Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FB7675AC3AF11EF8D47E470762E951A.roa
File: 4FB7675AC3AF11EF8D47E470762E951A.roa (raw, json)
Hash identifier: DBqxEouVnca61P0AHBTpJpRgQqZIkH286uaK+Q3iZPc=
Subject key identifier: 97:B8:A2:A0:4D:B3:2C:DA:AE:83:BE:50:6F:65:C2:E6:64:82:F4:32
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE2F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FB7675AC3AF11EF8D47E470762E951A.roa
Signing time: Thu 26 Dec 2024 17:32:00 +0000
ROA not before: Thu 26 Dec 2024 17:31:56 +0000
ROA not after: Sun 12 Dec 2027 17:31:56 +0000
asID: 17561
IP address blocks: 45.202.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60975 (0xee2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 17:31:56 2024 GMT
Not After : Dec 12 17:31:56 2027 GMT
Subject: CN=676d930f-3b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:bd:94:fa:cc:7a:92:00:14:95:40:43:27:a3:
19:6c:e9:b9:97:a5:a7:bc:12:a1:4d:19:a6:f8:9a:
9b:7c:08:78:b4:26:65:a1:99:ea:7d:49:47:56:2c:
db:0f:fa:5f:5f:37:30:e5:0e:69:86:6f:bf:d4:82:
24:66:e3:0a:e2:6e:c7:2f:bd:a6:74:08:70:6c:a7:
5d:e7:87:12:e3:1b:1f:ef:5a:89:c5:6a:36:2a:da:
25:45:e1:6d:34:b5:41:16:96:fc:f7:e3:21:45:31:
fe:1e:d7:0e:86:8d:0e:a5:40:64:84:49:5d:d7:d3:
f9:10:2f:91:c8:f8:a9:3a:55:dd:eb:d9:25:43:17:
81:98:1a:19:bc:15:b1:27:90:65:71:15:8b:90:79:
60:90:4e:64:31:b4:fd:e4:f4:c8:74:6e:60:c3:38:
24:1c:d9:b8:c4:2a:59:f8:12:d7:6c:c0:09:6e:3f:
54:58:bf:23:b0:b4:ae:c8:10:4c:04:d1:cb:0d:1e:
b8:f6:0d:64:f8:e6:01:b0:79:8e:2d:0e:69:83:ca:
30:df:f1:b5:19:d6:92:a1:91:98:31:42:2e:cb:d8:
c3:cc:dd:18:7e:ff:dd:07:67:2e:2e:5a:ce:3c:9f:
39:f6:56:88:6b:3d:e5:5f:74:4e:66:03:b5:9e:9d:
3b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B8:A2:A0:4D:B3:2C:DA:AE:83:BE:50:6F:65:C2:E6:64:82:F4:32
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FB7675AC3AF11EF8D47E470762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.10.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:2a:d9:2a:a7:84:65:ba:7a:d6:3d:3f:cc:01:83:39:c8:c1:
06:d9:c8:1b:dd:42:d7:02:bc:94:c6:11:fc:0d:8e:7b:de:10:
3c:e7:a1:67:31:15:6e:4e:90:a6:1d:89:dd:1c:79:cc:71:26:
ad:3a:af:25:07:c9:4f:58:2c:1e:de:2a:04:63:48:76:8d:c9:
62:76:a2:0a:23:10:ce:fd:be:6b:c4:14:8f:e9:6d:1a:43:b8:
15:4b:5b:b5:ff:02:9f:f4:3d:fd:8b:52:22:13:dd:50:3e:3c:
a0:71:58:2f:76:15:48:46:cc:a4:23:71:d8:14:3b:7d:d3:6c:
5f:68:b1:f9:4a:cc:73:50:bf:05:d0:7b:ce:13:1b:46:98:bc:
c9:16:55:cd:3d:e8:34:87:cb:d9:c5:49:c6:37:4b:bc:fa:c3:
4b:35:3f:b5:7e:61:f6:a8:c7:13:db:c0:31:59:96:43:cc:cd:
fd:3f:09:03:40:1b:89:fc:82:36:ca:59:69:33:67:c3:ad:28:
7a:f3:56:3d:51:2c:f6:6d:11:b8:45:45:39:2f:c6:00:ff:85:
7b:1e:95:86:b7:75:68:48:77:df:8f:0a:52:d2:4b:a7:bc:2a:
75:b7:b7:88:94:2d:07:be:71:a3:b8:38:e4:5a:02:50:07:0e:
14:d3:c0:bb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO4vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTczMTU2WhcNMjcxMjEyMTczMTU2WjAYMRYw
FAYDVQQDEw02NzZkOTMwZi0zYjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7r2U+sx6kgAUlUBDJ6MZbOm5l6WnvBKhTRmm+JqbfAh4tCZloZnqfUlH
VizbD/pfXzcw5Q5phm+/1IIkZuMK4m7HL72mdAhwbKdd54cS4xsf71qJxWo2Ktol
ReFtNLVBFpb89+MhRTH+HtcOho0OpUBkhEld19P5EC+RyPipOlXd69klQxeBmBoZ
vBWxJ5BlcRWLkHlgkE5kMbT95PTIdG5gwzgkHNm4xCpZ+BLXbMAJbj9UWL8jsLSu
yBBMBNHLDR649g1k+OYBsHmOLQ5pg8ow3/G1GdaSoZGYMUIuy9jDzN0Yfv/dB2cu
LlrOPJ859laIaz3lX3ROZgO1np07fwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJe4
oqBNsyzaroO+UG9lwuZkgvQyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RkI3Njc1QUMzQUYxMUVGOEQ0N0U0NzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcoKMA0GCSqGSIb3DQEBCwUA
A4IBAQBeKtkqp4RlunrWPT/MAYM5yMEG2cgb3ULXAryUxhH8DY573hA856FnMRVu
TpCmHYndHHnMcSatOq8lB8lPWCwe3ioEY0h2jclidqIKIxDO/b5rxBSP6W0aQ7gV
S1u1/wKf9D39i1IiE91QPjygcVgvdhVIRsykI3HYFDt902xfaLH5SsxzUL8F0HvO
ExtGmLzJFlXNPeg0h8vZxUnGN0u8+sNLNT+1fmH2qMcT28AxWZZDzM39PwkDQBuJ
/II2yllpM2fDrSh681Y9USz2bRG4RUU5L8YA/4V7HpWGt3VoSHffjwpS0kunvCp1
t7eIlC0HvnGjuDjkWgJQBw4U08C7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:57 2025 by rpki-client