Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72444EA0C6CF11EF89BB1B4A762E951A.roa
File: 72444EA0C6CF11EF89BB1B4A762E951A.roa (raw, json)
Hash identifier: lspq1EqHZgAtTs1LjCQlTx8LCwdJmrXeqh+Ni+gAh1g=
Subject key identifier: FD:4F:9E:C4:5E:A2:B2:F0:5E:24:6A:0C:08:65:07:F1:BC:FD:D2:3C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F28B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72444EA0C6CF11EF89BB1B4A762E951A.roa
Signing time: Mon 30 Dec 2024 16:59:35 +0000
ROA not before: Mon 30 Dec 2024 16:59:31 +0000
ROA not after: Sat 21 Feb 2026 16:59:31 +0000
asID: 136907
IP address blocks: 45.194.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62091 (0xf28b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 30 16:59:31 2024 GMT
Not After : Feb 21 16:59:31 2026 GMT
Subject: CN=6772d177-48ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d0:1d:a5:39:f6:fc:26:cc:76:55:f0:7b:b3:
aa:ae:a5:07:11:3f:ed:85:ff:d0:58:1a:24:5a:3c:
77:76:92:92:b3:77:95:ee:59:18:18:e7:07:9b:01:
61:42:25:27:4d:7b:94:87:d7:d6:a0:5a:88:e4:22:
27:5a:4f:d7:72:b2:fa:80:b0:2c:b3:92:a5:70:2f:
5e:e2:62:27:d1:40:e5:71:c6:0c:c3:ad:7d:a1:25:
d0:e9:7e:8e:88:de:5e:45:79:43:ab:3a:f0:5f:bb:
78:cf:5a:af:73:13:a4:1f:c0:ae:08:41:a2:f0:e5:
93:f4:01:10:1a:a3:2b:a8:3e:9c:f2:78:7d:52:6c:
e9:e5:e9:fe:e8:e2:58:53:c3:a7:25:25:1b:73:47:
a5:d8:9a:10:41:a3:2e:74:8a:d7:a0:d6:79:fb:01:
f8:ce:a9:6d:31:cb:e1:6a:45:e1:df:d0:eb:20:6c:
7e:53:f6:e8:c8:83:47:c3:44:25:a6:12:21:e6:c5:
7d:aa:dc:aa:a3:d5:8b:e4:97:52:83:9b:51:15:82:
0e:2b:a5:c1:e3:9f:e3:e6:5a:bf:b1:09:12:6a:e0:
4e:6b:b7:80:04:d5:be:b2:dc:ee:7a:27:ad:ed:54:
a5:4c:86:5b:32:74:8e:aa:9e:cd:2a:11:b0:7a:3b:
48:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:4F:9E:C4:5E:A2:B2:F0:5E:24:6A:0C:08:65:07:F1:BC:FD:D2:3C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72444EA0C6CF11EF89BB1B4A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.104.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:c6:0c:60:f3:d5:c7:c1:da:06:76:2b:0c:40:e3:04:75:5b:
4d:17:29:28:1e:43:4e:10:df:73:a1:e9:ba:18:3a:74:a9:c8:
48:f2:f2:4a:b8:e6:60:eb:d7:17:35:af:99:59:9e:dd:7c:54:
1d:06:62:59:6e:07:34:4a:4f:78:10:1e:b8:10:5e:a3:9c:cc:
15:7d:43:8f:3d:ae:5b:17:7c:17:fd:2b:71:3a:1c:6f:eb:68:
e5:b3:d5:21:85:8c:1a:8e:4e:af:24:31:e1:d7:48:08:4a:6f:
29:af:5f:8a:7a:9b:c5:7b:a3:c0:7c:fb:88:e4:c9:4d:12:48:
eb:15:12:80:ee:5f:e6:64:6c:4e:29:79:48:f7:a2:64:ee:e0:
c6:fa:5a:09:ae:75:36:d1:f0:5e:15:ab:52:24:7e:b8:2c:7c:
c0:c1:7a:79:d8:96:fb:8c:c4:47:9f:f4:d3:c3:9a:d6:2d:ac:
8a:6f:10:97:24:40:c1:9c:6a:a0:6c:4b:2d:4f:88:c8:e3:32:
50:c7:73:96:c5:1d:09:5f:7b:47:bd:ea:ab:0e:92:20:91:0f:
f8:4c:23:c4:5b:93:1d:28:36:a7:1c:06:dd:4a:73:03:34:72:
57:c7:0d:98:e8:4b:78:98:72:dc:cc:85:a7:8f:7f:7a:69:3d:
3f:23:a3:53
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPKLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjMwMTY1OTMxWhcNMjYwMjIxMTY1OTMxWjAYMRYw
FAYDVQQDEw02NzcyZDE3Ny00OGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAstAdpTn2/CbMdlXwe7OqrqUHET/thf/QWBokWjx3dpKSs3eV7lkYGOcH
mwFhQiUnTXuUh9fWoFqI5CInWk/XcrL6gLAss5KlcC9e4mIn0UDlccYMw619oSXQ
6X6OiN5eRXlDqzrwX7t4z1qvcxOkH8CuCEGi8OWT9AEQGqMrqD6c8nh9Umzp5en+
6OJYU8OnJSUbc0el2JoQQaMudIrXoNZ5+wH4zqltMcvhakXh39DrIGx+U/boyINH
w0QlphIh5sV9qtyqo9WL5JdSg5tRFYIOK6XB45/j5lq/sQkSauBOa7eABNW+stzu
eiet7VSlTIZbMnSOqp7NKhGwejtICQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP1P
nsReorLwXiRqDAhlB/G8/dI8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MjQ0NEVBMEM2Q0YxMUVGODlCQjFCNEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcJoMA0GCSqGSIb3DQEBCwUA
A4IBAQA+xgxg89XHwdoGdisMQOMEdVtNFykoHkNOEN9zoem6GDp0qchI8vJKuOZg
69cXNa+ZWZ7dfFQdBmJZbgc0Sk94EB64EF6jnMwVfUOPPa5bF3wX/StxOhxv62jl
s9UhhYwajk6vJDHh10gISm8pr1+KepvFe6PAfPuI5MlNEkjrFRKA7l/mZGxOKXlI
96Jk7uDG+loJrnU20fBeFatSJH64LHzAwXp52Jb7jMRHn/TTw5rWLayKbxCXJEDB
nGqgbEstT4jI4zJQx3OWxR0JX3tHveqrDpIgkQ/4TCPEW5MdKDanHAbdSnMDNHJX
xw2Y6Et4mHLczIWnj396aT0/I6NT
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:19 2025 by rpki-client