Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EB60E2CC3B911EFB800ECAD762E951A.roa
File: 1EB60E2CC3B911EFB800ECAD762E951A.roa (raw, json)
Hash identifier: sU1NgVSYA7FtTPhrkT7EAKreDQHyHiP4dYuff9UGFgQ=
Subject key identifier: 95:4E:CC:B1:FB:74:80:AB:0A:30:A4:4C:9B:A0:73:C1:2C:F6:03:7A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE95
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EB60E2CC3B911EFB800ECAD762E951A.roa
Signing time: Thu 26 Dec 2024 18:42:12 +0000
ROA not before: Thu 26 Dec 2024 18:42:09 +0000
ROA not after: Sun 12 Dec 2027 18:42:09 +0000
asID: 17561
IP address blocks: 45.207.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61077 (0xee95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 18:42:09 2024 GMT
Not After : Dec 12 18:42:09 2027 GMT
Subject: CN=676da384-357d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0b:76:2e:e9:af:1a:91:8c:3d:6f:8e:50:a0:
57:dc:b8:18:c9:cd:29:c8:94:6d:f0:e0:87:1e:63:
5f:1a:7e:46:85:61:da:f9:bf:d1:c8:f4:4d:36:a6:
9f:a9:f0:0d:53:ef:02:9b:b2:15:12:f8:d3:66:05:
87:dd:b9:95:b3:ea:57:cf:1b:95:c8:c9:56:a0:43:
6f:28:67:bf:3c:46:bd:3f:df:76:16:6b:87:83:45:
f9:fd:d0:b5:3a:77:12:be:cd:43:a8:a7:86:e5:d1:
86:00:c4:28:84:e6:2d:22:51:85:ea:53:56:0c:f0:
6c:70:48:ad:c9:61:2c:11:33:41:d3:a0:08:b2:db:
62:39:e3:51:d2:df:f8:0e:40:68:78:61:bf:8b:c9:
c0:89:9a:37:33:b0:34:10:ab:22:1f:9d:04:00:a4:
5e:3a:24:9c:58:f6:7e:b2:7f:37:42:b8:96:b3:87:
ac:7c:f9:9e:fb:af:af:09:c8:0a:a3:9d:f9:1c:8d:
2a:15:c1:00:e4:0f:cc:c7:93:d5:a6:e0:ca:71:f9:
db:77:49:54:02:f1:35:bb:f1:31:79:1f:21:c5:b3:
e2:f0:30:39:d1:e9:c2:0b:cc:65:8c:fc:8c:20:1f:
aa:9e:c8:7b:3a:95:5a:df:c8:13:8e:4f:ee:ad:a1:
86:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4E:CC:B1:FB:74:80:AB:0A:30:A4:4C:9B:A0:73:C1:2C:F6:03:7A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EB60E2CC3B911EFB800ECAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.139.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:13:d4:45:6e:c8:be:b8:c9:2c:de:61:a1:3d:7a:0a:89:80:
a2:4a:8f:99:b3:61:17:b6:e2:6f:0e:04:76:c3:b1:16:3b:75:
77:97:a6:e5:ad:ab:00:fa:09:39:c5:51:ed:93:a9:3c:7b:d4:
f2:e6:7a:9c:66:9c:db:7f:15:d1:d3:bc:48:68:5e:7b:b3:0e:
f4:d6:4a:3b:73:c2:70:7d:07:45:04:8e:46:35:cc:9f:40:92:
48:fd:48:f5:2f:de:5f:ee:02:83:cf:b7:a7:53:c8:41:fb:fb:
e3:7e:c8:32:c2:a8:26:62:21:05:16:15:c7:b1:84:27:98:ea:
36:d2:5c:b2:93:c3:52:4f:bd:91:ec:94:5c:56:30:f5:00:94:
8f:08:b0:be:44:e8:10:b4:ab:ad:95:33:51:93:52:2e:e1:b6:
2d:93:44:9c:86:73:f8:b2:16:8b:af:69:06:0d:52:87:97:ed:
9a:0e:29:92:3d:9b:3d:96:1c:3c:4b:0c:c2:95:80:4b:03:70:
7b:c2:7c:61:0d:0d:d1:3d:a7:d9:f3:8d:70:70:a5:25:fe:b8:
c6:95:58:af:ee:47:c1:9e:ff:c8:d1:4b:85:8f:69:c2:11:ee:
4c:5d:c8:d8:3c:b3:14:03:b8:79:be:af:f0:64:0f:38:b4:15:
d0:eb:82:6c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO6VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTg0MjA5WhcNMjcxMjEyMTg0MjA5WjAYMRYw
FAYDVQQDEw02NzZkYTM4NC0zNTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxwt2LumvGpGMPW+OUKBX3LgYyc0pyJRt8OCHHmNfGn5GhWHa+b/RyPRN
NqafqfANU+8Cm7IVEvjTZgWH3bmVs+pXzxuVyMlWoENvKGe/PEa9P992FmuHg0X5
/dC1OncSvs1DqKeG5dGGAMQohOYtIlGF6lNWDPBscEityWEsETNB06AIsttiOeNR
0t/4DkBoeGG/i8nAiZo3M7A0EKsiH50EAKReOiScWPZ+sn83QriWs4esfPme+6+v
CcgKo535HI0qFcEA5A/Mx5PVpuDKcfnbd0lUAvE1u/ExeR8hxbPi8DA50enCC8xl
jPyMIB+qnsh7OpVa38gTjk/uraGG1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJVO
zLH7dICrCjCkTJugc8Es9gN6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRUI2MEUyQ0MzQjkxMUVGQjgwMEVDQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+LMA0GCSqGSIb3DQEBCwUA
A4IBAQCxE9RFbsi+uMks3mGhPXoKiYCiSo+Zs2EXtuJvDgR2w7EWO3V3l6blrasA
+gk5xVHtk6k8e9Ty5nqcZpzbfxXR07xIaF57sw701ko7c8JwfQdFBI5GNcyfQJJI
/Uj1L95f7gKDz7enU8hB+/vjfsgywqgmYiEFFhXHsYQnmOo20lyyk8NST72R7JRc
VjD1AJSPCLC+ROgQtKutlTNRk1Iu4bYtk0SchnP4shaLr2kGDVKHl+2aDimSPZs9
lhw8SwzClYBLA3B7wnxhDQ3RPafZ841wcKUl/rjGlViv7kfBnv/I0UuFj2nCEe5M
XcjYPLMUA7h5vq/wZA84tBXQ64Js
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:41 2025 by rpki-client