Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11253880C3E311EFBB11D0B4762E951A.roa
File: 11253880C3E311EFBB11D0B4762E951A.roa (raw, json)
Hash identifier: Zmoj+VkE9hYdr3x3hLXjRqCQe+Vcd6j6HbMvUC6vXuY=
Subject key identifier: 9F:10:C6:2C:84:81:0B:36:BB:A9:80:BB:4F:73:1B:15:9B:92:82:EB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF0B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11253880C3E311EFBB11D0B4762E951A.roa
Signing time: Thu 26 Dec 2024 23:42:28 +0000
ROA not before: Thu 26 Dec 2024 23:42:25 +0000
ROA not after: Sun 12 Dec 2027 23:42:25 +0000
asID: 17561
IP address blocks: 45.192.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61195 (0xef0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 23:42:25 2024 GMT
Not After : Dec 12 23:42:25 2027 GMT
Subject: CN=676de9e4-131d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e7:99:97:0a:75:2e:38:e6:a9:ca:99:b1:37:
df:c4:ca:01:fd:60:bd:1d:9f:fe:7a:3a:9a:07:81:
4c:9f:d1:81:1c:4d:05:b7:d6:4d:dd:75:93:5a:2b:
35:39:8d:43:a8:9d:61:9a:f1:0f:fb:2c:bd:7a:5b:
4a:58:3c:eb:e7:c7:69:02:68:f6:7f:2e:0e:f1:94:
c4:fc:07:fd:1c:e5:f3:bf:32:d0:d3:af:5a:08:d0:
53:9f:79:a3:b8:a0:83:9d:b7:eb:98:e6:32:75:c3:
f2:a0:2e:2e:cc:87:2f:8f:43:4e:57:27:4d:c9:4f:
b4:c0:c5:b4:a8:5c:57:cd:73:bf:cf:91:09:e2:6e:
11:cb:00:40:bc:71:0d:87:2d:b3:c4:b4:d4:ab:70:
f7:93:6b:f6:04:43:ee:02:28:04:79:03:79:58:c8:
e6:18:a5:9a:3e:c5:ec:23:f6:c1:eb:fc:19:b2:8e:
48:c6:da:19:8c:8e:83:7d:1e:e2:02:be:f8:b6:cc:
3f:86:15:7c:ef:c5:f5:81:bc:17:85:8d:9f:c4:9a:
65:2e:ab:b1:41:fb:05:fa:de:25:a5:84:87:bc:b4:
99:af:a7:9c:15:30:f9:7c:8e:13:81:d8:34:0b:7d:
32:86:10:4d:5d:44:63:17:37:ca:69:2b:e1:f6:aa:
7f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:10:C6:2C:84:81:0B:36:BB:A9:80:BB:4F:73:1B:15:9B:92:82:EB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11253880C3E311EFBB11D0B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:cb:9e:b5:27:56:f1:5c:5d:68:ea:a5:a0:e4:1c:0e:61:76:
0d:96:95:90:6e:7c:f7:3d:0d:30:0e:2f:fa:7a:4e:6f:8e:6e:
54:41:13:90:0d:2f:6e:b0:82:ac:9b:80:eb:c9:eb:39:4f:ac:
db:24:1f:01:59:e7:5d:99:cb:b0:aa:1c:3b:00:0f:35:f7:0c:
ee:24:9b:18:fe:18:d7:ff:5b:bd:e6:55:da:ac:97:b2:42:69:
5b:44:33:af:7c:fb:17:40:5f:c3:45:69:f0:80:62:ec:ac:d8:
e2:97:fb:81:6d:f8:82:08:f9:b9:27:14:2d:c2:4f:98:f8:5a:
28:b6:0e:cf:d7:1b:6f:97:c7:bf:65:df:68:68:aa:f9:50:03:
e7:b4:7a:7d:0b:38:4e:22:c6:02:cb:af:78:88:8b:99:c9:71:
7f:fa:9c:c1:fc:ce:84:78:c7:e1:48:b0:6c:8c:00:93:99:39:
46:35:72:5a:f3:1b:bb:1d:44:2e:eb:b0:f6:2d:dc:2f:55:29:
32:88:aa:c4:61:eb:c4:ad:87:da:ef:f5:f9:56:90:d7:9a:23:
ff:35:7e:17:fb:c3:82:02:2a:a2:f4:9e:43:9a:4f:d5:4c:9e:
c9:e0:58:54:ed:13:5e:f8:b9:c5:00:02:a6:cc:31:13:30:c9:
41:09:89:a6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO8LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MjM0MjI1WhcNMjcxMjEyMjM0MjI1WjAYMRYw
FAYDVQQDEw02NzZkZTllNC0xMzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyOeZlwp1LjjmqcqZsTffxMoB/WC9HZ/+ejqaB4FMn9GBHE0Ft9ZN3XWT
Wis1OY1DqJ1hmvEP+yy9eltKWDzr58dpAmj2fy4O8ZTE/Af9HOXzvzLQ069aCNBT
n3mjuKCDnbfrmOYydcPyoC4uzIcvj0NOVydNyU+0wMW0qFxXzXO/z5EJ4m4RywBA
vHENhy2zxLTUq3D3k2v2BEPuAigEeQN5WMjmGKWaPsXsI/bB6/wZso5IxtoZjI6D
fR7iAr74tsw/hhV878X1gbwXhY2fxJplLquxQfsF+t4lpYSHvLSZr6ecFTD5fI4T
gdg0C30yhhBNXURjFzfKaSvh9qp/CQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ8Q
xiyEgQs2u6mAu09zGxWbkoLrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMTI1Mzg4MEMzRTMxMUVGQkIxMUQwQjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcDWMA0GCSqGSIb3DQEBCwUA
A4IBAQCcy561J1bxXF1o6qWg5BwOYXYNlpWQbnz3PQ0wDi/6ek5vjm5UQROQDS9u
sIKsm4Dryes5T6zbJB8BWeddmcuwqhw7AA819wzuJJsY/hjX/1u95lXarJeyQmlb
RDOvfPsXQF/DRWnwgGLsrNjil/uBbfiCCPm5JxQtwk+Y+Footg7P1xtvl8e/Zd9o
aKr5UAPntHp9CzhOIsYCy694iIuZyXF/+pzB/M6EeMfhSLBsjACTmTlGNXJa8xu7
HUQu67D2LdwvVSkyiKrEYevErYfa7/X5VpDXmiP/NX4X+8OCAiqi9J5Dmk/VTJ7J
4FhU7RNe+LnFAAKmzDETMMlBCYmm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:25 2025 by rpki-client