Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D18C676B5FB11EF8BE53C92762E951A.roa
File: 5D18C676B5FB11EF8BE53C92762E951A.roa (raw, json)
Hash identifier: o3UOob4wpA54ndGckfIRsD49U2OAsf4LJD+wsVEUII4=
Subject key identifier: C4:AA:60:9F:D7:7B:D0:E5:1D:89:DA:AD:B8:CC:71:E1:0D:15:8A:78
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E14E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D18C676B5FB11EF8BE53C92762E951A.roa
Signing time: Mon 09 Dec 2024 07:01:08 +0000
ROA not before: Mon 09 Dec 2024 07:01:04 +0000
ROA not after: Thu 06 Feb 2025 07:01:04 +0000
asID: 149014
IP address blocks: 45.192.184.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 07:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57678 (0xe14e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 9 07:01:04 2024 GMT
Not After : Feb 6 07:01:04 2025 GMT
Subject: CN=675695b3-e687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e9:8a:11:b7:24:58:82:5d:57:33:a3:53:83:
84:14:d1:0c:32:56:df:22:4b:8e:5d:87:2e:66:11:
9c:51:44:7b:52:e7:92:1e:1d:f4:d7:8d:a1:19:3e:
95:3d:b5:a2:8c:0b:b3:d9:8e:01:2d:b8:63:b0:19:
df:55:1c:4f:4c:50:38:cc:ce:ac:9b:a3:19:b4:55:
32:43:bc:f4:34:57:f4:f3:66:61:8b:1d:7c:fe:51:
7b:6e:66:2c:36:90:d7:de:c0:92:cf:d2:e1:47:7f:
18:7a:bd:60:9e:8c:54:1c:5c:8d:ad:da:1a:7a:0a:
71:07:00:68:52:b5:5b:66:98:70:44:88:94:39:ec:
85:c8:4b:7f:40:79:6d:fa:c8:5d:ab:b2:83:1a:79:
b6:a8:d7:16:32:be:85:98:e7:1c:1c:05:e2:35:9c:
5a:a1:bc:78:01:10:2a:89:a3:dc:60:45:ef:a5:fb:
9e:a3:32:cf:0f:5e:a6:aa:ed:51:2a:67:bd:9f:ba:
5e:b9:19:32:e9:50:f2:b0:6e:58:ec:90:58:b2:04:
34:29:49:48:6a:2e:cd:84:46:a4:d7:da:3d:a5:70:
32:ff:45:7e:1b:ec:12:65:40:93:97:09:c8:25:5c:
e4:93:35:da:11:54:aa:20:44:36:af:bd:05:82:26:
48:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AA:60:9F:D7:7B:D0:E5:1D:89:DA:AD:B8:CC:71:E1:0D:15:8A:78
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D18C676B5FB11EF8BE53C92762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.184.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:91:d9:1b:bb:ea:13:15:2f:a9:1b:72:56:88:37:00:fc:35:
37:b6:cb:55:06:fb:47:dc:16:b7:14:41:f5:7e:e8:7d:37:81:
19:4a:34:15:33:a4:bb:06:40:39:23:4b:15:d2:ad:78:c0:d1:
c0:71:5b:0c:4d:42:a2:9a:ae:09:ad:fc:33:8f:7a:6f:07:13:
f0:d1:5b:46:94:31:10:0b:2b:21:83:0a:5c:73:62:ce:26:50:
4e:cd:40:b4:fb:82:48:6e:5c:04:28:85:17:96:40:d4:38:ca:
3d:a2:e6:21:ed:33:ad:f3:a3:23:ac:ed:1a:4a:5f:a6:b9:58:
a8:d3:dd:37:0a:79:15:b9:64:2e:7f:9c:75:b3:a2:21:56:af:
57:82:4b:19:69:49:1e:f8:7c:7b:9b:35:aa:6d:74:63:0e:26:
7c:70:12:32:cf:74:cd:67:a8:ef:41:42:19:c8:1e:b2:d5:f1:
73:b1:39:3d:b9:96:3c:f4:67:2d:ea:5c:dc:11:79:12:ad:d8:
f4:f2:93:63:af:b7:a2:aa:7a:16:08:1d:54:a0:26:bf:07:c6:
dc:dd:51:19:c8:15:c9:92:55:e1:aa:a0:e0:18:51:8d:13:46:
35:7f:91:21:35:5d:5c:67:02:fd:89:d8:92:0c:b6:05:86:d8:
9e:bc:cc:2c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOFOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDcwMTA0WhcNMjUwMjA2MDcwMTA0WjAYMRYw
FAYDVQQDEw02NzU2OTViMy1lNjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtumKEbckWIJdVzOjU4OEFNEMMlbfIkuOXYcuZhGcUUR7UueSHh30142h
GT6VPbWijAuz2Y4BLbhjsBnfVRxPTFA4zM6sm6MZtFUyQ7z0NFf082Zhix18/lF7
bmYsNpDX3sCSz9LhR38Yer1gnoxUHFyNrdoaegpxBwBoUrVbZphwRIiUOeyFyEt/
QHlt+shdq7KDGnm2qNcWMr6FmOccHAXiNZxaobx4ARAqiaPcYEXvpfueozLPD16m
qu1RKme9n7peuRky6VDysG5Y7JBYsgQ0KUlIai7NhEak19o9pXAy/0V+G+wSZUCT
lwnIJVzkkzXaEVSqIEQ2r70FgiZIiwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMSq
YJ/Xe9DlHYnarbjMceENFYp4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RDE4QzY3NkI1RkIxMUVGOEJFNTNDOTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcC4MA0GCSqGSIb3DQEBCwUA
A4IBAQCLkdkbu+oTFS+pG3JWiDcA/DU3tstVBvtH3Ba3FEH1fuh9N4EZSjQVM6S7
BkA5I0sV0q14wNHAcVsMTUKimq4Jrfwzj3pvBxPw0VtGlDEQCyshgwpcc2LOJlBO
zUC0+4JIblwEKIUXlkDUOMo9ouYh7TOt86MjrO0aSl+muVio0903CnkVuWQuf5x1
s6IhVq9XgksZaUke+Hx7mzWqbXRjDiZ8cBIyz3TNZ6jvQUIZyB6y1fFzsTk9uZY8
9Gct6lzcEXkSrdj08pNjr7eiqnoWCB1UoCa/B8bc3VEZyBXJklXhqqDgGFGNE0Y1
f5EhNV1cZwL9idiSDLYFhtievMws
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:33 2025 by rpki-client