Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A6D7468BDDA11EFAE807591762E951A.roa
File: 4A6D7468BDDA11EFAE807591762E951A.roa (raw, json)
Hash identifier: JUmaJK+EQWdKnLge3FUzNIqu1vPwfpHsXwShoUG0aY8=
Subject key identifier: 58:56:78:27:70:F8:90:83:E2:6D:0E:18:FB:06:7A:66:29:11:45:92
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E5C3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A6D7468BDDA11EFAE807591762E951A.roa
Signing time: Thu 19 Dec 2024 07:24:32 +0000
ROA not before: Thu 19 Dec 2024 07:24:29 +0000
ROA not after: Thu 06 Feb 2025 07:24:29 +0000
asID: 42831
IP address blocks: 45.198.128.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 07:24:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58819 (0xe5c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 07:24:29 2024 GMT
Not After : Feb 6 07:24:29 2025 GMT
Subject: CN=6763ca30-0106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1a:2a:ec:f2:a8:83:a3:51:37:22:b6:28:16:
27:e5:a0:25:13:c1:42:f7:96:d8:83:52:b5:93:b2:
e9:1d:83:ed:1f:95:ca:04:80:af:ed:fb:5c:b9:5a:
46:df:f0:fa:0d:a4:6e:6e:87:a1:4a:6b:bd:9c:8e:
d8:11:d2:bc:db:b4:38:0f:b2:fc:19:88:02:d0:18:
8f:b5:4b:1a:cd:94:fe:1c:88:21:61:50:ed:7e:a9:
27:59:3b:f7:93:f0:83:78:ff:e8:97:c8:52:e3:02:
5a:3f:56:20:98:63:42:0f:ef:16:1a:c6:fd:c5:7d:
c7:f4:a9:5a:58:f8:e2:6f:29:a2:c6:c6:f0:75:2a:
a0:a9:9d:e2:9c:b6:f8:a4:cb:fc:0b:4e:b5:31:60:
00:c6:bd:46:2f:5c:b2:f4:2b:fc:af:b8:4f:3e:0b:
08:4e:c0:67:ea:37:bb:d8:92:3f:57:cd:0c:6b:91:
46:cb:99:c8:0e:32:81:2c:aa:24:33:69:be:19:a4:
ab:83:5b:b1:9f:fa:b1:fc:91:8d:c9:41:c6:83:3a:
70:67:7a:7b:88:75:94:96:9a:75:2a:ee:11:4f:64:
89:34:9e:6e:3d:18:7c:95:58:41:91:19:00:c2:bf:
59:09:0e:bc:ff:f4:ef:e2:21:36:ea:4b:3d:10:68:
f0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:56:78:27:70:F8:90:83:E2:6D:0E:18:FB:06:7A:66:29:11:45:92
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A6D7468BDDA11EFAE807591762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.128.0/19
Signature Algorithm: sha256WithRSAEncryption
97:cf:c1:1a:3d:6d:10:9d:fb:1b:c5:a6:df:58:bc:8f:eb:9d:
b0:43:d1:9c:6e:89:c1:9f:29:f9:ca:81:fe:f4:2b:bb:e3:14:
51:14:73:36:ce:ef:85:67:c0:19:68:29:ff:d4:e6:0d:1d:e4:
41:a6:fc:8b:5d:d9:91:3f:96:fe:2d:70:50:cc:5b:a6:34:73:
64:7d:51:72:eb:0a:7b:4d:90:4e:7f:df:05:b5:7c:9d:9c:b8:
c4:a9:24:d2:89:58:d1:89:66:c6:7b:04:ba:02:5c:94:c7:77:
2e:78:d9:c6:3c:f9:b4:a4:fd:5a:0a:78:0a:16:d9:e8:8f:c9:
33:c2:34:4c:1b:2b:80:e8:83:eb:34:f4:b7:d1:79:6f:62:fe:
d9:7c:cd:bc:72:f2:e0:b9:fa:9f:cb:29:4f:08:6e:a2:04:97:
d2:b4:d3:8e:3b:a2:17:15:50:5b:9f:2f:70:70:34:03:9e:c1:
6a:2e:b2:fb:39:8c:f3:dc:7c:d6:62:fb:be:42:94:64:bb:bc:
16:07:71:22:52:e1:47:94:15:d6:42:24:2c:fc:3e:f3:1e:5e:
98:2b:f4:8e:9c:75:ee:af:1d:39:53:90:b5:33:56:72:84:36:
60:a1:c9:70:e8:5d:8a:d4:f9:d2:94:c3:37:e3:da:3e:1d:71:
85:1a:a2:d9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOXDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDcyNDI5WhcNMjUwMjA2MDcyNDI5WjAYMRYw
FAYDVQQDEw02NzYzY2EzMC0wMTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuhoq7PKog6NRNyK2KBYn5aAlE8FC95bYg1K1k7LpHYPtH5XKBICv7ftc
uVpG3/D6DaRuboehSmu9nI7YEdK827Q4D7L8GYgC0BiPtUsazZT+HIghYVDtfqkn
WTv3k/CDeP/ol8hS4wJaP1YgmGNCD+8WGsb9xX3H9KlaWPjibymixsbwdSqgqZ3i
nLb4pMv8C061MWAAxr1GL1yy9Cv8r7hPPgsITsBn6je72JI/V80Ma5FGy5nIDjKB
LKokM2m+GaSrg1uxn/qx/JGNyUHGgzpwZ3p7iHWUlpp1Ku4RT2SJNJ5uPRh8lVhB
kRkAwr9ZCQ68//Tv4iE26ks9EGjw3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFhW
eCdw+JCD4m0OGPsGemYpEUWSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QTZENzQ2OEJEREExMUVGQUU4MDc1OTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLcaAMA0GCSqGSIb3DQEBCwUA
A4IBAQCXz8EaPW0QnfsbxabfWLyP652wQ9GcbonBnyn5yoH+9Cu74xRRFHM2zu+F
Z8AZaCn/1OYNHeRBpvyLXdmRP5b+LXBQzFumNHNkfVFy6wp7TZBOf98FtXydnLjE
qSTSiVjRiWbGewS6AlyUx3cueNnGPPm0pP1aCngKFtnoj8kzwjRMGyuA6IPrNPS3
0XlvYv7ZfM28cvLgufqfyylPCG6iBJfStNOOO6IXFVBbny9wcDQDnsFqLrL7OYzz
3HzWYvu+QpRku7wWB3EiUuFHlBXWQiQs/D7zHl6YK/SOnHXurx05U5C1M1ZyhDZg
oclw6F2K1PnSlMM349o+HXGFGqLZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:45 2025 by rpki-client