Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/871D880ABDB011EFA7224587762E951A.roa
File: 871D880ABDB011EFA7224587762E951A.roa (raw, json)
Hash identifier: lNt3KJ0iuDSFU/STng0osOvN8CPEyfCoUzxP4rJnkY8=
Subject key identifier: C1:CF:F8:DC:8E:60:96:01:8D:F8:4F:41:87:C8:19:63:00:F6:32:9A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E4A9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/871D880ABDB011EFA7224587762E951A.roa
Signing time: Thu 19 Dec 2024 02:25:35 +0000
ROA not before: Thu 19 Dec 2024 02:25:31 +0000
ROA not after: Wed 10 Dec 2025 02:25:31 +0000
asID: 984
IP address blocks: 45.198.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58537 (0xe4a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 02:25:31 2024 GMT
Not After : Dec 10 02:25:31 2025 GMT
Subject: CN=6763841f-8c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:30:2b:34:b9:47:97:b5:f6:cc:76:bc:48:94:
e8:97:18:3f:e1:e3:f9:5f:23:80:d4:62:0d:a4:a4:
b5:e4:ef:6d:cd:29:10:3d:a6:92:68:6f:b2:56:14:
1e:04:fd:01:e7:9e:15:28:a7:a0:eb:8c:ac:eb:98:
73:5e:99:7f:be:64:ff:d7:0b:83:67:3e:b3:d0:26:
a7:2a:f3:da:2f:58:8d:9e:ac:56:eb:97:74:31:8a:
6d:9a:5e:31:75:77:23:4a:1a:97:3a:17:a5:f0:c0:
cf:d4:02:98:13:38:9f:86:96:ea:60:15:a2:84:48:
2c:4d:9a:40:4f:ed:ed:da:a2:a9:cd:bb:87:33:5d:
fd:e5:fa:09:df:c2:1e:c5:ab:bb:a9:3c:90:ae:ef:
4a:08:b7:7f:61:60:4d:db:45:77:e3:59:a1:e6:24:
01:4e:10:89:97:bf:d6:09:96:7f:ea:58:57:f7:03:
5c:83:80:16:9c:ca:c7:01:21:d1:94:74:44:b9:8f:
e3:bf:ba:d5:dd:1e:a7:e0:62:de:28:85:33:2f:d4:
dc:18:0d:d2:1b:78:e4:f9:d6:1a:d3:c8:97:f6:f7:
b9:1c:ea:8c:6e:31:92:1c:62:f9:93:4c:8b:28:1a:
c3:ca:88:3d:56:69:80:80:9b:aa:bd:61:af:16:ea:
2a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:CF:F8:DC:8E:60:96:01:8D:F8:4F:41:87:C8:19:63:00:F6:32:9A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/871D880ABDB011EFA7224587762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.236.0/24
Signature Algorithm: sha256WithRSAEncryption
86:49:8b:2f:ee:01:51:3f:45:57:86:e3:1d:0d:0e:d5:b3:62:
65:80:1f:e8:b3:b4:5c:24:31:44:86:19:a5:a3:3b:02:88:4c:
83:f7:9a:36:e7:41:6d:00:ff:f2:82:d8:15:b7:b3:d1:7e:49:
24:17:c2:b2:6f:38:08:af:a3:e2:0a:ed:28:2f:17:c9:8d:c5:
71:dc:b3:ac:33:36:67:95:c1:5e:11:6e:5c:6a:f7:81:f9:77:
08:ae:16:86:bd:e7:f5:bc:a6:4a:f6:df:14:52:c4:91:71:69:
5b:e6:a3:58:29:a5:92:3c:dc:69:d2:e8:e1:bb:9d:c5:04:b7:
ef:44:80:b1:df:45:ae:7a:db:04:c7:4b:18:31:6e:ec:55:b3:
c3:95:ea:5f:ae:7a:97:34:b3:e7:af:62:58:cf:0f:a5:f1:10:
dd:ba:45:62:a4:3c:36:21:34:69:77:79:25:77:67:10:a1:b2:
09:b1:00:89:21:31:68:43:62:f6:07:54:7a:8f:33:00:11:78:
a6:84:31:8b:18:89:37:8f:da:ab:ab:b7:16:7a:fb:44:5a:0e:
e2:14:e2:04:28:2f:ce:bd:83:db:be:7e:d4:d6:21:b1:90:39:
0b:da:b2:7f:be:f6:e5:37:a3:fa:de:86:59:be:83:35:56:fb:
94:57:26:c6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOSpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDIyNTMxWhcNMjUxMjEwMDIyNTMxWjAYMRYw
FAYDVQQDEw02NzYzODQxZi04YzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoTArNLlHl7X2zHa8SJTolxg/4eP5XyOA1GINpKS15O9tzSkQPaaSaG+y
VhQeBP0B554VKKeg64ys65hzXpl/vmT/1wuDZz6z0CanKvPaL1iNnqxW65d0MYpt
ml4xdXcjShqXOhel8MDP1AKYEzifhpbqYBWihEgsTZpAT+3t2qKpzbuHM1395foJ
38Iexau7qTyQru9KCLd/YWBN20V341mh5iQBThCJl7/WCZZ/6lhX9wNcg4AWnMrH
ASHRlHREuY/jv7rV3R6n4GLeKIUzL9TcGA3SG3jk+dYa08iX9ve5HOqMbjGSHGL5
k0yLKBrDyog9VmmAgJuqvWGvFuoqAQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMHP
+NyOYJYBjfhPQYfIGWMA9jKaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NzFEODgwQUJEQjAxMUVGQTcyMjQ1ODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcbsMA0GCSqGSIb3DQEBCwUA
A4IBAQCGSYsv7gFRP0VXhuMdDQ7Vs2JlgB/os7RcJDFEhhmlozsCiEyD95o250Ft
AP/ygtgVt7PRfkkkF8KybzgIr6PiCu0oLxfJjcVx3LOsMzZnlcFeEW5caveB+XcI
rhaGvef1vKZK9t8UUsSRcWlb5qNYKaWSPNxp0ujhu53FBLfvRICx30WuetsEx0sY
MW7sVbPDlepfrnqXNLPnr2JYzw+l8RDdukVipDw2ITRpd3kld2cQobIJsQCJITFo
Q2L2B1R6jzMAEXimhDGLGIk3j9qrq7cWevtEWg7iFOIEKC/OvYPbvn7U1iGxkDkL
2rJ/vvblN6P63oZZvoM1VvuUVybG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:22 2025 by rpki-client