Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11EB7D26CBE811EFB5F3C4B9762E951A.roa
File: 11EB7D26CBE811EFB5F3C4B9762E951A.roa (raw, json)
Hash identifier: B91n8g/EKhPBrn/WfXfXYXCLejKC0TvjUJ/HGFSdS50=
Subject key identifier: B4:1E:1B:07:07:32:BF:E9:0D:8C:99:80:0E:F5:2A:9F:D1:56:D6:7F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F816
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11EB7D26CBE811EFB5F3C4B9762E951A.roa
Signing time: Mon 06 Jan 2025 04:38:27 +0000
ROA not before: Mon 06 Jan 2025 04:38:23 +0000
ROA not after: Sun 09 Feb 2025 04:38:23 +0000
asID: 395793
IP address blocks: 45.192.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63510 (0xf816)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 04:38:23 2025 GMT
Not After : Feb 9 04:38:23 2025 GMT
Subject: CN=677b5e43-2dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c1:72:0b:b7:f2:f9:f7:59:68:4e:d9:d5:73:
36:b0:4d:96:49:27:fa:86:63:8d:d9:63:85:6c:27:
e7:93:26:85:7d:1e:4a:46:9b:3f:7c:d9:f1:66:5d:
59:a8:2c:ed:98:e3:e4:4d:f8:a0:ad:00:4e:0f:f0:
0e:e9:0b:08:98:30:bd:1c:da:6a:d4:18:49:9b:d4:
cb:37:00:05:93:f7:04:0b:8f:4d:0b:53:72:19:72:
50:b2:d8:1a:61:75:e9:4a:a0:27:8c:6d:56:c0:ff:
3d:fe:62:b7:27:64:fc:6b:49:32:3e:2b:45:f5:a9:
70:87:6c:9c:30:c7:fc:02:02:1e:6c:8d:94:99:1e:
83:0d:e9:8a:fc:b7:7e:ef:14:44:e5:58:79:ec:a9:
75:ac:65:9a:17:ca:d8:b8:59:10:82:c6:a5:f2:84:
a8:90:52:22:36:79:a2:af:94:43:4d:b7:af:1e:82:
9a:dc:40:23:0e:a8:6d:22:16:41:75:e8:9c:06:c5:
52:cb:46:19:10:f7:f1:99:10:b6:d1:72:9e:20:32:
27:8f:49:4f:a6:7b:d7:fb:1c:c8:36:d4:80:ca:5e:
7c:4c:d0:87:c2:4c:73:6d:d5:3c:b4:0f:05:39:a6:
84:b7:12:3a:68:2d:a9:e1:e6:3b:c0:a3:b3:64:08:
6b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1E:1B:07:07:32:BF:E9:0D:8C:99:80:0E:F5:2A:9F:D1:56:D6:7F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11EB7D26CBE811EFB5F3C4B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.120.0/21
Signature Algorithm: sha256WithRSAEncryption
0c:4b:69:c7:7f:4b:e6:b9:84:4f:7a:d2:5a:47:36:55:c1:e2:
9a:ba:1d:8c:10:75:a6:71:7f:0c:8e:aa:3f:ad:75:30:88:04:
e5:57:7c:84:07:b2:fa:b0:27:b1:31:c7:98:a2:0f:4f:65:66:
d4:a4:a6:6f:d8:09:3e:78:ff:89:22:f4:88:07:b9:42:28:fc:
14:72:10:3c:ec:54:ec:d4:e7:e2:77:0c:79:bf:a5:f4:1a:3a:
bd:d8:78:a7:e6:6d:93:f6:d1:9c:27:d0:fd:bd:a6:54:08:84:
7f:69:0f:0b:1a:c1:64:16:2e:e8:fa:91:31:bb:71:d3:db:79:
bb:3b:dd:f3:e0:48:60:10:eb:47:2c:e5:d9:24:34:92:a0:8b:
33:4a:f4:27:d9:10:7e:e8:45:89:57:cb:25:45:93:57:f5:08:
79:81:0a:0f:e6:70:f2:81:3b:bf:6d:36:9f:3b:69:3a:24:b4:
d6:67:9b:2c:4d:85:c8:94:ac:f4:68:bb:9d:b4:f4:d9:4d:94:
f4:35:46:0a:89:2f:15:b9:f5:e4:fa:1a:ee:ef:8f:cc:cb:5d:
c9:00:89:d2:00:d9:76:bf:81:4e:da:0c:2c:69:d1:a0:b0:47:
b3:27:61:0c:7a:63:63:bc:7f:c9:24:bf:e5:b7:83:a1:c2:31:
4b:73:cf:8a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPgWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDQzODIzWhcNMjUwMjA5MDQzODIzWjAYMRYw
FAYDVQQDEw02NzdiNWU0My0yZGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6MFyC7fy+fdZaE7Z1XM2sE2WSSf6hmON2WOFbCfnkyaFfR5KRps/fNnx
Zl1ZqCztmOPkTfigrQBOD/AO6QsImDC9HNpq1BhJm9TLNwAFk/cEC49NC1NyGXJQ
stgaYXXpSqAnjG1WwP89/mK3J2T8a0kyPitF9alwh2ycMMf8AgIebI2UmR6DDemK
/Ld+7xRE5Vh57Kl1rGWaF8rYuFkQgsal8oSokFIiNnmir5RDTbevHoKa3EAjDqht
IhZBdeicBsVSy0YZEPfxmRC20XKeIDInj0lPpnvX+xzINtSAyl58TNCHwkxzbdU8
tA8FOaaEtxI6aC2p4eY7wKOzZAhr+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLQe
GwcHMr/pDYyZgA71Kp/RVtZ/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMUVCN0QyNkNCRTgxMUVGQjVGM0M0Qjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcB4MA0GCSqGSIb3DQEBCwUA
A4IBAQAMS2nHf0vmuYRPetJaRzZVweKauh2MEHWmcX8Mjqo/rXUwiATlV3yEB7L6
sCexMceYog9PZWbUpKZv2Ak+eP+JIvSIB7lCKPwUchA87FTs1Ofidwx5v6X0Gjq9
2Hin5m2T9tGcJ9D9vaZUCIR/aQ8LGsFkFi7o+pExu3HT23m7O93z4EhgEOtHLOXZ
JDSSoIszSvQn2RB+6EWJV8slRZNX9Qh5gQoP5nDygTu/bTafO2k6JLTWZ5ssTYXI
lKz0aLudtPTZTZT0NUYKiS8VufXk+hru74/My13JAInSANl2v4FO2gwsadGgsEez
J2EMemNjvH/JJL/lt4OhwjFLc8+K
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:48 2025 by rpki-client