Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/433ACBBABDB611EF9A0E83AF762E951A.roa
File: 433ACBBABDB611EF9A0E83AF762E951A.roa (raw, json)
Hash identifier: +p81J3dMH5DnMw4qKWa92A2oADTOFJZZtGBfv5JvS44=
Subject key identifier: C0:B3:D0:1E:39:3E:E3:0F:08:3F:9A:CD:34:6B:DF:3C:2B:64:8D:78
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E4F3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/433ACBBABDB611EF9A0E83AF762E951A.roa
Signing time: Thu 19 Dec 2024 03:06:38 +0000
ROA not before: Thu 19 Dec 2024 03:06:34 +0000
ROA not after: Wed 10 Dec 2025 03:06:34 +0000
asID: 984
IP address blocks: 45.204.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58611 (0xe4f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 03:06:34 2024 GMT
Not After : Dec 10 03:06:34 2025 GMT
Subject: CN=67638dbe-492c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:79:cd:47:b6:69:5e:b1:6a:d9:be:94:25:57:
c4:65:a2:93:2e:20:92:05:fd:5b:d5:75:56:02:69:
86:3c:52:3c:0f:09:c5:fc:14:d4:00:16:64:a4:71:
ef:71:5a:89:b4:21:a9:fe:f3:02:5a:67:58:f7:07:
de:ea:2a:c7:fe:ee:12:a1:57:3a:7b:81:5c:08:09:
de:6d:36:61:d0:3a:fb:33:1a:8e:19:5a:8a:87:6c:
b8:59:21:91:7d:5f:e5:9b:a2:a1:64:ac:13:fe:47:
0f:ed:c0:0b:e3:dd:ad:38:43:af:cb:4a:ea:ba:67:
a7:2b:29:e0:08:3e:70:50:4b:52:eb:7b:03:b7:46:
e2:26:87:1e:17:03:24:fa:11:44:ea:f8:d3:7e:aa:
50:04:f1:23:4f:fe:d2:f7:63:99:8f:46:0b:8f:6a:
7b:a7:8f:79:f3:b0:50:04:0f:27:69:14:a1:9a:96:
e2:e7:fd:ab:08:f3:41:aa:1b:02:15:93:a0:35:e5:
b7:68:a3:74:3b:59:30:fa:ad:c7:f2:27:d9:01:c2:
99:f8:c7:42:71:1c:2e:ad:de:ca:48:07:d6:a1:fe:
b7:4d:b4:44:eb:94:db:c2:ba:75:09:69:82:9e:94:
a5:8a:0a:9d:5c:3f:d2:7e:c7:99:ed:cd:c8:f2:d7:
22:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B3:D0:1E:39:3E:E3:0F:08:3F:9A:CD:34:6B:DF:3C:2B:64:8D:78
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/433ACBBABDB611EF9A0E83AF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.166.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:98:62:8c:63:7b:73:93:4d:d0:4c:0f:0e:49:20:46:ba:83:
40:16:3d:36:2f:a2:5b:bd:d7:88:00:3f:b6:2b:a7:ca:35:51:
36:0b:e1:cf:3c:7a:b9:30:a6:de:4e:b7:32:69:f9:be:ad:c4:
61:3d:43:68:2c:aa:5a:a9:b2:9f:60:49:8d:5d:cf:15:12:55:
80:13:80:e4:b6:11:f8:e3:28:a1:9f:64:7f:29:46:fa:6e:81:
41:f0:b4:0a:e7:df:f2:d1:20:fe:9c:b6:4f:dc:6c:40:de:17:
7c:2d:6c:4c:68:a0:fe:86:cf:9c:95:69:ea:25:7f:ca:8e:74:
ad:7b:f4:4b:dc:d2:f0:f1:d6:04:7b:3d:c1:b8:a6:44:51:20:
cc:47:8b:9c:29:ad:d6:74:01:e9:8b:10:2f:05:43:4a:d8:d6:
8c:2c:6c:49:92:dd:ed:11:51:f0:45:8e:2b:3f:d8:b5:3c:ef:
6d:56:31:dd:3d:dc:cd:27:38:ef:e1:85:0d:11:40:39:56:05:
a5:97:da:b8:f8:6a:b8:0f:a7:da:ce:04:3d:49:a9:5c:17:41:
02:b3:3d:f2:6c:e9:12:7e:c4:00:f3:e0:1c:7c:66:9a:c6:9b:
dc:2e:c1:38:55:f0:5e:ae:a1:1d:3a:af:b1:a7:27:53:1e:1f:
ac:6c:4a:85
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOTzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDMwNjM0WhcNMjUxMjEwMDMwNjM0WjAYMRYw
FAYDVQQDEw02NzYzOGRiZS00OTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6nnNR7ZpXrFq2b6UJVfEZaKTLiCSBf1b1XVWAmmGPFI8DwnF/BTUABZk
pHHvcVqJtCGp/vMCWmdY9wfe6irH/u4SoVc6e4FcCAnebTZh0Dr7MxqOGVqKh2y4
WSGRfV/lm6KhZKwT/kcP7cAL492tOEOvy0rqumenKyngCD5wUEtS63sDt0biJoce
FwMk+hFE6vjTfqpQBPEjT/7S92OZj0YLj2p7p49587BQBA8naRShmpbi5/2rCPNB
qhsCFZOgNeW3aKN0O1kw+q3H8ifZAcKZ+MdCcRwurd7KSAfWof63TbRE65Tbwrp1
CWmCnpSligqdXD/SfseZ7c3I8tciKwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMCz
0B45PuMPCD+azTRr3zwrZI14MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MzNBQ0JCQUJEQjYxMUVGOUEwRTgzQUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcymMA0GCSqGSIb3DQEBCwUA
A4IBAQCfmGKMY3tzk03QTA8OSSBGuoNAFj02L6JbvdeIAD+2K6fKNVE2C+HPPHq5
MKbeTrcyafm+rcRhPUNoLKpaqbKfYEmNXc8VElWAE4DkthH44yihn2R/KUb6boFB
8LQK59/y0SD+nLZP3GxA3hd8LWxMaKD+hs+clWnqJX/KjnSte/RL3NLw8dYEez3B
uKZEUSDMR4ucKa3WdAHpixAvBUNK2NaMLGxJkt3tEVHwRY4rP9i1PO9tVjHdPdzN
Jzjv4YUNEUA5VgWll9q4+Gq4D6fazgQ9SalcF0ECsz3ybOkSfsQA8+AcfGaaxpvc
LsE4VfBerqEdOq+xpydTHh+sbEqF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:13 2025 by rpki-client