
IP address blocks: 45.199.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60791 (0xed77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 15:28:11 2024 GMT
Not After : Dec 12 15:28:11 2025 GMT
Subject: CN=676d760e-8ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d3:d0:7d:c7:a3:ea:e6:d5:66:c1:3f:c6:03:
a9:1a:d0:8a:8c:cc:d7:cc:79:d4:15:89:c5:83:e7:
35:2f:95:23:e6:60:b6:e8:9a:f6:4f:75:61:90:ba:
ba:a3:e0:f0:1a:e2:cb:25:4f:04:94:65:95:c2:ef:
d1:f1:20:b0:24:a4:8d:e3:eb:42:10:35:35:2e:96:
f7:55:e6:0f:87:6f:c7:ab:c7:c6:66:61:e4:99:c2:
a3:b1:0b:96:f2:c4:a6:26:57:66:3b:ed:f8:24:28:
23:ca:8b:83:97:ab:06:2e:5d:1a:ae:4d:7d:26:dd:
2e:9b:a9:0c:47:77:0f:39:09:4c:6a:66:d7:3f:f7:
53:27:ad:dd:fc:05:1f:c7:b2:88:09:80:8f:e9:df:
74:fb:f8:cc:fe:6a:1d:76:1a:62:f6:7b:f2:f6:c5:
d3:c0:60:65:28:ca:67:ec:12:f6:0a:98:d7:ce:e9:
7c:10:44:f2:3b:21:db:3d:18:39:73:53:70:88:4e:
3f:10:e6:0c:28:d4:c8:3f:78:7c:7a:0b:e5:07:2e:
72:8f:a6:58:ac:84:7b:2b:9e:4f:62:c7:7b:77:3a:
00:51:5e:0b:76:ba:2d:93:fb:b9:f7:57:e9:61:4b:
a9:0e:00:9a:ba:ce:a8:c2:ea:07:ba:c2:c1:76:86:
36:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1D:AB:5B:58:49:8C:6E:61:79:2B:EA:C1:56:BC:67:1E:57:C9:AB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05F33A1AC39E11EF8B529B84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.150.0/24
Signature Algorithm: sha256WithRSAEncryption
00:52:f6:e8:f5:95:bd:ff:56:61:cf:ce:66:b5:a8:56:f1:35:
b5:38:14:09:e0:d0:38:a4:4c:6e:93:2f:4b:e8:11:0e:ec:f9:
82:56:16:a0:21:16:85:3c:2a:03:b6:de:6b:6f:e8:6b:e4:90:
eb:02:ad:5c:c6:9c:a3:01:87:98:88:d9:bc:d8:24:3f:47:d5:
7e:00:ff:36:5c:4b:55:ca:8e:5c:53:7e:6c:b4:b1:0a:a4:8c:
92:13:48:dc:6c:18:20:01:70:9d:d3:49:72:82:60:23:1e:ae:
c7:62:04:56:91:e6:e7:c4:de:ca:f4:c1:ee:06:95:58:8a:3f:
f5:fc:b6:6b:c8:d8:6c:4a:0b:91:7c:b9:c6:e5:bc:c4:49:37:
9b:55:89:41:a7:d7:f7:7a:f1:19:3b:c5:05:66:d7:e6:11:a3:
95:c5:36:5d:54:51:3c:f9:b6:51:eb:76:67:ba:87:a3:e2:e8:
35:00:7b:d1:59:26:52:de:10:67:ce:0d:fe:bc:44:99:65:9b:
b4:cd:ba:23:99:76:0d:99:2b:49:83:b4:0f:2d:3a:25:43:81:
73:b4:94:ea:9a:11:40:7b:be:89:8e:3a:3e:a9:3e:25:85:bd:
93:59:e5:01:c6:af:a7:aa:8d:84:c1:4c:2d:45:7a:33:8c:24:
fe:84:3b:ee
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO13MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTUyODExWhcNMjUxMjEyMTUyODExWjAYMRYw
FAYDVQQDEw02NzZkNzYwZS04ZmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqtPQfcej6ubVZsE/xgOpGtCKjMzXzHnUFYnFg+c1L5Uj5mC26Jr2T3Vh
kLq6o+DwGuLLJU8ElGWVwu/R8SCwJKSN4+tCEDU1Lpb3VeYPh2/Hq8fGZmHkmcKj
sQuW8sSmJldmO+34JCgjyouDl6sGLl0ark19Jt0um6kMR3cPOQlMambXP/dTJ63d
/AUfx7KICYCP6d90+/jM/moddhpi9nvy9sXTwGBlKMpn7BL2CpjXzul8EETyOyHb
PRg5c1NwiE4/EOYMKNTIP3h8egvlBy5yj6ZYrIR7K55PYsd7dzoAUV4Ldrotk/u5
91fpYUupDgCaus6owuoHusLBdoY2zQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLQd
q1tYSYxuYXkr6sFWvGceV8mrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNUYzM0ExQUMzOUUxMUVGOEI1MjlCODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALceWMA0GCSqGSIb3DQEBCwUA
A4IBAQAAUvbo9ZW9/1Zhz85mtahW8TW1OBQJ4NA4pExuky9L6BEO7PmCVhagIRaF
PCoDtt5rb+hr5JDrAq1cxpyjAYeYiNm82CQ/R9V+AP82XEtVyo5cU35stLEKpIyS
E0jcbBggAXCd00lygmAjHq7HYgRWkebnxN7K9MHuBpVYij/1/LZryNhsSguRfLnG
5bzESTebVYlBp9f3evEZO8UFZtfmEaOVxTZdVFE8+bZR63Znuoej4ug1AHvRWSZS
3hBnzg3+vESZZZu0zbojmXYNmStJg7QPLTolQ4FztJTqmhFAe76Jjjo+qT4lhb2T
WeUBxq+nqo2EwUwtRXozjCT+hDvu
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:41 2025 by rpki-client