Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4664F77AC39211EFAFCDD6B9762E951A.roa
File: 4664F77AC39211EFAFCDD6B9762E951A.roa (raw, json)
Hash identifier: FpObWx/2HufTqkQ3/MqFTutQXa2cYzIAs5IyLOlNVqA=
Subject key identifier: C2:EC:1D:D9:BE:FF:08:CB:8C:35:3C:DF:B2:39:B7:BF:F2:9B:F9:B7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECF7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4664F77AC39211EFAFCDD6B9762E951A.roa
Signing time: Thu 26 Dec 2024 14:04:09 +0000
ROA not before: Thu 26 Dec 2024 14:04:05 +0000
ROA not after: Sun 12 Dec 2027 14:04:05 +0000
asID: 17561
IP address blocks: 45.196.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60663 (0xecf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 14:04:05 2024 GMT
Not After : Dec 12 14:04:05 2027 GMT
Subject: CN=676d6258-e015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:aa:66:01:22:75:05:6a:05:65:18:6f:aa:5e:
33:4b:c2:b6:e7:ca:71:27:31:04:1d:b8:96:70:14:
92:90:b1:19:27:b4:9b:50:5b:37:95:cb:f1:68:44:
96:1e:04:7e:ef:30:83:8b:88:75:06:31:71:d9:d0:
68:fd:7e:da:12:b0:e1:03:2a:35:7b:bd:cc:64:65:
56:e8:8c:aa:52:75:37:34:67:76:f2:1f:e0:91:65:
9d:af:82:cc:9b:b5:2e:33:93:46:ff:64:27:b5:2c:
ea:44:7f:ad:e3:9a:ad:0f:7e:53:00:76:e2:75:83:
e5:49:b9:17:78:c9:06:f4:20:9e:89:9e:ce:41:f4:
62:66:d7:71:80:59:3f:8c:1c:06:ac:17:d0:af:41:
d1:52:5c:4f:83:a5:16:2a:bb:34:d9:98:34:d6:f8:
23:19:2c:f3:c4:4b:c7:fe:17:43:ca:4c:cf:99:76:
55:6e:b6:28:64:9c:6e:00:8a:8e:f9:54:53:fb:14:
b4:fa:00:ba:29:92:df:f7:93:e4:93:53:d6:c8:cf:
61:a7:d3:14:16:45:c6:7a:bf:36:10:ac:46:95:4d:
62:b7:8e:94:47:00:8b:3a:c1:d5:c9:3c:1d:9f:fc:
cf:9d:5d:d8:24:a6:b6:97:12:25:4f:55:eb:de:70:
91:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:EC:1D:D9:BE:FF:08:CB:8C:35:3C:DF:B2:39:B7:BF:F2:9B:F9:B7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4664F77AC39211EFAFCDD6B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.237.0/24
Signature Algorithm: sha256WithRSAEncryption
81:67:29:a4:32:3e:51:73:3f:15:a7:b7:f9:ab:90:36:e2:40:
5e:07:36:cb:71:b5:83:47:a4:77:45:0d:b6:be:84:86:5d:0d:
5c:b1:b8:f2:e4:64:c1:7e:45:47:0c:9b:12:e7:6b:8a:83:99:
98:d6:05:4e:2b:5e:88:36:38:60:cc:c0:14:e7:17:e5:57:41:
59:c4:50:01:af:f7:4d:ec:61:b8:53:44:f4:df:0d:79:cb:cc:
a2:5d:99:0a:7d:2f:79:2a:b1:2d:58:56:d8:68:11:b4:8e:39:
e2:ed:96:2d:53:19:70:99:29:3e:4a:ec:1a:41:f7:96:09:a7:
ea:f4:6c:02:2b:b5:34:83:8e:72:9a:89:e5:71:2d:01:c2:c7:
e3:f3:5c:89:dc:02:7a:96:31:15:ff:e3:04:ef:ea:f4:0e:ca:
b7:bd:aa:35:84:b3:91:e4:09:83:52:7f:35:24:67:5b:4f:5a:
f3:c6:ba:3a:58:37:3c:ce:69:12:2c:1e:02:40:af:c1:ee:73:
52:aa:df:b3:10:3f:3e:ca:23:fe:51:ee:38:9e:5a:a6:a2:0c:
09:bc:5e:65:e0:cc:20:7f:93:67:66:0f:b5:7b:d0:08:d6:96:
32:ab:b0:ed:bf:cc:48:a2:85:f2:4f:c8:c7:b5:88:65:44:b5:
6d:a7:ca:a1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOz3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTQwNDA1WhcNMjcxMjEyMTQwNDA1WjAYMRYw
FAYDVQQDEw02NzZkNjI1OC1lMDE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4qpmASJ1BWoFZRhvql4zS8K258pxJzEEHbiWcBSSkLEZJ7SbUFs3lcvx
aESWHgR+7zCDi4h1BjFx2dBo/X7aErDhAyo1e73MZGVW6IyqUnU3NGd28h/gkWWd
r4LMm7UuM5NG/2QntSzqRH+t45qtD35TAHbidYPlSbkXeMkG9CCeiZ7OQfRiZtdx
gFk/jBwGrBfQr0HRUlxPg6UWKrs02Zg01vgjGSzzxEvH/hdDykzPmXZVbrYoZJxu
AIqO+VRT+xS0+gC6KZLf95Pkk1PWyM9hp9MUFkXGer82EKxGlU1it46URwCLOsHV
yTwdn/zPnV3YJKa2lxIlT1Xr3nCRqQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMLs
Hdm+/wjLjDU837I5t7/ym/m3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NjY0Rjc3QUMzOTIxMUVGQUZDREQ2Qjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTtMA0GCSqGSIb3DQEBCwUA
A4IBAQCBZymkMj5Rcz8Vp7f5q5A24kBeBzbLcbWDR6R3RQ22voSGXQ1csbjy5GTB
fkVHDJsS52uKg5mY1gVOK16INjhgzMAU5xflV0FZxFABr/dN7GG4U0T03w15y8yi
XZkKfS95KrEtWFbYaBG0jjni7ZYtUxlwmSk+SuwaQfeWCafq9GwCK7U0g45ymonl
cS0Bwsfj81yJ3AJ6ljEV/+ME7+r0Dsq3vao1hLOR5AmDUn81JGdbT1rzxro6WDc8
zmkSLB4CQK/B7nNSqt+zED8+yiP+Ue44nlqmogwJvF5l4Mwgf5NnZg+1e9AI1pYy
q7Dtv8xIooXyT8jHtYhlRLVtp8qh
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:40 2025 by rpki-client