Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07E3CDAAC3FB11EFA0E20C5D762E951A.roa
File: 07E3CDAAC3FB11EFA0E20C5D762E951A.roa (raw, json)
Hash identifier: iq11lUkp9mjYj96137wI2DAMM5WS/S6peSkq7oRvMYU=
Subject key identifier: CC:E9:74:A6:CD:45:94:0C:6B:40:C8:F7:41:BB:E7:F9:3B:79:24:F0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EFA0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07E3CDAAC3FB11EFA0E20C5D762E951A.roa
Signing time: Fri 27 Dec 2024 02:34:01 +0000
ROA not before: Fri 27 Dec 2024 02:33:57 +0000
ROA not after: Fri 12 Dec 2025 02:33:57 +0000
asID: 984
IP address blocks: 45.194.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61344 (0xefa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 02:33:57 2024 GMT
Not After : Dec 12 02:33:57 2025 GMT
Subject: CN=676e1219-1820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ee:a2:89:dc:0e:7a:a4:70:75:af:71:fd:b9:
c1:5b:7a:55:5c:21:54:2b:b2:be:a6:95:97:48:cc:
b2:10:65:56:77:76:07:6e:59:9b:a2:d5:5d:c3:ca:
69:c5:96:92:28:e4:b1:f9:0e:09:d0:28:c9:28:df:
7a:4a:31:74:60:24:21:67:55:f5:9f:7b:47:1e:f3:
aa:64:6d:29:08:50:c5:c3:45:ae:e4:fb:54:25:31:
d2:26:64:0a:d7:22:b0:24:d5:a1:fa:92:ca:db:9f:
81:d2:8b:f9:f2:98:e5:00:a1:b6:1c:3a:13:e2:58:
ab:43:02:31:df:44:11:10:dd:9e:22:74:be:2f:33:
cb:01:e1:97:fa:bc:60:84:0f:02:74:ec:f1:f3:02:
34:15:1f:bf:89:85:d8:79:b2:4f:4f:ee:6b:64:79:
a7:18:c7:f4:3b:d4:40:cf:bb:bd:fc:30:3a:02:34:
95:c8:49:b0:50:6b:0d:f2:63:fc:1c:e0:f6:d7:f5:
ca:1b:3f:b5:0a:b5:87:f7:f4:ed:08:65:2e:34:1f:
31:c6:7b:2f:bd:9a:3d:ee:77:44:6e:cd:d9:f0:37:
d8:c8:51:d0:b4:a1:f1:c8:de:54:ba:28:7d:f5:13:
b0:85:64:8d:85:33:fd:f1:b3:a3:bf:eb:53:69:b5:
b4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E9:74:A6:CD:45:94:0C:6B:40:C8:F7:41:BB:E7:F9:3B:79:24:F0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07E3CDAAC3FB11EFA0E20C5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.124.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:84:6b:a7:cb:5a:40:90:be:67:95:d6:ba:7c:01:af:42:c5:
cb:5e:f5:6c:95:ad:85:8b:59:21:28:fe:91:03:d7:c5:f8:f7:
69:bc:01:9f:1f:73:3c:d4:34:bb:f3:6b:44:36:a0:90:b3:45:
88:52:8b:33:80:12:3f:b5:a5:60:d3:52:11:a7:b5:89:b4:a1:
62:dc:5f:08:d0:4e:3c:8f:05:ed:b5:3b:6c:00:8b:48:aa:41:
b0:02:e5:66:54:aa:12:b6:01:b2:3f:9c:38:f4:6e:7e:53:89:
85:b3:01:26:46:57:ca:6b:e9:61:0c:1c:ff:e6:f4:5f:8c:91:
b1:bd:a8:f4:9d:0a:06:8b:92:c9:f2:56:4d:c6:b8:f6:10:47:
b7:6b:5a:a6:6b:26:9d:64:20:f9:ad:cf:11:55:8b:8f:1f:57:
11:92:2d:54:0e:a2:55:2a:20:86:6c:ea:27:c9:a4:69:ca:2d:
bf:59:4f:4a:60:2e:80:30:87:a9:bb:cd:1a:80:e0:ff:d5:56:
22:3a:36:a7:59:8f:48:2b:b5:98:ea:a9:12:dc:9a:3d:0b:d3:
35:dd:3b:9f:90:12:f3:5c:52:15:92:9b:62:19:d8:6d:69:92:
61:70:d7:9f:59:f4:c5:3f:e0:45:98:9c:4f:3b:b7:3b:1c:e9:
2d:e1:05:e5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO+gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDIzMzU3WhcNMjUxMjEyMDIzMzU3WjAYMRYw
FAYDVQQDEw02NzZlMTIxOS0xODIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq+6iidwOeqRwda9x/bnBW3pVXCFUK7K+ppWXSMyyEGVWd3YHblmbotVd
w8ppxZaSKOSx+Q4J0CjJKN96SjF0YCQhZ1X1n3tHHvOqZG0pCFDFw0Wu5PtUJTHS
JmQK1yKwJNWh+pLK25+B0ov58pjlAKG2HDoT4lirQwIx30QREN2eInS+LzPLAeGX
+rxghA8CdOzx8wI0FR+/iYXYebJPT+5rZHmnGMf0O9RAz7u9/DA6AjSVyEmwUGsN
8mP8HOD21/XKGz+1CrWH9/TtCGUuNB8xxnsvvZo97ndEbs3Z8DfYyFHQtKHxyN5U
uih99ROwhWSNhTP98bOjv+tTabW0XwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMzp
dKbNRZQMa0DI90G75/k7eSTwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wN0UzQ0RBQUMzRkIxMUVGQTBFMjBDNUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcJ8MA0GCSqGSIb3DQEBCwUA
A4IBAQC1hGuny1pAkL5nlda6fAGvQsXLXvVsla2Fi1khKP6RA9fF+PdpvAGfH3M8
1DS782tENqCQs0WIUoszgBI/taVg01IRp7WJtKFi3F8I0E48jwXttTtsAItIqkGw
AuVmVKoStgGyP5w49G5+U4mFswEmRlfKa+lhDBz/5vRfjJGxvaj0nQoGi5LJ8lZN
xrj2EEe3a1qmayadZCD5rc8RVYuPH1cRki1UDqJVKiCGbOonyaRpyi2/WU9KYC6A
MIepu80agOD/1VYiOjanWY9IK7WY6qkS3Jo9C9M13TufkBLzXFIVkptiGdhtaZJh
cNefWfTFP+BFmJxPO7c7HOkt4QXl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:07 2025 by rpki-client