Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4196E094C3E411EFBE3C06BD762E951A.roa
File: 4196E094C3E411EFBE3C06BD762E951A.roa (raw, json)
Hash identifier: ThLCT4+cZNM1DOM8WPKKC4/itAYfBmkIJg5RH9FRNnY=
Subject key identifier: 72:1F:27:21:4B:03:F0:F4:3D:57:F7:86:C5:CF:BA:BC:20:6D:93:2A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF17
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4196E094C3E411EFBE3C06BD762E951A.roa
Signing time: Thu 26 Dec 2024 23:50:59 +0000
ROA not before: Thu 26 Dec 2024 23:50:55 +0000
ROA not after: Fri 12 Dec 2025 23:50:55 +0000
asID: 984
IP address blocks: 45.192.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61207 (0xef17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 23:50:55 2024 GMT
Not After : Dec 12 23:50:55 2025 GMT
Subject: CN=676debe3-9043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:60:e1:11:63:cf:39:a0:91:ce:8b:ec:b7:da:
2e:02:48:6f:6b:b3:f1:28:3c:61:0a:21:6b:bb:50:
ae:1c:78:43:6a:48:e8:19:33:ce:d8:fa:b5:ae:b0:
ce:b9:09:75:36:38:80:d0:48:ab:e9:87:5a:d8:a5:
8f:25:7a:aa:ab:cd:3c:c0:19:ba:64:9a:28:70:82:
b8:d9:52:03:ea:10:7d:be:b5:4a:a8:1d:a3:fe:ab:
dc:8d:a0:11:60:af:cd:3f:6c:f1:71:9d:6c:7e:11:
8b:8c:70:cf:7f:85:57:a6:25:1a:1a:df:00:89:e4:
f5:f7:ef:90:be:3b:99:00:c7:fa:a7:5c:f6:5f:4e:
45:6f:08:4a:2b:1f:22:c0:93:e5:6e:1a:8a:93:00:
a6:10:ec:2f:2f:51:1f:42:11:87:d1:72:c0:18:ec:
fe:df:cd:6f:27:99:4e:2e:28:29:eb:f8:b2:f6:35:
e5:d1:16:da:f0:8c:c6:13:92:d8:0d:5a:06:a2:ef:
e7:81:e2:9a:8e:94:58:ca:08:30:fb:86:86:59:22:
29:ae:33:89:34:91:b3:19:7b:36:21:b2:86:1f:4c:
d2:28:21:ca:3b:d5:2f:42:05:90:b0:d9:29:c0:97:
64:3f:56:db:da:b4:23:c6:e7:26:79:ee:82:f2:2e:
ff:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1F:27:21:4B:03:F0:F4:3D:57:F7:86:C5:CF:BA:BC:20:6D:93:2A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4196E094C3E411EFBE3C06BD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.220.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:6b:56:5e:dc:de:8b:0e:f1:dc:9d:98:e7:f4:5f:ee:88:e6:
a9:a5:b1:d8:e6:e4:fc:16:d6:4a:85:2e:0f:46:ad:e1:3f:58:
49:ca:b1:db:6a:4f:42:f6:1a:da:9c:b2:f8:1e:07:33:37:2d:
70:c5:53:36:c8:5f:df:2f:d3:0e:9d:66:7a:37:39:de:9a:50:
76:1c:46:22:3c:a2:fa:e8:2d:cb:fa:3e:14:8e:5a:97:8c:2f:
bc:01:62:d7:15:7f:c5:ea:92:9e:5b:b0:aa:20:7c:9a:b3:8f:
1b:91:3a:38:04:25:b5:fd:27:42:5d:ef:11:db:f8:90:63:fc:
c4:3a:92:8f:07:7c:4e:99:4b:9d:2a:c8:9f:ee:40:ed:fe:0c:
32:8e:11:08:57:3a:27:bf:18:80:e6:57:28:a5:fe:fc:e2:82:
8d:f6:36:ae:f8:15:a5:75:c2:09:c3:26:f9:aa:47:69:7a:f0:
04:07:d1:d8:ce:71:be:8a:63:4d:00:ca:c7:3b:a3:14:f3:5c:
91:98:d2:52:95:79:e5:d2:d7:df:eb:e7:3b:88:5c:98:ec:25:
07:eb:0d:8a:95:a7:3f:5c:71:dd:3a:8b:1d:12:79:5c:3b:76:
d5:2a:04:c6:32:82:58:ce:e2:68:cb:73:d8:90:ae:26:83:27:
77:c2:68:f1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO8XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MjM1MDU1WhcNMjUxMjEyMjM1MDU1WjAYMRYw
FAYDVQQDEw02NzZkZWJlMy05MDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy2DhEWPPOaCRzovst9ouAkhva7PxKDxhCiFru1CuHHhDakjoGTPO2Pq1
rrDOuQl1NjiA0Eir6Yda2KWPJXqqq808wBm6ZJoocIK42VID6hB9vrVKqB2j/qvc
jaARYK/NP2zxcZ1sfhGLjHDPf4VXpiUaGt8AieT19++QvjuZAMf6p1z2X05FbwhK
Kx8iwJPlbhqKkwCmEOwvL1EfQhGH0XLAGOz+381vJ5lOLigp6/iy9jXl0Rba8IzG
E5LYDVoGou/ngeKajpRYyggw+4aGWSIprjOJNJGzGXs2IbKGH0zSKCHKO9UvQgWQ
sNkpwJdkP1bb2rQjxucmee6C8i7/hwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHIf
JyFLA/D0PVf3hsXPurwgbZMqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MTk2RTA5NEMzRTQxMUVGQkUzQzA2QkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcDcMA0GCSqGSIb3DQEBCwUA
A4IBAQCoa1Ze3N6LDvHcnZjn9F/uiOappbHY5uT8FtZKhS4PRq3hP1hJyrHbak9C
9hranLL4HgczNy1wxVM2yF/fL9MOnWZ6NznemlB2HEYiPKL66C3L+j4UjlqXjC+8
AWLXFX/F6pKeW7CqIHyas48bkTo4BCW1/SdCXe8R2/iQY/zEOpKPB3xOmUudKsif
7kDt/gwyjhEIVzonvxiA5lcopf784oKN9jau+BWldcIJwyb5qkdpevAEB9HYznG+
imNNAMrHO6MU81yRmNJSlXnl0tff6+c7iFyY7CUH6w2Klac/XHHdOosdEnlcO3bV
KgTGMoJYzuJoy3PYkK4mgyd3wmjx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:29 2025 by rpki-client