Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/238E3C98BDB111EF9B0DFE8B762E951A.roa
File: 238E3C98BDB111EF9B0DFE8B762E951A.roa (raw, json)
Hash identifier: ajDANrFO8AaWujE9jlwCgsS/evIETANk+1YpybaYFUk=
Subject key identifier: D3:8C:76:A6:5F:50:89:62:0F:B5:E2:D0:86:F6:45:17:E4:FD:42:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E4B1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/238E3C98BDB111EF9B0DFE8B762E951A.roa
Signing time: Thu 19 Dec 2024 02:29:57 +0000
ROA not before: Thu 19 Dec 2024 02:29:54 +0000
ROA not after: Wed 10 Dec 2025 02:29:54 +0000
asID: 984
IP address blocks: 45.198.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58545 (0xe4b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 02:29:54 2024 GMT
Not After : Dec 10 02:29:54 2025 GMT
Subject: CN=67638525-9147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0e:fb:b4:71:33:10:0e:e4:b2:3d:d8:42:b0:
24:13:7f:7c:2c:99:f5:f8:2e:13:70:67:37:92:07:
c1:4c:28:6a:b0:8e:24:5c:71:66:f2:0a:5f:9f:cb:
a7:3e:ed:22:d0:09:ed:93:37:d7:e2:50:ea:92:36:
30:7c:41:6d:07:16:10:b4:47:de:6e:05:ca:c5:f0:
80:66:0a:cd:34:2b:3a:18:a1:8a:8f:8c:6e:66:30:
16:39:42:f8:6e:25:7f:c7:7a:f8:d7:3c:cb:a2:9d:
dc:01:73:5b:ab:56:84:df:73:23:87:7e:71:b6:c2:
50:92:a0:3e:fb:83:7e:8a:f7:c8:f1:86:29:08:13:
1c:14:b4:56:73:f7:51:70:70:43:35:60:7a:83:48:
07:15:9d:2f:17:f3:2e:07:13:c7:01:28:43:9d:ee:
8e:c1:53:57:6f:e1:9c:0d:72:fd:c9:fe:82:de:01:
35:6c:65:cc:23:0c:c3:4c:65:51:87:96:10:09:20:
90:fa:f3:63:0c:45:a5:85:95:9b:69:4b:19:ee:a0:
8e:df:d1:af:31:f5:32:9a:46:5c:65:26:b5:d7:07:
02:75:fa:5d:e8:09:3a:6a:48:d0:5d:03:1c:79:cc:
be:49:0d:66:57:b7:36:af:c0:8e:48:9f:ba:4d:70:
bf:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8C:76:A6:5F:50:89:62:0F:B5:E2:D0:86:F6:45:17:E4:FD:42:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/238E3C98BDB111EF9B0DFE8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.240.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:12:0d:0d:70:1d:6f:6e:4c:8a:4d:de:0e:92:dc:d3:36:e4:
25:bb:bf:86:bb:e3:8c:41:b3:b1:0e:fe:08:12:1b:df:0a:af:
94:3a:5f:44:15:2e:45:40:45:f9:ab:6a:82:d6:48:36:d8:83:
38:79:5d:97:05:16:bc:e6:bf:e2:92:1d:13:2c:b4:ec:21:95:
e5:0f:ea:0e:42:24:09:3e:b1:e6:c9:fc:b4:e6:59:21:d0:26:
20:43:2b:91:0b:9f:4f:09:b5:7e:7a:3d:93:94:60:70:79:6a:
06:7b:84:93:e3:4e:ab:f5:39:34:90:15:d9:0b:83:a6:7b:f7:
e0:44:8c:67:2a:db:2a:7c:f3:9e:3c:32:27:83:cd:5b:07:7e:
68:03:f2:f9:0f:87:bc:24:92:e9:98:96:ed:68:ec:38:bc:2e:
f3:6b:34:68:c3:e8:2e:2b:23:fe:0f:e9:e4:db:24:3c:dc:85:
8f:0f:cd:8a:ee:4d:c7:35:54:8d:dd:68:6d:28:36:44:90:9a:
0c:a6:74:53:48:0d:ae:a8:af:7a:e3:85:ff:b8:ef:15:e5:aa:
3c:6d:8a:ee:3c:9a:fe:93:46:9c:c1:0b:1f:2b:66:93:c2:56:
61:d7:7a:a3:58:92:c0:ac:33:1c:46:3a:37:3e:bb:0a:cb:5a:
60:3b:c1:17
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOSxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDIyOTU0WhcNMjUxMjEwMDIyOTU0WjAYMRYw
FAYDVQQDEw02NzYzODUyNS05MTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApA77tHEzEA7ksj3YQrAkE398LJn1+C4TcGc3kgfBTChqsI4kXHFm8gpf
n8unPu0i0AntkzfX4lDqkjYwfEFtBxYQtEfebgXKxfCAZgrNNCs6GKGKj4xuZjAW
OUL4biV/x3r41zzLop3cAXNbq1aE33Mjh35xtsJQkqA++4N+ivfI8YYpCBMcFLRW
c/dRcHBDNWB6g0gHFZ0vF/MuBxPHAShDne6OwVNXb+GcDXL9yf6C3gE1bGXMIwzD
TGVRh5YQCSCQ+vNjDEWlhZWbaUsZ7qCO39GvMfUymkZcZSa11wcCdfpd6Ak6akjQ
XQMcecy+SQ1mV7c2r8COSJ+6TXC/gQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNOM
dqZfUIliD7Xi0Ib2RRfk/UIOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMzhFM0M5OEJEQjExMUVGOUIwREZFOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcbwMA0GCSqGSIb3DQEBCwUA
A4IBAQB9Eg0NcB1vbkyKTd4OktzTNuQlu7+Gu+OMQbOxDv4IEhvfCq+UOl9EFS5F
QEX5q2qC1kg22IM4eV2XBRa85r/ikh0TLLTsIZXlD+oOQiQJPrHmyfy05lkh0CYg
QyuRC59PCbV+ej2TlGBweWoGe4ST406r9Tk0kBXZC4Ome/fgRIxnKtsqfPOePDIn
g81bB35oA/L5D4e8JJLpmJbtaOw4vC7zazRow+guKyP+D+nk2yQ83IWPD82K7k3H
NVSN3WhtKDZEkJoMpnRTSA2uqK9644X/uO8V5ao8bYruPJr+k0acwQsfK2aTwlZh
13qjWJLArDMcRjo3PrsKy1pgO8EX
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:43 2025 by rpki-client