Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/216AA0C4BDB511EFA03243A8762E951A.roa
File: 216AA0C4BDB511EFA03243A8762E951A.roa (raw, json)
Hash identifier: uZbbbBPWu2BmJtyVrpqI3cu9xarpYbabmWT23bw5BzM=
Subject key identifier: 3F:22:11:A6:A8:CC:4F:A5:8B:7C:B4:FB:8D:19:F1:05:C9:08:07:6D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E4E5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/216AA0C4BDB511EFA03243A8762E951A.roa
Signing time: Thu 19 Dec 2024 02:58:32 +0000
ROA not before: Thu 19 Dec 2024 02:58:28 +0000
ROA not after: Wed 10 Dec 2025 02:58:28 +0000
asID: 984
IP address blocks: 45.204.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58597 (0xe4e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 02:58:28 2024 GMT
Not After : Dec 10 02:58:28 2025 GMT
Subject: CN=67638bd8-ef63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:12:d0:e3:54:52:08:26:07:4f:bf:ba:c1:63:
53:e4:26:a1:df:09:31:2b:eb:72:24:39:fe:da:04:
8f:f2:40:62:b4:0f:3e:8e:1b:58:7a:ff:8f:45:3f:
49:37:3a:c8:44:23:34:ca:85:e6:3b:c4:f3:b6:b4:
06:b4:7c:b9:1e:6c:04:c6:40:62:77:24:8f:c6:ec:
65:49:73:07:1b:03:a1:31:a3:56:84:df:13:89:ed:
56:19:99:54:5c:c3:b0:4e:b2:9d:c9:f3:50:96:62:
9c:c4:a1:41:d3:b9:64:40:56:9f:33:43:5c:e2:2c:
11:e9:28:b3:f0:92:cb:dc:72:4d:84:b1:05:24:03:
46:4c:e0:f5:e9:b2:c0:83:05:d9:c1:2e:ec:72:ac:
4b:79:21:53:38:63:b0:0e:ec:11:24:14:52:4b:fa:
b8:b5:75:ef:40:cb:f0:f5:fe:2c:62:b0:7b:7a:63:
f1:84:03:df:5a:ec:8c:39:6e:97:90:e6:d5:65:e5:
89:47:49:88:a6:f3:42:0a:e9:c3:f3:5c:9d:69:f2:
73:30:6d:9c:4e:bf:c3:68:4c:3e:cd:c0:5b:7b:0d:
f4:89:f2:0a:e1:a6:3c:1b:ab:b9:27:07:f7:9d:d1:
17:86:12:9c:88:79:2a:89:b1:59:88:d4:de:ae:74:
f3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:22:11:A6:A8:CC:4F:A5:8B:7C:B4:FB:8D:19:F1:05:C9:08:07:6D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/216AA0C4BDB511EFA03243A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.153.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:fa:76:2e:c8:6f:91:95:ee:70:0d:c2:e9:7f:7f:96:a6:0c:
24:fc:99:e6:c5:b1:5c:d7:8f:3f:88:56:5a:f8:e1:d2:d5:8d:
61:6b:51:6b:7e:d7:df:66:12:c7:5f:43:88:cd:f1:a2:0a:51:
44:33:0f:81:67:fb:aa:57:fb:5a:07:3e:30:1e:fc:f1:4d:aa:
a9:bf:65:be:15:0f:95:43:79:c6:a4:37:eb:b1:53:c8:43:33:
63:20:37:b0:77:5c:bc:3f:7e:ab:75:35:2b:67:92:20:70:29:
2b:a4:d1:35:59:96:a7:10:6b:c7:24:67:4e:c1:a0:46:a1:fa:
ca:a9:18:ee:e9:00:41:4b:92:aa:c6:3c:be:31:47:60:98:00:
23:22:64:de:ef:6b:76:57:7d:cf:67:de:88:ff:2b:b5:e6:e6:
d3:c0:41:d8:41:c1:96:f9:5f:e2:1e:7e:b2:13:83:60:9e:17:
94:f2:70:11:96:49:9c:6a:ce:94:25:2f:b0:3c:16:1a:99:f1:
ff:6e:9c:e9:00:4f:50:54:53:fb:21:1b:1e:ee:07:2b:06:98:
44:c7:62:69:b8:b9:b7:52:ec:1d:c6:8e:6b:fc:a9:4f:b1:e6:
4e:ba:5d:a2:0a:d9:e8:f2:32:f0:d6:3f:7e:42:97:98:3c:d3:
d9:8f:fb:bb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOTlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDI1ODI4WhcNMjUxMjEwMDI1ODI4WjAYMRYw
FAYDVQQDEw02NzYzOGJkOC1lZjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuxLQ41RSCCYHT7+6wWNT5Cah3wkxK+tyJDn+2gSP8kBitA8+jhtYev+P
RT9JNzrIRCM0yoXmO8TztrQGtHy5HmwExkBidySPxuxlSXMHGwOhMaNWhN8Tie1W
GZlUXMOwTrKdyfNQlmKcxKFB07lkQFafM0Nc4iwR6Siz8JLL3HJNhLEFJANGTOD1
6bLAgwXZwS7scqxLeSFTOGOwDuwRJBRSS/q4tXXvQMvw9f4sYrB7emPxhAPfWuyM
OW6XkObVZeWJR0mIpvNCCunD81ydafJzMG2cTr/DaEw+zcBbew30ifIK4aY8G6u5
Jwf3ndEXhhKciHkqibFZiNTernTzrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD8i
EaaozE+li3y0+40Z8QXJCAdtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMTZBQTBDNEJEQjUxMUVGQTAzMjQzQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcyZMA0GCSqGSIb3DQEBCwUA
A4IBAQA8+nYuyG+Rle5wDcLpf3+Wpgwk/JnmxbFc148/iFZa+OHS1Y1ha1Frftff
ZhLHX0OIzfGiClFEMw+BZ/uqV/taBz4wHvzxTaqpv2W+FQ+VQ3nGpDfrsVPIQzNj
IDewd1y8P36rdTUrZ5IgcCkrpNE1WZanEGvHJGdOwaBGofrKqRju6QBBS5Kqxjy+
MUdgmAAjImTe72t2V33PZ96I/yu15ubTwEHYQcGW+V/iHn6yE4NgnheU8nARlkmc
as6UJS+wPBYamfH/bpzpAE9QVFP7IRse7gcrBphEx2JpuLm3Uuwdxo5r/KlPseZO
ul2iCtno8jLw1j9+QpeYPNPZj/u7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:48 2025 by rpki-client