Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E861CA4C3B311EFAB193988762E951A.roa
File: 1E861CA4C3B311EFAB193988762E951A.roa (raw, json)
Hash identifier: nSrHOyNkLey0zKrkfnAB0InOU+AFxgFBuGve5HPw21o=
Subject key identifier: DA:73:07:3D:85:53:C2:01:0A:4A:41:4A:54:30:E4:05:30:A7:5C:0B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE57
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E861CA4C3B311EFAB193988762E951A.roa
Signing time: Thu 26 Dec 2024 17:59:15 +0000
ROA not before: Thu 26 Dec 2024 17:59:11 +0000
ROA not after: Fri 12 Dec 2025 17:59:11 +0000
asID: 984
IP address blocks: 45.204.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61015 (0xee57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 17:59:11 2024 GMT
Not After : Dec 12 17:59:11 2025 GMT
Subject: CN=676d9973-1cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:88:06:21:19:66:c9:6d:9f:e4:90:39:ae:7d:
58:e0:69:a1:52:ad:cc:59:8a:ce:82:10:27:fd:6c:
0d:e0:3f:14:e8:bf:bc:dd:b1:d7:ce:5a:c3:e7:a8:
d3:76:c5:ed:6d:00:1c:22:4a:a2:34:fe:bd:f1:86:
7a:45:de:3d:9d:84:22:78:dc:62:e5:01:6f:78:44:
98:15:5d:d5:e2:f2:0b:ef:19:2b:35:6c:9a:61:be:
5a:ca:67:5d:fb:17:d7:43:ac:a2:9a:fd:81:e1:91:
fc:33:98:cf:63:5a:db:39:82:35:3d:4c:aa:d6:37:
17:bd:f7:94:18:8e:36:4a:70:c5:63:46:63:74:fe:
5e:49:10:ad:4f:be:0c:65:88:7c:42:bc:79:70:6d:
f2:19:5a:54:5d:70:84:94:da:fb:14:7e:da:3c:32:
ab:4f:d8:1b:b9:56:07:7e:47:ad:70:86:d6:06:35:
40:eb:50:76:b9:47:f0:f1:0b:c2:1c:40:c8:4c:04:
16:c4:d0:c6:a5:96:9e:ed:f5:bf:8e:7b:0b:df:0d:
74:1c:c6:9d:28:b7:ca:9c:1e:12:1c:3b:a5:c6:04:
a4:ef:87:45:08:d1:ad:64:f4:77:c9:b7:78:2b:a4:
46:7f:d0:bc:72:f9:a3:62:7a:59:b8:d8:26:3d:64:
d4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:73:07:3D:85:53:C2:01:0A:4A:41:4A:54:30:E4:05:30:A7:5C:0B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E861CA4C3B311EFAB193988762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:ff:48:89:d5:5c:61:26:71:29:91:c3:14:e8:b0:c5:a7:a3:
23:e8:be:bd:05:8f:20:4c:c6:82:17:13:0b:d6:ff:0d:7b:26:
4f:ff:0a:34:ef:e4:7a:6b:f4:cd:97:9e:cf:d6:91:31:62:5c:
4a:d9:a9:2d:c5:02:89:40:a8:52:06:30:7a:93:d8:25:29:11:
b7:47:75:bd:79:70:87:e0:57:54:d8:2e:16:a3:9c:2a:94:a8:
74:22:c9:32:c8:44:c4:b4:c0:17:a4:f4:32:06:6a:f7:4d:8a:
c0:8b:c8:d2:86:cb:ee:96:83:c9:b1:96:ac:bb:01:98:0c:05:
d9:d1:98:c7:a9:67:89:05:d7:01:cc:d7:40:12:47:e8:a4:d2:
1c:75:df:22:6a:34:60:b6:7b:1f:af:f0:5e:4f:22:10:cf:73:
01:49:46:e4:7b:de:e1:00:de:8a:26:0e:45:6a:9a:ed:90:10:
05:cf:bd:65:9a:00:fe:19:bd:9c:1e:1c:d0:5d:69:2c:47:08:
25:54:97:64:19:cf:0a:ac:10:d2:ea:f4:7e:2b:d1:99:89:9d:
a4:bb:ad:37:99:0b:10:f2:bb:6a:09:1c:12:83:a0:fb:a8:06:
5f:0c:5c:92:4d:ae:6a:a3:ef:83:b3:15:af:6c:35:93:40:65:
c9:6c:e6:77
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO5XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTc1OTExWhcNMjUxMjEyMTc1OTExWjAYMRYw
FAYDVQQDEw02NzZkOTk3My0xY2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtYgGIRlmyW2f5JA5rn1Y4GmhUq3MWYrOghAn/WwN4D8U6L+83bHXzlrD
56jTdsXtbQAcIkqiNP698YZ6Rd49nYQieNxi5QFveESYFV3V4vIL7xkrNWyaYb5a
ymdd+xfXQ6yimv2B4ZH8M5jPY1rbOYI1PUyq1jcXvfeUGI42SnDFY0ZjdP5eSRCt
T74MZYh8Qrx5cG3yGVpUXXCElNr7FH7aPDKrT9gbuVYHfketcIbWBjVA61B2uUfw
8QvCHEDITAQWxNDGpZae7fW/jnsL3w10HMadKLfKnB4SHDulxgSk74dFCNGtZPR3
ybd4K6RGf9C8cvmjYnpZuNgmPWTUEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNpz
Bz2FU8IBCkpBSlQw5AUwp1wLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRTg2MUNBNEMzQjMxMUVGQUIxOTM5ODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcwfMA0GCSqGSIb3DQEBCwUA
A4IBAQAO/0iJ1VxhJnEpkcMU6LDFp6Mj6L69BY8gTMaCFxML1v8NeyZP/wo07+R6
a/TNl57P1pExYlxK2aktxQKJQKhSBjB6k9glKRG3R3W9eXCH4FdU2C4Wo5wqlKh0
IskyyETEtMAXpPQyBmr3TYrAi8jShsvuloPJsZasuwGYDAXZ0ZjHqWeJBdcBzNdA
EkfopNIcdd8iajRgtnsfr/BeTyIQz3MBSUbke97hAN6KJg5FaprtkBAFz71lmgD+
Gb2cHhzQXWksRwglVJdkGc8KrBDS6vR+K9GZiZ2ku603mQsQ8rtqCRwSg6D7qAZf
DFySTa5qo++DsxWvbDWTQGXJbOZ3
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:41 2025 by rpki-client