Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/203133A8C40411EFA6D2FF9B762E951A.roa
File: 203133A8C40411EFA6D2FF9B762E951A.roa (raw, json)
Hash identifier: 7AowFjiO1u1tM0EQ5oyiMTLpZKrdff/8GbMeknjb9ao=
Subject key identifier: EE:C0:A1:EA:E2:60:93:EE:F9:9D:7A:0A:BD:15:B3:FE:1D:7D:3C:FE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EFF6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/203133A8C40411EFA6D2FF9B762E951A.roa
Signing time: Fri 27 Dec 2024 03:39:07 +0000
ROA not before: Fri 27 Dec 2024 03:39:03 +0000
ROA not after: Fri 12 Dec 2025 03:39:03 +0000
asID: 984
IP address blocks: 45.195.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61430 (0xeff6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 03:39:03 2024 GMT
Not After : Dec 12 03:39:03 2025 GMT
Subject: CN=676e215b-d83e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c7:93:77:25:cf:b1:b0:6f:98:35:bc:0d:85:
2c:c1:e4:cf:a2:ed:b9:c2:7b:d0:3e:38:66:03:bf:
6f:b0:6b:57:fe:1e:0e:41:5b:4f:c9:15:1d:6c:61:
ef:ac:ad:d9:14:8a:d2:82:c2:49:4e:bd:09:d7:51:
c3:6d:4b:b8:ca:6e:c0:98:d0:0b:01:cc:bd:2b:61:
a0:88:81:93:94:3f:cf:38:6a:72:8d:9d:99:e3:28:
d8:8e:54:75:a9:1c:cc:2b:dd:77:e5:0f:c2:e5:b9:
52:92:21:85:d7:40:b6:76:17:b0:07:ba:74:ea:45:
13:fe:85:c8:49:ad:bf:23:f5:db:d0:ba:b4:c1:cd:
69:31:a8:6e:3f:5b:6f:e2:36:dc:e1:67:a8:a7:6d:
61:d7:68:26:d6:d9:d0:e9:e9:e2:5a:ad:8e:95:84:
bf:a6:59:97:3b:d3:61:d3:5a:79:d7:da:a0:fa:ed:
4e:f0:7f:0a:74:3d:18:37:9c:0b:69:19:0a:bc:d1:
e4:17:40:be:bf:9c:ef:db:b2:74:24:d1:a9:05:18:
d9:98:c0:11:f5:0b:13:cb:30:b4:4b:a4:d4:92:b2:
f6:52:bb:00:ed:54:8f:7e:a8:51:ca:fa:2c:c2:04:
5a:c7:45:f0:d4:60:d4:46:c0:76:af:bb:b6:dd:20:
6f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C0:A1:EA:E2:60:93:EE:F9:9D:7A:0A:BD:15:B3:FE:1D:7D:3C:FE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/203133A8C40411EFA6D2FF9B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.230.0/24
Signature Algorithm: sha256WithRSAEncryption
39:71:8b:e9:58:12:26:34:ca:c4:3f:c5:6d:31:b4:3c:af:f0:
d7:dd:11:c9:f8:4e:ea:26:15:27:2e:83:89:68:c3:3f:52:1b:
a6:14:77:10:72:f7:26:c9:5d:ba:2f:24:06:fe:52:a1:1a:38:
9a:fb:03:97:ae:ba:46:f9:11:76:c0:d9:75:be:04:88:1c:3f:
38:5a:fd:6c:04:a3:26:6b:dc:b0:59:32:87:11:43:0c:b9:0d:
dd:4f:37:77:ca:a1:12:11:92:70:4d:1c:00:29:2b:8b:66:62:
19:7a:d0:cd:61:26:5f:3b:f4:85:67:83:0e:de:b3:2a:14:92:
fd:31:21:92:d3:73:31:90:d9:9d:e9:22:89:56:aa:c9:13:98:
6b:18:0f:15:d0:d3:d0:08:96:0a:a8:8d:63:63:a9:ed:f8:50:
0e:1d:c4:13:d2:da:f2:92:59:60:ee:2e:5f:72:1d:e8:b9:e5:
1a:be:08:d2:b9:53:c0:86:ec:b2:e3:a6:30:46:16:c5:fe:7d:
7a:29:68:c6:28:6e:09:18:28:09:1f:7a:09:f3:7f:ac:da:f2:
cd:24:c1:81:92:c1:02:ef:e4:d2:7e:b1:c4:68:f7:86:99:1f:
2a:59:c5:58:d5:c7:4c:34:f6:3b:1d:68:6a:9b:b3:58:f0:bd:
6c:bd:b1:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO/2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDMzOTAzWhcNMjUxMjEyMDMzOTAzWjAYMRYw
FAYDVQQDEw02NzZlMjE1Yi1kODNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5ceTdyXPsbBvmDW8DYUsweTPou25wnvQPjhmA79vsGtX/h4OQVtPyRUd
bGHvrK3ZFIrSgsJJTr0J11HDbUu4ym7AmNALAcy9K2GgiIGTlD/POGpyjZ2Z4yjY
jlR1qRzMK9135Q/C5blSkiGF10C2dhewB7p06kUT/oXISa2/I/Xb0Lq0wc1pMahu
P1tv4jbc4Weop21h12gm1tnQ6eniWq2OlYS/plmXO9Nh01p519qg+u1O8H8KdD0Y
N5wLaRkKvNHkF0C+v5zv27J0JNGpBRjZmMAR9QsTyzC0S6TUkrL2UrsA7VSPfqhR
yvoswgRax0Xw1GDURsB2r7u23SBvvQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO7A
oeriYJPu+Z16Cr0Vs/4dfTz+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMDMxMzNBOEM0MDQxMUVGQTZEMkZGOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcPmMA0GCSqGSIb3DQEBCwUA
A4IBAQA5cYvpWBImNMrEP8VtMbQ8r/DX3RHJ+E7qJhUnLoOJaMM/UhumFHcQcvcm
yV26LyQG/lKhGjia+wOXrrpG+RF2wNl1vgSIHD84Wv1sBKMma9ywWTKHEUMMuQ3d
Tzd3yqESEZJwTRwAKSuLZmIZetDNYSZfO/SFZ4MO3rMqFJL9MSGS03MxkNmd6SKJ
VqrJE5hrGA8V0NPQCJYKqI1jY6nt+FAOHcQT0trykllg7i5fch3oueUavgjSuVPA
huyy46YwRhbF/n16KWjGKG4JGCgJH3oJ83+s2vLNJMGBksEC7+TSfrHEaPeGmR8q
WcVY1cdMNPY7HWhqm7NY8L1svbF9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:02 2025 by rpki-client