Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/632DBCBCC39B11EFB4219673762E951A.roa
File: 632DBCBCC39B11EFB4219673762E951A.roa (raw, json)
Hash identifier: 2SfxHjX0x97M3fGljtkR5udPW806xo9k+ec1ql1ueJo=
Subject key identifier: 3B:F4:C6:32:C9:AD:C5:88:DE:49:3A:A5:BF:2E:4B:54:84:07:3A:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ED5B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/632DBCBCC39B11EFB4219673762E951A.roa
Signing time: Thu 26 Dec 2024 15:09:22 +0000
ROA not before: Thu 26 Dec 2024 15:09:19 +0000
ROA not after: Fri 12 Dec 2025 15:09:19 +0000
asID: 984
IP address blocks: 45.197.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60763 (0xed5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 15:09:19 2024 GMT
Not After : Dec 12 15:09:19 2025 GMT
Subject: CN=676d71a2-2910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:55:8b:5b:8e:57:7e:04:0b:fb:de:f4:dd:2a:
af:c8:03:01:11:9c:ff:78:e9:54:a2:0a:06:e8:bf:
7c:a9:4a:8f:70:b5:82:fd:86:e0:38:c4:80:b5:67:
11:79:64:b4:4d:09:10:1a:61:f6:a9:6d:94:1e:87:
26:56:17:3e:cf:c8:54:ea:a3:e4:42:1c:b2:b5:6d:
e8:ec:d6:1d:2d:14:d8:15:98:22:fc:2b:e6:7b:3e:
75:c6:6c:46:25:ff:df:ae:ba:80:58:1d:74:a8:45:
03:22:b1:e3:fb:b7:de:d3:77:cf:36:5d:de:95:c5:
ea:91:ba:f9:0b:22:7b:c2:75:3c:ee:b7:42:bc:18:
1c:c1:a6:94:85:c3:5b:56:ec:fb:9e:01:c5:6f:f4:
f0:f7:a4:c3:0a:f7:84:52:78:aa:0a:ab:c2:fe:36:
2b:dc:55:1c:e2:72:e0:c3:64:50:28:8e:85:4c:b0:
ec:32:de:dc:5d:55:fa:fd:30:b9:60:2b:60:ba:56:
4c:ce:7d:cf:0e:af:b1:6e:69:7e:74:7c:46:3f:d7:
d6:85:3e:1b:52:5c:2b:af:91:55:8e:25:45:59:39:
23:e6:12:ce:8d:5d:a3:01:5a:6f:d1:a5:c6:5b:cd:
73:67:7d:cd:91:e1:9a:55:da:59:7e:6c:5a:31:8a:
69:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F4:C6:32:C9:AD:C5:88:DE:49:3A:A5:BF:2E:4B:54:84:07:3A:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/632DBCBCC39B11EFB4219673762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.168.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:24:01:b1:4e:6a:10:68:cb:65:c7:92:05:98:42:65:1f:6b:
95:ec:78:ee:89:f8:0b:42:87:8f:d5:d8:b9:ec:63:92:cd:a9:
f8:65:24:af:14:09:4f:e0:e8:9d:80:cc:bb:8c:1d:45:51:34:
98:e7:d3:42:c9:79:8c:e0:9c:bf:80:a2:a0:25:22:cf:5a:48:
16:22:3e:4a:1e:39:72:0a:ba:8f:8f:15:59:19:b3:09:36:ce:
b9:3f:82:e1:38:73:a8:ad:71:19:15:e5:6c:34:94:5f:10:67:
2e:96:bf:b1:ae:5c:35:96:b0:dc:75:9c:e0:a2:fc:92:59:4e:
b8:dc:6b:a3:e1:b4:ed:b3:5f:bb:ae:b0:d0:51:91:9d:fb:b5:
f9:91:55:72:93:a2:4e:a9:a3:d8:85:5c:68:ff:9f:df:b4:16:
79:02:4d:e6:77:70:e8:28:09:34:ef:f6:a2:98:d7:aa:1f:88:
07:00:66:2e:06:bd:7c:ae:db:cb:cc:83:b7:68:d0:bb:5a:ea:
8f:4f:c9:19:5f:48:fa:0d:5d:e6:9e:2d:9c:5c:16:56:bb:b9:
f6:f0:9a:4b:13:2c:fd:8d:67:83:66:23:f1:60:e9:e7:7c:1c:
c9:85:de:ab:31:33:7e:ae:50:62:e8:f9:45:3a:6c:f6:cc:35:
96:f8:e4:f9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO1bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTUwOTE5WhcNMjUxMjEyMTUwOTE5WjAYMRYw
FAYDVQQDEw02NzZkNzFhMi0yOTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6FWLW45XfgQL+9703SqvyAMBEZz/eOlUogoG6L98qUqPcLWC/YbgOMSA
tWcReWS0TQkQGmH2qW2UHocmVhc+z8hU6qPkQhyytW3o7NYdLRTYFZgi/Cvmez51
xmxGJf/frrqAWB10qEUDIrHj+7fe03fPNl3elcXqkbr5CyJ7wnU87rdCvBgcwaaU
hcNbVuz7ngHFb/Tw96TDCveEUniqCqvC/jYr3FUc4nLgw2RQKI6FTLDsMt7cXVX6
/TC5YCtgulZMzn3PDq+xbml+dHxGP9fWhT4bUlwrr5FVjiVFWTkj5hLOjV2jAVpv
0aXGW81zZ33NkeGaVdpZfmxaMYppTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDv0
xjLJrcWI3kk6pb8uS1SEBzpOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MzJEQkNCQ0MzOUIxMUVGQjQyMTk2NzM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcWoMA0GCSqGSIb3DQEBCwUA
A4IBAQC3JAGxTmoQaMtlx5IFmEJlH2uV7HjuifgLQoeP1di57GOSzan4ZSSvFAlP
4OidgMy7jB1FUTSY59NCyXmM4Jy/gKKgJSLPWkgWIj5KHjlyCrqPjxVZGbMJNs65
P4LhOHOorXEZFeVsNJRfEGculr+xrlw1lrDcdZzgovySWU643Guj4bTts1+7rrDQ
UZGd+7X5kVVyk6JOqaPYhVxo/5/ftBZ5Ak3md3DoKAk07/aimNeqH4gHAGYuBr18
rtvLzIO3aNC7WuqPT8kZX0j6DV3mni2cXBZWu7n28JpLEyz9jWeDZiPxYOnnfBzJ
hd6rMTN+rlBi6PlFOmz2zDWW+OT5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:18 2025 by rpki-client