Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4960FB68C40511EF98ADC2A2762E951A.roa
File: 4960FB68C40511EF98ADC2A2762E951A.roa (raw, json)
Hash identifier: GZP8m86570Gki12px03tpUOTY+6itFlnMNkhmSv272g=
Subject key identifier: 47:6E:6B:2F:8D:D3:07:5C:81:2C:7A:BC:28:95:8F:78:2A:02:BD:B1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F002
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4960FB68C40511EF98ADC2A2762E951A.roa
Signing time: Fri 27 Dec 2024 03:47:26 +0000
ROA not before: Fri 27 Dec 2024 03:47:22 +0000
ROA not after: Sun 12 Dec 2027 03:47:22 +0000
asID: 17561
IP address blocks: 45.195.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61442 (0xf002)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 03:47:22 2024 GMT
Not After : Dec 12 03:47:22 2027 GMT
Subject: CN=676e234e-8422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4c:bc:69:8f:98:a3:ba:47:d8:50:ff:9e:f5:
51:f0:c1:84:f6:8c:c9:16:30:cd:19:8e:55:91:52:
57:a3:cd:e0:8b:3a:95:5a:0d:d3:cd:1b:ed:3d:5f:
e2:ba:1a:e3:8d:3d:be:2f:79:03:d2:56:31:9a:45:
94:31:d0:e2:db:7a:be:fb:db:1a:12:a5:b7:33:81:
d5:64:4b:94:88:11:da:b3:42:14:eb:8e:26:70:7d:
51:0a:c8:85:50:39:1c:56:8c:d9:15:83:88:ad:00:
c7:74:bd:62:dc:08:4f:dd:67:18:b9:36:c2:1c:f7:
a0:1c:35:40:26:41:d5:23:d8:3a:28:87:6e:bb:52:
6b:4f:e0:dc:2d:88:1f:aa:bf:cc:4f:ca:4f:5b:cd:
a6:92:da:06:fe:29:58:6f:77:fa:55:15:98:a9:b1:
4c:13:4d:c4:1d:91:32:3b:c8:1d:93:64:84:dd:42:
7b:20:96:4a:b5:29:e3:bc:ae:3d:15:7c:69:ef:74:
f6:75:0e:8f:c1:4c:a2:dc:84:f5:2f:3f:fe:8e:77:
fc:f4:bc:4b:c2:df:bc:7b:ba:fb:42:c2:1a:2c:fe:
b1:e8:28:85:de:8c:49:4b:7c:0c:85:9d:a6:47:49:
3f:77:f3:76:be:a9:ce:4c:a7:b3:d7:67:b9:7c:fa:
e8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:6E:6B:2F:8D:D3:07:5C:81:2C:7A:BC:28:95:8F:78:2A:02:BD:B1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4960FB68C40511EF98ADC2A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.253.0/24
Signature Algorithm: sha256WithRSAEncryption
74:ce:2b:05:2d:67:0f:ee:6a:b5:37:89:cb:83:dd:29:02:ae:
69:7d:39:55:65:48:46:3a:97:a1:81:3d:74:5a:01:fb:38:f8:
5d:af:68:04:d3:7c:d1:f2:3a:06:33:cf:41:98:a4:ea:13:e3:
21:c4:73:33:5a:c9:90:b8:52:a5:13:4d:9f:ac:c2:b9:79:c5:
f9:54:1a:98:79:4a:45:3f:f2:d8:46:01:28:06:14:b0:c5:d1:
9f:44:0f:b4:18:9d:dc:b3:c1:ce:1d:49:af:c5:e8:85:f5:30:
60:5c:7f:3f:e9:0e:e2:13:0d:52:8f:4d:cb:1e:d9:2d:c4:e3:
04:02:64:ee:10:06:0e:ef:46:37:3e:40:e3:b4:2f:66:25:9e:
96:80:dc:3c:8c:f3:ef:0d:e9:cf:b4:94:c0:bb:df:63:4d:b2:
ef:cb:9e:48:d9:c8:6a:3b:e8:a3:4a:46:73:a8:a1:c1:25:54:
ff:43:9d:c7:0e:19:4f:3f:42:6f:0c:dc:01:6c:d3:2f:f0:bd:
70:a3:d5:60:b5:ad:dc:4c:10:e0:67:93:57:c1:91:29:78:92:
9f:b8:6a:68:5f:b1:5e:72:24:04:23:18:91:1b:9c:d3:16:86:
83:35:2b:cf:55:91:9a:5a:57:15:53:6f:48:fc:f4:05:62:99:
a2:72:52:7b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPACMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDM0NzIyWhcNMjcxMjEyMDM0NzIyWjAYMRYw
FAYDVQQDEw02NzZlMjM0ZS04NDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzUy8aY+Yo7pH2FD/nvVR8MGE9ozJFjDNGY5VkVJXo83gizqVWg3TzRvt
PV/iuhrjjT2+L3kD0lYxmkWUMdDi23q++9saEqW3M4HVZEuUiBHas0IU644mcH1R
CsiFUDkcVozZFYOIrQDHdL1i3AhP3WcYuTbCHPegHDVAJkHVI9g6KIduu1JrT+Dc
LYgfqr/MT8pPW82mktoG/ilYb3f6VRWYqbFME03EHZEyO8gdk2SE3UJ7IJZKtSnj
vK49FXxp73T2dQ6PwUyi3IT1Lz/+jnf89LxLwt+8e7r7QsIaLP6x6CiF3oxJS3wM
hZ2mR0k/d/N2vqnOTKez12e5fProwQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEdu
ay+N0wdcgSx6vCiVj3gqAr2xMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OTYwRkI2OEM0MDUxMUVGOThBREMyQTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcP9MA0GCSqGSIb3DQEBCwUA
A4IBAQB0zisFLWcP7mq1N4nLg90pAq5pfTlVZUhGOpehgT10WgH7OPhdr2gE03zR
8joGM89BmKTqE+MhxHMzWsmQuFKlE02frMK5ecX5VBqYeUpFP/LYRgEoBhSwxdGf
RA+0GJ3cs8HOHUmvxeiF9TBgXH8/6Q7iEw1Sj03LHtktxOMEAmTuEAYO70Y3PkDj
tC9mJZ6WgNw8jPPvDenPtJTAu99jTbLvy55I2chqO+ijSkZzqKHBJVT/Q53HDhlP
P0JvDNwBbNMv8L1wo9Vgta3cTBDgZ5NXwZEpeJKfuGpoX7FeciQEIxiRG5zTFoaD
NSvPVZGaWlcVU29I/PQFYpmiclJ7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:12 2025 by rpki-client