Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38DF3AD6C3BD11EF984A6249762E951A.roa
File: 38DF3AD6C3BD11EF984A6249762E951A.roa (raw, json)
Hash identifier: f11Z7/DMIq/kxCCmyW2WsVtfse4/hQI0R1y+wQtqHpM=
Subject key identifier: 5C:81:09:91:70:27:76:71:F3:28:12:9D:16:33:06:C6:50:FC:67:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EEBF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38DF3AD6C3BD11EF984A6249762E951A.roa
Signing time: Thu 26 Dec 2024 19:11:34 +0000
ROA not before: Thu 26 Dec 2024 19:11:31 +0000
ROA not after: Sun 12 Dec 2027 19:11:31 +0000
asID: 17561
IP address blocks: 45.207.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61119 (0xeebf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 19:11:31 2024 GMT
Not After : Dec 12 19:11:31 2027 GMT
Subject: CN=676daa66-4b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:f1:56:79:8e:3a:1b:df:fa:63:db:57:d1:01:
e2:47:8f:0d:36:7d:f9:d9:89:9b:da:33:4a:ae:8b:
1d:69:e5:41:04:42:44:98:8e:6c:d2:26:de:01:98:
37:92:91:3b:e0:ad:23:24:7e:48:ac:43:8e:9e:cb:
02:d1:34:72:e7:98:5a:f3:97:d9:95:64:c6:f2:20:
60:f7:86:ec:08:0a:8f:f9:e1:f5:fd:17:a4:d5:de:
cb:1b:93:dc:72:d4:d6:4b:c8:e8:24:a1:a0:3e:db:
c0:1d:fa:3e:18:51:a9:03:0f:40:30:48:cc:4e:15:
b7:eb:e9:ff:8e:59:03:54:1f:82:13:87:60:80:6d:
1c:ca:8c:d6:60:07:e8:2d:47:03:b3:ad:de:fc:9c:
1c:53:7a:f4:2b:40:66:73:0a:f1:dc:70:97:1a:d7:
61:36:38:8f:f6:6e:83:ac:60:0a:de:db:a8:14:0d:
d5:9f:b1:cf:f7:3c:bc:a4:ef:9b:c5:c4:93:06:51:
ea:9d:45:a2:cd:d8:c3:c8:ef:ee:c0:ab:a0:d1:50:
21:f6:80:35:8f:9f:b8:73:79:57:40:b3:3a:44:0e:
a5:7b:f4:ba:78:61:58:22:79:ea:86:0d:b5:7d:08:
78:b1:fc:4f:06:a4:f7:f3:38:f3:18:af:66:74:8d:
69:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:81:09:91:70:27:76:71:F3:28:12:9D:16:33:06:C6:50:FC:67:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38DF3AD6C3BD11EF984A6249762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.160.0/24
Signature Algorithm: sha256WithRSAEncryption
83:84:ab:7c:40:c7:48:f1:ba:5c:4a:e5:59:5b:a1:b3:98:ad:
62:9e:36:4c:03:b3:2d:93:7f:34:02:29:77:df:cf:6a:5f:42:
51:d1:20:3e:c6:37:b2:7b:a9:ea:23:8b:26:29:3b:21:2e:a2:
5e:95:db:19:ef:5f:19:6d:a9:a4:a5:2a:61:3c:0b:fe:91:df:
d2:b5:db:12:b3:5a:37:7c:7d:ba:79:65:08:ed:76:96:ef:f6:
21:7c:67:be:5f:49:4a:54:17:f2:45:62:a6:c5:8d:2a:39:6e:
bd:3a:c9:b4:89:86:13:69:c1:e6:43:9e:1e:66:bb:0d:9e:49:
1f:1d:00:28:c1:ee:4a:d9:ac:61:bf:50:38:86:19:3b:bb:c8:
40:48:38:ee:60:1d:3b:bb:4b:2b:5a:37:27:f1:55:f7:67:0f:
ed:1e:f5:04:6b:c2:61:36:31:e4:a1:7a:16:f4:50:32:fd:21:
28:4b:0e:58:83:1d:0e:ae:a5:4c:ad:d2:17:56:45:d1:1c:16:
ce:42:74:23:a9:42:c5:a1:22:b6:64:eb:4d:50:3b:c5:12:38:
a9:96:08:d7:c1:30:34:6b:ee:9c:26:3a:43:00:75:c5:5d:de:
6c:44:d8:85:87:66:2a:d2:5a:ad:cb:a8:a6:2b:a3:a5:7e:85:
a6:da:d5:f7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO6/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTkxMTMxWhcNMjcxMjEyMTkxMTMxWjAYMRYw
FAYDVQQDEw02NzZkYWE2Ni00YjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6vFWeY46G9/6Y9tX0QHiR48NNn352Ymb2jNKrosdaeVBBEJEmI5s0ibe
AZg3kpE74K0jJH5IrEOOnssC0TRy55ha85fZlWTG8iBg94bsCAqP+eH1/Rek1d7L
G5PcctTWS8joJKGgPtvAHfo+GFGpAw9AMEjMThW36+n/jlkDVB+CE4dggG0cyozW
YAfoLUcDs63e/JwcU3r0K0Bmcwrx3HCXGtdhNjiP9m6DrGAK3tuoFA3Vn7HP9zy8
pO+bxcSTBlHqnUWizdjDyO/uwKug0VAh9oA1j5+4c3lXQLM6RA6le/S6eGFYInnq
hg21fQh4sfxPBqT38zjzGK9mdI1pkwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFyB
CZFwJ3Zx8ygSnRYzBsZQ/GfKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zOERGM0FENkMzQkQxMUVGOTg0QTYyNDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+gMA0GCSqGSIb3DQEBCwUA
A4IBAQCDhKt8QMdI8bpcSuVZW6GzmK1injZMA7Mtk380Ail3389qX0JR0SA+xjey
e6nqI4smKTshLqJeldsZ718ZbamkpSphPAv+kd/StdsSs1o3fH26eWUI7XaW7/Yh
fGe+X0lKVBfyRWKmxY0qOW69Osm0iYYTacHmQ54eZrsNnkkfHQAowe5K2axhv1A4
hhk7u8hASDjuYB07u0srWjcn8VX3Zw/tHvUEa8JhNjHkoXoW9FAy/SEoSw5Ygx0O
rqVMrdIXVkXRHBbOQnQjqULFoSK2ZOtNUDvFEjiplgjXwTA0a+6cJjpDAHXFXd5s
RNiFh2Yq0lqty6imK6OlfoWm2tX3
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:33 2025 by rpki-client