Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2237DC9CD24611EF90EFCAA7762E951A.roa
File: 2237DC9CD24611EF90EFCAA7762E951A.roa (raw, json)
Hash identifier: gUot+FjxJoDVjscqvR20bI6/cqahRFAL9vKTqRyBVOA=
Subject key identifier: 84:BD:C8:ED:B6:BF:0E:32:4D:5A:65:77:B4:CC:0B:D2:6C:F4:F2:CB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106D2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2237DC9CD24611EF90EFCAA7762E951A.roa
Signing time: Tue 14 Jan 2025 07:06:54 +0000
ROA not before: Tue 14 Jan 2025 07:06:50 +0000
ROA not after: Mon 07 Apr 2025 07:06:50 +0000
asID: 142002
IP address blocks: 45.195.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67282 (0x106d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 07:06:50 2025 GMT
Not After : Apr 7 07:06:50 2025 GMT
Subject: CN=67860d0d-40fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fb:e8:bb:e9:1f:87:c5:75:50:dc:ee:90:9f:
6c:03:8f:35:db:65:5c:db:52:c9:8b:ed:a9:8a:ac:
b2:99:8a:01:e7:8a:8f:7e:ef:f3:0b:35:c5:60:ca:
f5:f9:70:39:0c:97:71:87:71:43:5e:bc:94:f6:13:
34:6f:47:05:26:6a:5a:ce:f0:c7:af:39:f3:7d:d3:
2a:cc:01:19:33:23:ef:65:7f:68:0f:07:bb:9d:a0:
bb:03:73:4a:aa:9e:1a:49:3b:d0:a7:c8:ec:10:0a:
5b:fb:15:a1:e5:51:c9:b2:52:b3:7d:7d:1d:b3:76:
80:57:55:d4:f3:af:a3:28:35:86:7e:ca:a7:f5:aa:
f8:19:8a:8b:8f:b0:48:f9:b5:66:6a:6e:b0:0b:f4:
ca:06:18:50:c1:ed:94:87:46:76:9b:02:55:f7:a1:
75:c1:6a:1b:0c:40:0e:33:b3:8c:e5:94:35:4e:a1:
b0:b8:91:43:28:2e:4f:a9:ff:ad:07:c9:72:4d:86:
71:77:c4:57:80:35:a3:62:ec:3f:f6:d5:cd:31:09:
c1:d4:64:d0:79:df:1c:80:87:0a:7d:a9:72:b1:6d:
b7:31:e2:5b:e5:27:d9:e5:cb:6b:27:4a:80:72:e2:
ac:f6:89:a6:78:81:a8:f1:02:5c:1a:84:81:4d:44:
d4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:BD:C8:ED:B6:BF:0E:32:4D:5A:65:77:B4:CC:0B:D2:6C:F4:F2:CB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2237DC9CD24611EF90EFCAA7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.8.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:90:1b:aa:a3:76:f9:d1:66:d8:3d:61:d2:b4:03:3d:c4:32:
87:64:44:e4:3f:f6:75:72:3b:b0:66:fc:56:1b:17:ca:b8:0a:
71:58:d4:0b:51:47:f2:86:5d:9f:06:1b:d5:25:ae:dc:c2:f4:
18:f4:21:1e:29:96:e2:73:9e:71:ee:8e:27:d6:75:1b:44:aa:
ab:4a:42:3b:c4:7c:92:29:39:d0:43:c2:46:6f:3b:64:6c:45:
e3:d1:a5:75:4a:84:9a:ed:f7:73:0d:76:c5:26:f9:9a:31:28:
ee:8b:15:0a:e4:03:ce:90:ce:4e:e4:97:90:3d:db:2d:0b:5d:
05:ef:dd:a3:2c:ce:1c:f2:17:7f:76:3a:cd:42:7a:ea:fa:77:
3b:e1:8e:8f:78:78:b9:7b:0f:a1:bb:78:01:83:ab:a7:22:a4:
86:29:d6:65:cb:da:c8:b4:a2:32:15:8a:38:fc:b4:f9:6e:05:
12:0a:3e:30:21:6e:3e:ba:72:75:7f:80:ab:a0:40:66:3a:19:
92:30:4b:5e:48:61:c3:5f:e5:26:50:2e:95:d6:ac:0c:96:4e:
3c:11:8f:d1:92:67:14:e0:e3:c8:ef:af:b4:2f:c2:77:53:dd:
59:17:68:5b:45:2c:7f:ac:7e:f1:d0:e7:79:cb:8e:0a:e7:8d:
ed:d9:6a:16
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQbSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDcwNjUwWhcNMjUwNDA3MDcwNjUwWjAYMRYw
FAYDVQQDEw02Nzg2MGQwZC00MGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0fvou+kfh8V1UNzukJ9sA48122Vc21LJi+2piqyymYoB54qPfu/zCzXF
YMr1+XA5DJdxh3FDXryU9hM0b0cFJmpazvDHrznzfdMqzAEZMyPvZX9oDwe7naC7
A3NKqp4aSTvQp8jsEApb+xWh5VHJslKzfX0ds3aAV1XU86+jKDWGfsqn9ar4GYqL
j7BI+bVmam6wC/TKBhhQwe2Uh0Z2mwJV96F1wWobDEAOM7OM5ZQ1TqGwuJFDKC5P
qf+tB8lyTYZxd8RXgDWjYuw/9tXNMQnB1GTQed8cgIcKfalysW23MeJb5SfZ5ctr
J0qAcuKs9ommeIGo8QJcGoSBTUTUnQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIS9
yO22vw4yTVpld7TMC9Js9PLLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjM3REM5Q0QyNDYxMUVGOTBFRkNBQTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcMIMA0GCSqGSIb3DQEBCwUA
A4IBAQBKkBuqo3b50WbYPWHStAM9xDKHZETkP/Z1cjuwZvxWGxfKuApxWNQLUUfy
hl2fBhvVJa7cwvQY9CEeKZbic55x7o4n1nUbRKqrSkI7xHySKTnQQ8JGbztkbEXj
0aV1SoSa7fdzDXbFJvmaMSjuixUK5APOkM5O5JeQPdstC10F792jLM4c8hd/djrN
Qnrq+nc74Y6PeHi5ew+hu3gBg6unIqSGKdZly9rItKIyFYo4/LT5bgUSCj4wIW4+
unJ1f4CroEBmOhmSMEteSGHDX+UmUC6V1qwMlk48EY/RkmcU4OPI76+0L8J3U91Z
F2hbRSx/rH7x0Od5y44K543t2WoW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:55 2025 by rpki-client