Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/633A1896C3F411EFBDA950AB762E951A.roa
File: 633A1896C3F411EFBDA950AB762E951A.roa (raw, json)
Hash identifier: SWm3MUzPrq/HqAVYq8syhu9ouILbsS6Fsi982qMT4cc=
Subject key identifier: B1:75:46:76:81:AB:2F:D3:58:EB:B8:35:25:8E:20:CA:F0:1A:61:71
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF72
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/633A1896C3F411EFBDA950AB762E951A.roa
Signing time: Fri 27 Dec 2024 01:46:28 +0000
ROA not before: Fri 27 Dec 2024 01:46:23 +0000
ROA not after: Sun 12 Dec 2027 01:46:23 +0000
asID: 17561
IP address blocks: 45.194.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61298 (0xef72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 01:46:23 2024 GMT
Not After : Dec 12 01:46:23 2027 GMT
Subject: CN=676e06f4-d433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:65:7b:7f:72:e6:56:bb:0a:35:a2:78:7f:7c:
93:f9:3a:2c:de:d5:b9:ef:89:05:cc:a1:14:c5:43:
64:e3:63:fc:fa:03:e7:83:dd:c5:d8:b1:2c:8e:1e:
4b:41:1b:90:05:3b:7b:e8:a8:49:0a:bf:6e:c8:2f:
dd:87:7a:e1:88:10:38:fc:ba:df:57:8c:87:85:04:
90:06:4b:3a:81:5d:b1:0a:44:b5:30:9f:8a:a4:f6:
3e:84:7e:c9:fc:d5:33:f3:31:24:99:ae:60:8d:31:
c6:8a:b3:60:b2:ea:ba:4c:c6:23:3b:50:7b:f5:8a:
8a:29:62:71:30:a6:21:e9:e4:cc:ae:21:55:19:2d:
7e:72:04:67:da:c3:1a:a0:95:b5:60:04:6f:e3:c6:
8b:1e:7b:4a:ae:80:ef:28:d6:d7:2b:a8:d2:7c:52:
f6:ff:5c:8c:f0:1c:f1:fc:15:0a:ba:ee:21:05:09:
fd:92:67:18:01:7f:33:d8:d7:d7:30:e6:77:a7:49:
7f:8e:bc:8b:09:fa:39:42:02:be:5b:4b:23:ba:dc:
4c:fc:26:97:40:41:44:f3:96:ca:a2:92:0e:5e:57:
2e:09:47:a0:01:ab:2f:f2:3f:ed:5b:35:3f:f1:51:
88:67:04:2c:76:8c:61:94:cf:60:93:61:23:e6:89:
2e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:75:46:76:81:AB:2F:D3:58:EB:B8:35:25:8E:20:CA:F0:1A:61:71
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/633A1896C3F411EFBDA950AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.12.0/24
Signature Algorithm: sha256WithRSAEncryption
60:d2:6b:f9:41:83:fe:cb:ac:aa:f7:8f:f9:ea:21:7c:04:d7:
0a:7c:79:08:45:41:3b:f1:f5:62:c1:42:0e:ee:12:2c:68:58:
14:7f:a0:0b:7d:4d:10:d8:61:22:96:10:29:c1:0a:ac:7b:1f:
f4:bd:9a:c8:a4:ae:72:bb:1d:db:b9:2c:11:36:a0:c5:9a:c1:
c2:de:c9:2d:6e:2c:f5:13:ba:6c:ce:50:d8:f6:5e:b9:4f:f6:
8c:0c:cd:47:e6:28:a5:40:4a:60:17:08:b0:cd:52:f2:d5:ae:
d5:fa:fc:e9:fd:3f:7e:a2:06:0b:b6:db:c3:90:2e:4a:a0:a9:
d9:1a:d8:e8:94:94:14:2d:4b:c6:c7:2c:e3:8f:17:aa:c3:e5:
b4:ee:bc:ca:c7:1c:c2:95:8a:f2:7f:04:fe:51:17:b4:ad:78:
9a:26:0f:03:db:c0:54:a7:5b:9c:51:89:1f:7b:f0:bd:dc:3b:
bb:bc:71:c4:ff:b0:44:c5:ba:e7:ed:99:89:21:44:86:7d:38:
b6:ba:32:80:13:98:51:12:d3:32:a5:72:51:3f:14:8c:82:a9:
c4:bc:3a:53:2d:9a:be:d8:e4:06:75:81:c4:45:47:29:ec:4d:
72:61:7b:eb:59:5c:59:09:43:70:f9:e6:25:32:bf:3e:69:7f:
22:d6:0c:fa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO9yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDE0NjIzWhcNMjcxMjEyMDE0NjIzWjAYMRYw
FAYDVQQDEw02NzZlMDZmNC1kNDMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxWV7f3LmVrsKNaJ4f3yT+Tos3tW574kFzKEUxUNk42P8+gPng93F2LEs
jh5LQRuQBTt76KhJCr9uyC/dh3rhiBA4/LrfV4yHhQSQBks6gV2xCkS1MJ+KpPY+
hH7J/NUz8zEkma5gjTHGirNgsuq6TMYjO1B79YqKKWJxMKYh6eTMriFVGS1+cgRn
2sMaoJW1YARv48aLHntKroDvKNbXK6jSfFL2/1yM8Bzx/BUKuu4hBQn9kmcYAX8z
2NfXMOZ3p0l/jryLCfo5QgK+W0sjutxM/CaXQEFE85bKopIOXlcuCUegAasv8j/t
WzU/8VGIZwQsdoxhlM9gk2Ej5okusQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLF1
RnaBqy/TWOu4NSWOIMrwGmFxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MzNBMTg5NkMzRjQxMUVGQkRBOTUwQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcIMMA0GCSqGSIb3DQEBCwUA
A4IBAQBg0mv5QYP+y6yq94/56iF8BNcKfHkIRUE78fViwUIO7hIsaFgUf6ALfU0Q
2GEilhApwQqsex/0vZrIpK5yux3buSwRNqDFmsHC3sktbiz1E7pszlDY9l65T/aM
DM1H5iilQEpgFwiwzVLy1a7V+vzp/T9+ogYLttvDkC5KoKnZGtjolJQULUvGxyzj
jxeqw+W07rzKxxzClYryfwT+URe0rXiaJg8D28BUp1ucUYkfe/C93Du7vHHE/7BE
xbrn7ZmJIUSGfTi2ujKAE5hREtMypXJRPxSMgqnEvDpTLZq+2OQGdYHERUcp7E1y
YXvrWVxZCUNw+eYlMr8+aX8i1gz6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:51 2025 by rpki-client