Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47345716BDB311EFB5D6679B762E951A.roa
File: 47345716BDB311EFB5D6679B762E951A.roa (raw, json)
Hash identifier: gqRRL5Yr5PfSJA9yfXGvmBy88jC3FiSEYAG4ngfkDrQ=
Subject key identifier: 9C:1D:29:E2:23:26:93:E6:3D:5C:93:E7:61:11:BF:56:25:61:82:59
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E4CD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47345716BDB311EFB5D6679B762E951A.roa
Signing time: Thu 19 Dec 2024 02:45:16 +0000
ROA not before: Thu 19 Dec 2024 02:45:13 +0000
ROA not after: Wed 10 Dec 2025 02:45:13 +0000
asID: 984
IP address blocks: 45.198.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58573 (0xe4cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 02:45:13 2024 GMT
Not After : Dec 10 02:45:13 2025 GMT
Subject: CN=676388bc-7c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:51:7f:39:a9:54:6b:7b:ba:72:9d:05:ad:e7:
52:6f:60:35:6f:35:fb:76:93:3f:a0:bc:b7:64:7b:
da:ae:6e:14:0d:4b:49:ab:8c:31:89:16:65:ff:5b:
7b:08:c1:7f:b0:5f:40:c5:90:3b:75:da:2c:2f:23:
9f:28:e7:8e:b2:3a:99:c4:af:b5:c7:c7:34:56:2c:
06:1c:c5:31:d0:71:5f:29:88:75:78:3c:8b:28:06:
f6:36:6c:2f:65:9f:cc:98:d3:2c:01:d2:3e:5a:fa:
fe:19:25:6c:57:55:aa:ff:27:dd:3b:5f:11:d5:45:
c4:15:c1:86:4b:ed:bf:91:4c:eb:7e:bd:92:64:6c:
dd:07:6a:ae:eb:83:0e:c1:13:d6:06:74:c9:7c:87:
b0:de:67:ca:d0:27:52:0c:62:ed:87:6b:43:87:2d:
a5:ac:e0:6e:3c:07:97:cc:67:00:a9:2d:38:46:b4:
04:22:88:4f:e2:6f:d8:0b:74:a8:07:7e:78:fd:fa:
90:7e:87:43:57:88:32:11:8a:87:0b:f0:21:90:52:
e8:63:ab:d1:60:ac:51:bb:9b:ad:36:3b:ac:c3:ca:
76:11:7a:0f:4f:ef:fa:33:49:e5:25:87:59:27:72:
30:29:e3:f1:41:6b:3f:d0:3f:dc:e6:8a:14:d0:26:
59:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1D:29:E2:23:26:93:E6:3D:5C:93:E7:61:11:BF:56:25:61:82:59
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47345716BDB311EFB5D6679B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.254.0/24
Signature Algorithm: sha256WithRSAEncryption
99:7b:8f:6f:32:4a:0e:9e:2a:d1:c0:5a:f9:93:c0:08:50:2a:
45:e2:2d:41:2b:31:db:96:02:63:c8:0d:03:99:f8:e8:56:91:
4b:f8:82:98:69:d7:0b:be:48:2b:fe:57:58:c9:5b:d7:71:b3:
7b:96:74:ad:56:39:7f:42:6e:65:c5:6f:7d:b5:32:4d:94:db:
cc:4a:4e:0d:6e:9b:8d:50:c4:f7:47:9a:67:74:be:97:4d:2e:
49:84:c3:f7:eb:5f:75:fc:88:6e:12:ef:c1:35:b1:d1:72:34:
7d:db:eb:fb:09:75:50:d0:de:9a:49:4a:43:b5:bb:2a:d8:63:
16:14:4d:bf:06:59:3b:3c:eb:53:f3:8a:ba:4b:58:4f:50:3b:
bd:40:f3:40:4a:4b:bb:79:97:80:d8:28:a2:49:10:75:59:8c:
b1:e7:ff:86:8c:a1:ff:ab:92:01:e7:d5:db:f0:a4:9d:81:4f:
2b:82:12:ce:ef:28:00:f6:7e:ab:29:af:c1:69:dd:7b:36:b8:
18:9a:36:da:e7:26:ed:9f:e3:59:63:f2:a2:0b:71:f1:d2:10:
ea:da:6b:0c:d9:43:32:8b:62:c1:f1:b3:47:29:35:7e:b6:eb:
54:82:be:62:c4:51:5b:87:89:54:1f:82:16:a0:64:57:c4:16:
92:73:41:54
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOTNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDI0NTEzWhcNMjUxMjEwMDI0NTEzWjAYMRYw
FAYDVQQDEw02NzYzODhiYy03YzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy1F/OalUa3u6cp0FredSb2A1bzX7dpM/oLy3ZHvarm4UDUtJq4wxiRZl
/1t7CMF/sF9AxZA7ddosLyOfKOeOsjqZxK+1x8c0ViwGHMUx0HFfKYh1eDyLKAb2
NmwvZZ/MmNMsAdI+Wvr+GSVsV1Wq/yfdO18R1UXEFcGGS+2/kUzrfr2SZGzdB2qu
64MOwRPWBnTJfIew3mfK0CdSDGLth2tDhy2lrOBuPAeXzGcAqS04RrQEIohP4m/Y
C3SoB354/fqQfodDV4gyEYqHC/AhkFLoY6vRYKxRu5utNjusw8p2EXoPT+/6M0nl
JYdZJ3IwKePxQWs/0D/c5ooU0CZZpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJwd
KeIjJpPmPVyT52ERv1YlYYJZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NzM0NTcxNkJEQjMxMUVGQjVENjY3OUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcb+MA0GCSqGSIb3DQEBCwUA
A4IBAQCZe49vMkoOnirRwFr5k8AIUCpF4i1BKzHblgJjyA0DmfjoVpFL+IKYadcL
vkgr/ldYyVvXcbN7lnStVjl/Qm5lxW99tTJNlNvMSk4NbpuNUMT3R5pndL6XTS5J
hMP36191/IhuEu/BNbHRcjR92+v7CXVQ0N6aSUpDtbsq2GMWFE2/Blk7POtT84q6
S1hPUDu9QPNASku7eZeA2CiiSRB1WYyx5/+GjKH/q5IB59Xb8KSdgU8rghLO7ygA
9n6rKa/Bad17NrgYmjba5ybtn+NZY/KiC3Hx0hDq2msM2UMyi2LB8bNHKTV+tutU
gr5ixFFbh4lUH4IWoGRXxBaSc0FU
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:24 2025 by rpki-client