Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E38056CC32511EF9931AE75762E951A.roa
File: 0E38056CC32511EF9931AE75762E951A.roa (raw, json)
Hash identifier: HrzI2hSselthTnJkjuGHuSb60VKIz0tU2bFknke7s2E=
Subject key identifier: 70:E6:0E:F4:9B:D2:0C:FE:B1:04:D0:63:12:F2:CB:0B:36:74:4A:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA75
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E38056CC32511EF9931AE75762E951A.roa
Signing time: Thu 26 Dec 2024 01:02:19 +0000
ROA not before: Thu 26 Dec 2024 01:02:15 +0000
ROA not after: Sat 01 Mar 2025 01:02:15 +0000
asID: 984
IP address blocks: 45.203.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60021 (0xea75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:02:15 2024 GMT
Not After : Mar 1 01:02:15 2025 GMT
Subject: CN=676cab1b-3485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:50:90:bd:25:09:62:d9:cf:92:d6:dc:a7:b3:
24:16:52:33:d8:c0:1b:79:89:c8:db:f8:49:c8:5f:
bb:76:86:b9:d6:e7:c0:f4:d4:fb:43:e1:b0:1b:42:
ee:48:dd:b7:f3:42:3d:ee:c5:d6:45:7e:71:e2:02:
37:2b:bd:b5:3d:68:cc:d5:45:c9:5b:2d:65:42:d0:
8c:4f:a7:93:ec:c6:c9:1b:10:d4:7f:44:ac:4a:a5:
2f:22:8d:87:e4:0d:97:83:31:32:71:e9:8e:e8:fe:
27:d6:89:8f:8e:bf:07:b9:a9:21:f5:63:b4:62:87:
fa:a1:75:66:0c:45:b1:46:ae:ad:8b:4a:50:42:59:
68:1d:c9:cf:19:d1:34:94:23:fe:1d:fa:ae:b7:7c:
85:b1:0b:c0:ce:7b:2b:9f:6f:5e:d0:6b:d5:f8:3e:
34:69:78:0f:68:97:c7:37:21:d2:73:25:1e:e6:4d:
81:01:37:fc:5d:75:16:42:21:c0:65:04:1f:f6:f4:
4e:49:3b:7a:b0:63:0e:9b:7b:02:ec:11:d4:3a:3c:
76:cf:bd:c2:d5:47:d8:52:d9:57:0b:ab:58:e2:49:
2e:05:89:17:ec:d7:6c:2a:50:d6:6f:00:f0:a3:f5:
80:16:aa:d6:08:ab:77:b6:b5:7e:c3:67:24:73:39:
ea:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E6:0E:F4:9B:D2:0C:FE:B1:04:D0:63:12:F2:CB:0B:36:74:4A:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E38056CC32511EF9931AE75762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
1b:20:bc:95:d5:d8:f2:67:ac:b9:51:bf:c2:9d:8f:e6:4d:c1:
77:34:0a:38:85:b6:10:02:1c:e8:7b:c1:1e:fc:98:14:e8:99:
98:49:59:33:2d:55:8b:98:4e:0d:1a:c0:50:d6:53:79:4e:33:
09:c1:2e:a4:0e:13:15:86:d2:82:d2:62:63:e6:03:20:c9:37:
af:7a:e3:f8:f5:6e:b1:ed:00:0f:4a:52:2e:0a:1f:67:19:77:
30:7b:55:16:58:8f:b4:e4:c2:90:b3:5a:7d:65:ca:19:de:2e:
2a:1e:26:a2:34:7d:3b:b0:b3:38:40:eb:0e:c0:e7:dd:61:fc:
e4:ec:32:87:9d:d0:f2:5e:fe:5e:6b:e7:41:1f:42:32:e0:ac:
1e:5c:32:48:3a:1c:3f:6d:5e:05:04:b5:79:da:52:b9:bf:ff:
30:d2:f4:01:7f:d2:d7:9e:90:94:77:53:2a:f8:ce:32:80:89:
50:ad:48:33:4a:7a:ea:6c:c9:17:2c:e7:a4:c1:a6:6e:3d:19:
0c:85:ae:18:3b:15:c0:19:a6:b2:6a:ac:e1:2c:d5:52:4d:f9:
b2:36:f9:95:b0:35:15:ab:18:4b:8e:bc:68:f6:a4:1f:7b:1a:
38:55:af:f4:cc:4c:f8:fa:1c:c4:76:f0:11:f3:0a:31:33:2e:
3e:6a:0e:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOp1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDEwMjE1WhcNMjUwMzAxMDEwMjE1WjAYMRYw
FAYDVQQDEw02NzZjYWIxYi0zNDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7lCQvSUJYtnPktbcp7MkFlIz2MAbeYnI2/hJyF+7doa51ufA9NT7Q+Gw
G0LuSN2380I97sXWRX5x4gI3K721PWjM1UXJWy1lQtCMT6eT7MbJGxDUf0SsSqUv
Io2H5A2XgzEycemO6P4n1omPjr8Huakh9WO0Yof6oXVmDEWxRq6ti0pQQlloHcnP
GdE0lCP+Hfqut3yFsQvAznsrn29e0GvV+D40aXgPaJfHNyHScyUe5k2BATf8XXUW
QiHAZQQf9vROSTt6sGMOm3sC7BHUOjx2z73C1UfYUtlXC6tY4kkuBYkX7NdsKlDW
bwDwo/WAFqrWCKt3trV+w2ckcznqcQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHDm
DvSb0gz+sQTQYxLyyws2dEoGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRTM4MDU2Q0MzMjUxMUVGOTkzMUFFNzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHLcuAMA0GCSqGSIb3DQEBCwUA
A4IBAQAbILyV1djyZ6y5Ub/CnY/mTcF3NAo4hbYQAhzoe8Ee/JgU6JmYSVkzLVWL
mE4NGsBQ1lN5TjMJwS6kDhMVhtKC0mJj5gMgyTeveuP49W6x7QAPSlIuCh9nGXcw
e1UWWI+05MKQs1p9ZcoZ3i4qHiaiNH07sLM4QOsOwOfdYfzk7DKHndDyXv5ea+dB
H0Iy4KweXDJIOhw/bV4FBLV52lK5v/8w0vQBf9LXnpCUd1Mq+M4ygIlQrUgzSnrq
bMkXLOekwaZuPRkMha4YOxXAGaayaqzhLNVSTfmyNvmVsDUVqxhLjrxo9qQfexo4
Va/0zEz4+hzEdvAR8woxMy4+ag5Q
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:25 2025 by rpki-client