Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A41213EC3EF11EFA2676B84762E951A.roa
File: 1A41213EC3EF11EFA2676B84762E951A.roa (raw, json)
Hash identifier: N6rjfLiIzJRTTgnPJyI1X4E4dJ3AhAp5yhIdJF56U9k=
Subject key identifier: 04:92:A4:BE:92:7D:D3:4E:B4:FA:19:CF:82:49:77:9A:6C:B7:36:CE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF3C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A41213EC3EF11EFA2676B84762E951A.roa
Signing time: Fri 27 Dec 2024 01:08:38 +0000
ROA not before: Fri 27 Dec 2024 01:08:34 +0000
ROA not after: Fri 12 Dec 2025 01:08:34 +0000
asID: 984
IP address blocks: 45.192.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61244 (0xef3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 01:08:34 2024 GMT
Not After : Dec 12 01:08:34 2025 GMT
Subject: CN=676dfe16-6ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0b:37:a9:21:bb:ac:86:29:0c:a0:de:2f:72:
58:3c:a6:88:01:99:40:fe:6c:89:9b:b3:c0:20:17:
21:ec:ac:8b:3a:9c:22:e0:5b:dc:73:3f:b2:bc:20:
76:68:e7:95:76:d2:8d:f8:4c:61:14:be:6e:b2:8e:
32:4d:80:67:1a:44:32:e1:06:86:c5:61:e7:dc:7b:
19:7b:1a:74:37:7e:17:ba:a7:74:be:67:95:81:39:
96:e6:82:b7:8e:6e:e4:b4:8f:eb:d0:e3:48:ee:fd:
58:58:77:03:e5:c0:44:f2:c6:e5:fc:31:ee:49:51:
f4:c9:5c:d2:14:58:97:b2:70:f6:8a:61:bf:db:dc:
79:19:82:b4:d8:c3:fa:4d:bf:dc:3a:aa:44:be:5d:
a2:34:11:f4:1f:fe:be:4c:0d:31:5a:f8:f6:07:31:
2b:2b:a6:2c:94:7f:01:f0:79:e2:ac:71:f1:20:f0:
b3:98:58:28:6a:1d:e4:8a:55:7a:aa:3d:d8:67:bc:
e1:49:d5:9e:ff:00:be:7c:9d:c3:ff:e3:86:65:e8:
7b:76:df:d7:7e:2d:58:a6:5f:7e:fc:ad:93:c0:06:
39:05:11:7e:0f:04:3f:c6:6c:e0:a0:ab:89:b2:5a:
91:07:8a:14:b4:9e:45:7a:cf:93:1e:93:07:9b:af:
f7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:92:A4:BE:92:7D:D3:4E:B4:FA:19:CF:82:49:77:9A:6C:B7:36:CE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A41213EC3EF11EFA2676B84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.238.0/24
Signature Algorithm: sha256WithRSAEncryption
11:66:e1:ef:50:53:59:8a:53:40:58:08:06:2d:e4:de:37:47:
c8:ca:3d:2a:ec:04:a2:f4:23:e8:94:39:a8:c3:15:d3:a1:a4:
aa:ec:a3:e3:2c:41:6d:64:38:c7:cf:90:f7:2c:5e:0f:e1:74:
aa:04:d8:61:27:02:98:7a:ab:74:31:1b:94:1b:26:ac:99:b7:
6e:af:60:e0:66:e8:6d:72:1e:f9:85:e6:53:e0:3c:0c:1c:9a:
81:80:7e:5a:76:4b:1c:5f:3a:3e:0a:be:d4:99:64:eb:3a:8a:
33:69:1a:fa:e7:79:b6:f4:8a:9b:b1:bb:f4:47:91:65:fc:95:
61:db:fd:4a:66:ab:f7:53:e4:87:5e:16:dc:33:16:bc:69:59:
60:85:0d:60:e7:9b:94:7a:bc:e9:84:68:3e:76:c5:6d:b1:b1:
59:85:98:3b:58:af:c1:a3:c4:d7:3f:1e:39:54:db:6d:22:3a:
37:d4:00:9e:50:eb:c8:b8:1a:c8:69:fa:9a:54:cc:f4:09:cb:
c5:d8:22:c2:d1:10:e7:fa:21:c6:a5:6c:a0:07:b4:3a:71:f9:
4c:ff:80:52:7d:90:81:a2:3a:bf:7e:9d:7c:ac:46:d4:e4:18:
d0:6b:2f:27:78:ad:5b:35:b1:12:7c:5f:10:2a:1f:a9:d9:33:
ef:91:47:5c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO88MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDEwODM0WhcNMjUxMjEyMDEwODM0WjAYMRYw
FAYDVQQDEw02NzZkZmUxNi02Y2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQs3qSG7rIYpDKDeL3JYPKaIAZlA/myJm7PAIBch7KyLOpwi4Fvccz+y
vCB2aOeVdtKN+ExhFL5uso4yTYBnGkQy4QaGxWHn3HsZexp0N34Xuqd0vmeVgTmW
5oK3jm7ktI/r0ONI7v1YWHcD5cBE8sbl/DHuSVH0yVzSFFiXsnD2imG/29x5GYK0
2MP6Tb/cOqpEvl2iNBH0H/6+TA0xWvj2BzErK6YslH8B8HnirHHxIPCzmFgoah3k
ilV6qj3YZ7zhSdWe/wC+fJ3D/+OGZeh7dt/Xfi1Ypl9+/K2TwAY5BRF+DwQ/xmzg
oKuJslqRB4oUtJ5Fes+THpMHm6/32wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFASS
pL6SfdNOtPoZz4JJd5pstzbOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQTQxMjEzRUMzRUYxMUVGQTI2NzZCODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcDuMA0GCSqGSIb3DQEBCwUA
A4IBAQARZuHvUFNZilNAWAgGLeTeN0fIyj0q7ASi9CPolDmowxXToaSq7KPjLEFt
ZDjHz5D3LF4P4XSqBNhhJwKYeqt0MRuUGyasmbdur2DgZuhtch75heZT4DwMHJqB
gH5adkscXzo+Cr7UmWTrOoozaRr653m29Iqbsbv0R5Fl/JVh2/1KZqv3U+SHXhbc
Mxa8aVlghQ1g55uUerzphGg+dsVtsbFZhZg7WK/Bo8TXPx45VNttIjo31ACeUOvI
uBrIafqaVMz0CcvF2CLC0RDn+iHGpWygB7Q6cflM/4BSfZCBojq/fp18rEbU5BjQ
ay8neK1bNbESfF8QKh+p2TPvkUdc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:41 2025 by rpki-client