Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/163F1F30BDBB11EF8785A851762E951A.roa
File: 163F1F30BDBB11EF8785A851762E951A.roa (raw, json)
Hash identifier: aCsUsyErPglC4vX8G0tM4FG8g+2nciP166c13ZnP3nA=
Subject key identifier: 65:47:47:F0:12:63:E6:F1:74:9E:7A:D7:81:58:7F:EC:3E:6D:5F:62
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E531
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/163F1F30BDBB11EF8785A851762E951A.roa
Signing time: Thu 19 Dec 2024 03:41:10 +0000
ROA not before: Thu 19 Dec 2024 03:41:06 +0000
ROA not after: Wed 10 Dec 2025 03:41:06 +0000
asID: 984
IP address blocks: 45.204.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58673 (0xe531)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 03:41:06 2024 GMT
Not After : Dec 10 03:41:06 2025 GMT
Subject: CN=676395d6-0326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8a:c6:d4:6d:d3:99:9c:5a:f3:c4:cb:c9:30:
d9:cc:43:89:26:1e:9a:03:38:a7:bf:c4:1b:d3:e2:
4d:79:9a:c9:c2:7f:58:9c:a2:73:df:67:be:61:0b:
db:4e:cb:ba:ee:6a:e6:c7:1e:0f:7a:42:e8:4f:da:
33:d8:c1:97:bf:60:7f:ad:c8:4a:7a:b1:9b:59:d6:
31:84:cf:f8:72:6f:76:72:15:ed:22:59:32:62:6c:
ff:90:50:27:de:80:d3:a3:90:43:34:e9:be:6b:b7:
33:73:93:64:fa:4e:1a:e6:04:c5:73:45:f7:94:66:
56:e0:65:e3:45:fa:2c:99:19:55:33:4c:fc:2d:1f:
98:f8:19:f1:a1:83:7c:c5:d7:72:32:47:4d:d2:c9:
f8:fc:bf:12:10:99:71:55:5b:67:8d:e9:b4:4f:66:
b7:cc:56:a0:6e:19:9d:17:90:a7:fc:2e:98:7d:8a:
a8:09:91:cc:e7:2a:7f:ce:d8:06:58:77:8f:74:75:
7a:39:58:da:05:40:70:fa:ed:cb:06:bf:29:00:dd:
91:65:87:f8:19:42:73:87:dc:24:a0:78:2b:68:01:
13:5f:d9:33:cf:3f:16:e1:c7:53:89:2f:85:51:f0:
75:7e:2d:bb:8c:53:0a:8f:16:f7:d1:85:cb:79:a9:
44:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:47:47:F0:12:63:E6:F1:74:9E:7A:D7:81:58:7F:EC:3E:6D:5F:62
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/163F1F30BDBB11EF8785A851762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.254.0/24
Signature Algorithm: sha256WithRSAEncryption
86:ac:b7:25:6a:4a:54:f0:e8:bf:02:92:e2:25:7e:17:cf:9f:
1b:44:24:75:df:48:63:18:b6:47:49:d0:0d:48:d2:b0:84:a7:
59:c2:a2:a3:43:05:ef:cf:0e:76:d0:de:ab:f4:15:3c:04:33:
d8:e3:af:bd:ab:fe:e2:a8:f5:10:d2:97:35:10:4c:62:2e:88:
98:f4:01:4c:74:98:5b:0d:fb:ab:35:7d:e9:e7:88:ea:4b:82:
55:ca:a8:6e:b6:83:02:30:b1:a9:32:ac:db:57:92:10:dd:61:
0e:a6:25:cb:21:97:5a:c1:fc:be:05:85:b4:52:1d:93:f1:9c:
ba:78:64:e4:d9:83:cb:58:01:fe:5e:29:22:2b:4e:c8:70:99:
a1:a1:dc:64:6f:6f:5c:ad:88:00:03:6c:c7:fc:43:56:78:64:
dd:55:89:37:d5:46:db:90:c2:30:9c:4d:dc:d6:4b:36:df:d0:
c0:94:7d:d9:ea:5b:3a:54:58:aa:28:20:fb:18:dd:1d:d1:7c:
c8:e1:6b:ba:70:f1:14:ee:40:c0:fa:0e:6c:22:2d:ed:3b:94:
9b:db:1e:dc:2a:60:9f:98:e1:42:ba:a9:35:5e:7b:fd:23:09:
e2:25:c3:8d:1b:ba:1e:e8:60:ca:4d:30:58:88:ac:cc:3b:f4:
2c:6c:10:53
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOUxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDM0MTA2WhcNMjUxMjEwMDM0MTA2WjAYMRYw
FAYDVQQDEw02NzYzOTVkNi0wMzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz4rG1G3TmZxa88TLyTDZzEOJJh6aAzinv8Qb0+JNeZrJwn9YnKJz32e+
YQvbTsu67mrmxx4PekLoT9oz2MGXv2B/rchKerGbWdYxhM/4cm92chXtIlkyYmz/
kFAn3oDTo5BDNOm+a7czc5Nk+k4a5gTFc0X3lGZW4GXjRfosmRlVM0z8LR+Y+Bnx
oYN8xddyMkdN0sn4/L8SEJlxVVtnjem0T2a3zFagbhmdF5Cn/C6YfYqoCZHM5yp/
ztgGWHePdHV6OVjaBUBw+u3LBr8pAN2RZYf4GUJzh9wkoHgraAETX9kzzz8W4cdT
iS+FUfB1fi27jFMKjxb30YXLealEQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGVH
R/ASY+bxdJ5614FYf+w+bV9iMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNjNGMUYzMEJEQkIxMUVGODc4NUE4NTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcz+MA0GCSqGSIb3DQEBCwUA
A4IBAQCGrLclakpU8Oi/ApLiJX4Xz58bRCR130hjGLZHSdANSNKwhKdZwqKjQwXv
zw520N6r9BU8BDPY46+9q/7iqPUQ0pc1EExiLoiY9AFMdJhbDfurNX3p54jqS4JV
yqhutoMCMLGpMqzbV5IQ3WEOpiXLIZdawfy+BYW0Uh2T8Zy6eGTk2YPLWAH+Xiki
K07IcJmhodxkb29crYgAA2zH/ENWeGTdVYk31UbbkMIwnE3c1ks239DAlH3Z6ls6
VFiqKCD7GN0d0XzI4Wu6cPEU7kDA+g5sIi3tO5Sb2x7cKmCfmOFCuqk1Xnv9Iwni
JcONG7oe6GDKTTBYiKzMO/QsbBBT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:14 2025 by rpki-client