Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/08B56AF8C39311EFA51935BE762E951A.roa
File: 08B56AF8C39311EFA51935BE762E951A.roa (raw, json)
Hash identifier: d/JFfv8YZS6fVPMm9hR50En+W/bHu1QBnsS9c+B+2+0=
Subject key identifier: C0:F7:68:26:E6:62:75:3B:0F:85:BB:7B:01:20:CA:C6:8C:A2:85:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECFF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/08B56AF8C39311EFA51935BE762E951A.roa
Signing time: Thu 26 Dec 2024 14:09:35 +0000
ROA not before: Thu 26 Dec 2024 14:09:31 +0000
ROA not after: Sun 12 Dec 2027 14:09:31 +0000
asID: 17561
IP address blocks: 45.196.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60671 (0xecff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 14:09:31 2024 GMT
Not After : Dec 12 14:09:31 2027 GMT
Subject: CN=676d639e-d1ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5d:c1:d4:5f:4e:b0:fe:fa:28:cc:0e:ee:80:
cb:df:09:7e:77:6b:11:11:c7:a2:ae:11:ee:e2:dd:
b3:78:68:a4:91:cf:ea:e4:f9:1c:6c:31:2d:4f:56:
47:4b:b2:82:86:9e:b7:e9:63:1e:f8:86:bf:5c:fb:
35:d6:a7:5c:aa:56:bc:b9:1a:13:4d:3e:95:ff:d0:
16:3f:a1:be:3b:58:73:64:d5:9b:4b:9e:d3:79:6e:
41:e6:84:77:77:57:80:c0:87:a4:86:51:39:16:e3:
be:90:75:fa:d4:84:0e:d1:7d:fd:c0:fa:4d:fd:94:
3a:dd:08:a1:77:71:8a:f1:1d:95:54:42:f9:f1:01:
3f:bf:fd:85:c1:c6:90:b2:34:f0:02:d6:56:f1:b4:
10:64:60:14:ab:46:6c:9c:33:53:2c:1d:d8:7b:b4:
7a:55:f8:6f:4d:98:95:14:cd:ec:df:a5:81:de:7a:
4a:8d:80:4f:2b:70:77:c1:e4:e2:57:fb:87:3e:1f:
ba:41:4a:1d:59:61:f4:19:f5:fd:85:ad:89:32:53:
9f:61:53:f4:69:cb:bc:28:d5:2d:e8:4e:63:40:a0:
ef:61:91:ab:27:5a:46:7e:6a:ee:c0:cb:c1:a9:35:
61:0a:0a:58:f7:6e:82:d2:91:d5:60:97:d3:bc:09:
11:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F7:68:26:E6:62:75:3B:0F:85:BB:7B:01:20:CA:C6:8C:A2:85:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/08B56AF8C39311EFA51935BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.241.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:fe:08:aa:0e:03:19:64:2b:7b:bd:76:a1:2b:95:b7:3b:43:
94:08:f8:1e:6d:f3:7a:32:85:36:a8:30:f7:99:c0:7c:c7:9b:
a8:e5:1b:aa:14:80:6e:c3:78:33:b2:19:82:a3:01:98:e5:b2:
78:f3:a9:12:66:a6:00:a4:5c:fb:01:25:4e:9c:7f:89:c0:05:
db:f5:4b:cc:af:e5:6c:c2:59:e9:0a:e4:43:1a:9b:f3:13:e8:
bc:58:be:2b:b7:06:14:5c:10:a5:6e:32:8b:16:f8:e3:80:52:
c6:3f:be:ef:bc:06:36:8a:48:d3:f1:9f:63:33:55:b4:26:84:
ba:93:ce:72:a7:63:1d:a4:66:ee:44:11:2e:f9:be:0f:dd:09:
56:bd:d5:95:a8:d6:bd:24:b9:45:5f:fa:6c:a3:62:96:9c:d3:
02:1a:20:9d:3c:a3:64:f6:5c:bb:37:79:80:0e:d9:5e:86:e8:
27:dc:40:07:82:a2:28:f1:6f:ce:4a:4e:11:63:37:72:57:c0:
3c:02:7d:96:a4:db:a7:55:45:7b:65:8c:6b:3b:b7:7c:b0:8a:
15:48:e5:df:13:89:68:4f:15:62:08:72:6d:82:aa:ff:44:6f:
f2:6f:24:4c:1b:32:3f:5f:b6:1b:65:17:bd:9a:82:57:e0:11:
1e:f7:64:e2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOz/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTQwOTMxWhcNMjcxMjEyMTQwOTMxWjAYMRYw
FAYDVQQDEw02NzZkNjM5ZS1kMWVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzV3B1F9OsP76KMwO7oDL3wl+d2sREceirhHu4t2zeGikkc/q5PkcbDEt
T1ZHS7KChp636WMe+Ia/XPs11qdcqla8uRoTTT6V/9AWP6G+O1hzZNWbS57TeW5B
5oR3d1eAwIekhlE5FuO+kHX61IQO0X39wPpN/ZQ63Qihd3GK8R2VVEL58QE/v/2F
wcaQsjTwAtZW8bQQZGAUq0ZsnDNTLB3Ye7R6VfhvTZiVFM3s36WB3npKjYBPK3B3
weTiV/uHPh+6QUodWWH0GfX9ha2JMlOfYVP0acu8KNUt6E5jQKDvYZGrJ1pGfmru
wMvBqTVhCgpY926C0pHVYJfTvAkREwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMD3
aCbmYnU7D4W7ewEgysaMooWdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wOEI1NkFGOEMzOTMxMUVGQTUxOTM1QkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTxMA0GCSqGSIb3DQEBCwUA
A4IBAQAK/giqDgMZZCt7vXahK5W3O0OUCPgebfN6MoU2qDD3mcB8x5uo5RuqFIBu
w3gzshmCowGY5bJ486kSZqYApFz7ASVOnH+JwAXb9UvMr+VswlnpCuRDGpvzE+i8
WL4rtwYUXBClbjKLFvjjgFLGP77vvAY2ikjT8Z9jM1W0JoS6k85yp2MdpGbuRBEu
+b4P3QlWvdWVqNa9JLlFX/pso2KWnNMCGiCdPKNk9ly7N3mADtlehugn3EAHgqIo
8W/OSk4RYzdyV8A8An2WpNunVUV7ZYxrO7d8sIoVSOXfE4loTxViCHJtgqr/RG/y
byRMGzI/X7YbZRe9moJX4BEe92Ti
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:13 2025 by rpki-client