Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50DB8782C38811EF9E67EB7A762E951A.roa
File: 50DB8782C38811EF9E67EB7A762E951A.roa (raw, json)
Hash identifier: Jy8xQWHn1b9Z53Dwo73KDbrcWnjuruXOLT5ZZO5iImk=
Subject key identifier: 6E:D2:5B:8A:60:5C:47:7E:A8:84:9A:E7:9F:DC:35:DD:7A:5B:9B:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC8B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50DB8782C38811EF9E67EB7A762E951A.roa
Signing time: Thu 26 Dec 2024 12:52:51 +0000
ROA not before: Thu 26 Dec 2024 12:52:47 +0000
ROA not after: Sun 12 Dec 2027 12:52:47 +0000
asID: 17561
IP address blocks: 45.196.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60555 (0xec8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 12:52:47 2024 GMT
Not After : Dec 12 12:52:47 2027 GMT
Subject: CN=676d51a3-65dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:48:2c:b6:cc:fa:8f:cf:4f:0c:8a:e2:bb:18:
f5:f5:18:aa:54:23:a1:5d:49:17:8e:a0:53:8a:a2:
06:95:ae:ea:8a:69:ae:32:c5:f1:33:0c:22:ad:c0:
81:d7:d4:78:e9:6d:e9:87:86:34:b8:8f:e5:be:4a:
d5:bc:a6:3a:35:ed:fb:d7:11:a5:b9:ce:a8:90:74:
43:0c:5d:67:3c:09:3d:db:e0:a6:90:b9:62:83:54:
1e:ec:ee:b1:aa:35:e5:37:7f:bc:4f:04:2a:f3:52:
93:50:32:a8:3c:da:26:b5:ec:fc:b1:aa:13:db:b7:
ee:d4:27:58:6e:89:63:4f:6d:af:bc:9b:83:fd:14:
ba:08:49:ed:99:cd:e1:53:e8:6a:62:54:a0:5a:39:
2b:a6:b1:d4:af:d8:5b:54:6c:0b:e2:c1:13:df:bd:
87:5c:df:91:32:42:88:a4:f4:46:c6:f1:49:50:eb:
97:e2:28:9a:c2:1f:d5:91:1e:33:9d:66:11:ac:35:
49:cb:9d:e3:1d:82:fc:0b:a8:67:40:a0:84:ff:25:
4a:f4:6e:9f:7f:18:1a:6a:53:29:f1:8a:f2:ab:84:
b6:58:7e:27:d6:87:83:66:dc:1a:07:4e:1e:3d:e6:
2f:7e:13:47:fd:f1:e5:0f:c7:86:d4:12:e4:92:63:
44:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D2:5B:8A:60:5C:47:7E:A8:84:9A:E7:9F:DC:35:DD:7A:5B:9B:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50DB8782C38811EF9E67EB7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.139.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:b9:37:b2:e7:df:05:cf:30:b5:98:4e:0a:e0:a0:9f:b9:b8:
67:a0:bb:89:29:a0:5a:7c:71:45:2d:db:9c:60:b2:69:4b:d9:
52:4d:d0:9e:da:fc:9c:0f:b9:96:cc:c2:65:fc:46:e4:ac:bd:
5d:3a:0b:cb:75:bb:5e:41:31:e8:60:92:51:1d:76:a7:19:d5:
e3:dc:74:4b:e7:b2:77:7a:8c:3b:cf:15:38:da:16:26:d6:f2:
c7:86:bc:83:6f:a7:64:29:7e:38:e2:c9:49:c7:ef:de:ef:20:
d2:3d:11:94:9c:a0:0e:f1:e7:bb:22:5a:55:4f:73:3b:5a:c0:
1b:21:78:70:50:88:54:71:dc:76:d5:7b:1a:b3:a7:ea:cb:8d:
8e:7a:ec:6f:42:2a:58:73:82:a0:7f:8e:aa:f7:e7:55:49:b5:
a5:e2:0a:a6:92:71:6d:17:5c:be:c9:1d:25:6b:10:7b:3c:00:
0a:c6:15:88:00:ee:26:5a:ec:c3:78:aa:f6:20:5e:49:ef:88:
a7:06:35:d8:5c:43:cf:9f:a7:ac:75:6e:d5:b9:96:ee:c9:b2:
5d:b6:46:31:aa:e1:7b:c3:63:95:f3:8e:89:d0:36:eb:3a:9f:
4c:51:91:98:e1:c5:d5:d8:44:2b:27:3c:72:49:6b:c5:ba:0e:
51:33:b4:00
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOyLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTI1MjQ3WhcNMjcxMjEyMTI1MjQ3WjAYMRYw
FAYDVQQDEw02NzZkNTFhMy02NWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwkgstsz6j89PDIriuxj19RiqVCOhXUkXjqBTiqIGla7qimmuMsXxMwwi
rcCB19R46W3ph4Y0uI/lvkrVvKY6Ne371xGluc6okHRDDF1nPAk92+CmkLlig1Qe
7O6xqjXlN3+8TwQq81KTUDKoPNomtez8saoT27fu1CdYboljT22vvJuD/RS6CEnt
mc3hU+hqYlSgWjkrprHUr9hbVGwL4sET372HXN+RMkKIpPRGxvFJUOuX4iiawh/V
kR4znWYRrDVJy53jHYL8C6hnQKCE/yVK9G6ffxgaalMp8Yryq4S2WH4n1oeDZtwa
B04ePeYvfhNH/fHlD8eG1BLkkmNEawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG7S
W4pgXEd+qISa55/cNd16W5udMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MERCODc4MkMzODgxMUVGOUU2N0VCN0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcSLMA0GCSqGSIb3DQEBCwUA
A4IBAQA7uTey598FzzC1mE4K4KCfubhnoLuJKaBafHFFLducYLJpS9lSTdCe2vyc
D7mWzMJl/EbkrL1dOgvLdbteQTHoYJJRHXanGdXj3HRL57J3eow7zxU42hYm1vLH
hryDb6dkKX444slJx+/e7yDSPRGUnKAO8ee7IlpVT3M7WsAbIXhwUIhUcdx21Xsa
s6fqy42OeuxvQipYc4Kgf46q9+dVSbWl4gqmknFtF1y+yR0laxB7PAAKxhWIAO4m
WuzDeKr2IF5J74inBjXYXEPPn6esdW7VuZbuybJdtkYxquF7w2OV846J0DbrOp9M
UZGY4cXV2EQrJzxySWvFug5RM7QA
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:31 2025 by rpki-client