Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/16129870C50911EFA8233D8C762E951A.roa
File: 16129870C50911EFA8233D8C762E951A.roa (raw, json)
Hash identifier: iEwV3//QYazZfbEwKh1Jv0ZO0jgq9RWI7shV3RaQvOs=
Subject key identifier: 87:40:74:3E:DB:98:2D:1E:01:AE:CB:F1:E2:E9:D7:B2:F9:7F:0C:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F19F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/16129870C50911EFA8233D8C762E951A.roa
Signing time: Sat 28 Dec 2024 10:47:09 +0000
ROA not before: Sat 28 Dec 2024 10:47:05 +0000
ROA not after: Wed 31 Dec 2025 10:47:05 +0000
asID: 18229
IP address blocks: 45.194.46.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61855 (0xf19f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 28 10:47:05 2024 GMT
Not After : Dec 31 10:47:05 2025 GMT
Subject: CN=676fd72d-c29d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b1:26:79:09:10:1f:2f:34:56:48:aa:e6:2b:
36:07:f1:04:be:19:ce:ce:2c:bf:6e:0f:a5:7b:f4:
8e:e7:0f:cc:ff:9d:71:34:a0:30:fd:36:23:60:a4:
cc:85:fb:97:da:b3:ae:08:c9:c2:98:35:f9:eb:e5:
16:63:b9:27:fb:8d:bd:d9:99:f4:7b:a1:12:06:00:
ed:1c:a4:90:ae:96:0d:18:17:94:72:e3:46:c6:6a:
6a:85:bf:26:c7:22:81:07:ae:4a:20:86:66:2d:f6:
7b:94:d0:f6:d7:71:38:75:bf:2b:2e:9a:1a:41:d1:
07:fb:67:ec:ac:46:b5:0c:22:8c:07:e4:39:16:bc:
3d:96:21:6e:a3:06:0c:a5:01:43:38:27:92:37:51:
5c:73:c8:20:64:1a:26:e8:7b:98:03:0c:24:bc:66:
ad:24:5b:24:a8:79:48:c9:99:3a:c9:66:05:51:a5:
d6:ec:b0:2e:37:2b:1a:d5:73:f1:d8:e9:9a:7f:d1:
e5:84:23:98:4e:c4:4f:68:0c:ef:2c:ce:e9:80:42:
a7:7d:51:88:05:ce:30:dd:d6:33:d9:4c:38:cc:0e:
a6:97:cc:93:8c:03:d2:92:a1:cc:01:0c:8d:c7:fc:
aa:9a:28:e3:2e:30:44:2a:45:11:1c:0a:28:f7:c7:
38:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:40:74:3E:DB:98:2D:1E:01:AE:CB:F1:E2:E9:D7:B2:F9:7F:0C:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/16129870C50911EFA8233D8C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.46.0/23
Signature Algorithm: sha256WithRSAEncryption
60:17:37:e2:4e:e7:6e:14:d4:b1:93:4a:8b:5c:e8:a3:95:b3:
71:84:ca:80:c2:e8:97:6b:96:95:09:b3:a5:4d:e3:c1:0c:11:
c4:41:3c:34:98:c3:20:eb:b2:4e:a0:21:ba:90:98:24:49:cc:
b0:4d:1a:77:c4:95:3e:42:d8:7c:e9:dc:10:8b:9d:0d:d5:61:
c6:ed:c5:80:c8:dc:e9:ab:64:23:4a:28:8e:43:f2:44:8c:19:
8d:da:85:74:05:f0:62:08:9b:97:05:45:86:43:03:0f:e9:a2:
02:be:0e:7f:b8:57:03:85:25:b3:96:80:44:25:e3:70:1b:24:
5f:61:a6:fc:cd:70:3a:ae:17:84:f6:61:9e:d7:cd:85:2c:8c:
98:3a:24:48:2c:41:a8:b0:4f:02:91:1d:45:bd:1f:61:d9:03:
e3:38:8a:e4:a9:c1:8f:35:d7:c4:15:04:9a:95:5a:3a:df:49:
ab:87:8a:d7:e1:a7:52:68:21:7a:ed:de:b4:35:0f:b8:86:4a:
f6:cf:65:df:6d:8f:fb:e3:92:4e:dc:55:4b:f3:73:0d:23:fd:
e9:8a:53:67:bb:93:55:ee:27:1e:70:7d:4f:d7:53:46:6b:0d:
0a:5a:06:65:78:3f:a1:21:37:af:0d:82:15:fd:01:2d:ed:62:
98:b1:2e:e1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPGfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI4MTA0NzA1WhcNMjUxMjMxMTA0NzA1WjAYMRYw
FAYDVQQDEw02NzZmZDcyZC1jMjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArbEmeQkQHy80Vkiq5is2B/EEvhnOziy/bg+le/SO5w/M/51xNKAw/TYj
YKTMhfuX2rOuCMnCmDX56+UWY7kn+4292Zn0e6ESBgDtHKSQrpYNGBeUcuNGxmpq
hb8mxyKBB65KIIZmLfZ7lND213E4db8rLpoaQdEH+2fsrEa1DCKMB+Q5Frw9liFu
owYMpQFDOCeSN1Fcc8ggZBom6HuYAwwkvGatJFskqHlIyZk6yWYFUaXW7LAuNysa
1XPx2Omaf9HlhCOYTsRPaAzvLM7pgEKnfVGIBc4w3dYz2Uw4zA6ml8yTjAPSkqHM
AQyNx/yqmijjLjBEKkURHAoo98c4yQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIdA
dD7bmC0eAa7L8eLp17L5fwwiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNjEyOTg3MEM1MDkxMUVGQTgyMzNEOEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcIuMA0GCSqGSIb3DQEBCwUA
A4IBAQBgFzfiTuduFNSxk0qLXOijlbNxhMqAwuiXa5aVCbOlTePBDBHEQTw0mMMg
67JOoCG6kJgkScywTRp3xJU+Qth86dwQi50N1WHG7cWAyNzpq2QjSiiOQ/JEjBmN
2oV0BfBiCJuXBUWGQwMP6aICvg5/uFcDhSWzloBEJeNwGyRfYab8zXA6rheE9mGe
182FLIyYOiRILEGosE8CkR1FvR9h2QPjOIrkqcGPNdfEFQSalVo630mrh4rX4adS
aCF67d60NQ+4hkr2z2XfbY/745JO3FVL83MNI/3pilNnu5NV7icecH1P11NGaw0K
WgZleD+hITevDYIV/QEt7WKYsS7h
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:35 2025 by rpki-client