Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B308F7ACC0911EFAEF5BC8A762E951A.roa
File: 8B308F7ACC0911EFAEF5BC8A762E951A.roa (raw, json)
Hash identifier: 1ZkW9dnVeZCuVk/XX2qpt/AE8KRJEwLPekJ5s3TySyI=
Subject key identifier: B4:1B:4D:35:28:91:96:10:25:69:9A:AA:C1:28:5E:D0:81:C6:15:AE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F857
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B308F7ACC0911EFAEF5BC8A762E951A.roa
Signing time: Mon 06 Jan 2025 08:38:03 +0000
ROA not before: Mon 06 Jan 2025 08:38:00 +0000
ROA not after: Tue 11 Feb 2025 08:38:00 +0000
asID: 23470
IP address blocks: 45.199.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63575 (0xf857)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 08:38:00 2025 GMT
Not After : Feb 11 08:38:00 2025 GMT
Subject: CN=677b966b-e45e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d4:31:3b:68:63:45:fc:fb:f0:9b:ec:9a:20:
3d:11:e5:9a:d1:55:4c:37:75:d6:1e:bc:11:f5:39:
c7:e5:52:e0:d6:93:27:f4:68:3b:0c:47:6b:78:01:
53:c9:82:2e:b6:46:df:08:41:57:9c:03:7a:5b:89:
4c:2d:22:ef:eb:03:00:33:fc:fc:c9:29:82:8c:31:
73:29:5f:a9:22:b8:cf:55:d9:4b:3c:ae:48:8e:54:
19:56:5b:3f:74:f9:05:13:9e:14:7c:65:19:61:df:
a2:b8:ca:6b:56:8c:a1:cd:a5:98:18:bf:9e:cd:03:
c4:c7:8e:9b:f1:28:37:7f:61:35:41:64:a2:b6:13:
df:63:0a:3e:e9:1f:2b:36:a9:0c:a5:35:9c:f4:97:
94:5e:b1:ad:dd:36:c6:ad:1a:10:2a:05:08:70:52:
80:39:65:b1:7d:43:ff:0e:ab:26:12:c2:2b:72:53:
52:e0:46:e2:64:9b:4e:53:c2:65:46:75:1a:37:df:
0e:6b:8e:c0:d6:ce:4b:ef:d2:2b:9e:d6:f2:1d:f8:
68:0f:37:d8:dd:0a:10:0e:f9:ec:b6:8b:78:8f:25:
cd:35:16:92:cb:e7:b2:40:6f:78:f9:13:ef:bc:fc:
84:fb:1d:ed:d8:d7:8f:1a:8a:bb:98:57:63:1f:cd:
c0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1B:4D:35:28:91:96:10:25:69:9A:AA:C1:28:5E:D0:81:C6:15:AE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B308F7ACC0911EFAEF5BC8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.189.0/24
Signature Algorithm: sha256WithRSAEncryption
92:43:64:b8:b6:da:7b:56:98:d4:7c:c4:9d:82:d3:f1:df:d8:
9d:d0:02:86:fb:68:df:87:4a:fb:f7:fb:a8:8e:db:1a:41:c8:
a7:00:53:a6:1a:be:76:db:3c:97:34:2b:d1:96:5b:df:ff:e2:
e3:ea:cd:84:83:e3:9f:83:2c:82:69:f4:a5:92:77:b1:a1:77:
6e:f1:3d:9e:2c:c3:3e:5b:ea:82:06:f3:72:1c:aa:dd:3d:6e:
d4:d8:bf:79:b7:da:c6:ae:b2:e3:29:30:2c:56:02:25:e2:36:
f7:04:4c:e4:a4:a8:8b:94:a6:e6:1a:0e:41:15:0d:f9:fd:38:
e2:f7:97:8b:ce:03:33:5e:1c:f2:31:5e:6f:61:54:e3:e1:fd:
0c:10:db:1b:12:d5:42:7b:68:f0:a1:e0:0f:8b:69:48:83:1e:
ae:bd:5b:00:5e:a0:fc:90:e4:82:0e:fc:d6:ff:ce:25:f1:e2:
d0:65:e0:27:d0:98:57:38:28:01:58:d1:c4:1f:32:84:81:2c:
b3:f7:a2:68:b2:16:2c:7b:c4:6b:a8:df:69:2f:b6:c8:4c:ad:
59:f1:45:98:d0:95:1c:6a:66:1c:4a:0d:e5:dd:65:49:f9:51:
4a:c2:ac:9b:08:84:31:95:2c:09:5a:66:3a:2f:6e:e5:27:e4:
2b:c8:89:24
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPhXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDgzODAwWhcNMjUwMjExMDgzODAwWjAYMRYw
FAYDVQQDEw02NzdiOTY2Yi1lNDVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmNQxO2hjRfz78JvsmiA9EeWa0VVMN3XWHrwR9TnH5VLg1pMn9Gg7DEdr
eAFTyYIutkbfCEFXnAN6W4lMLSLv6wMAM/z8ySmCjDFzKV+pIrjPVdlLPK5IjlQZ
Vls/dPkFE54UfGUZYd+iuMprVoyhzaWYGL+ezQPEx46b8Sg3f2E1QWSithPfYwo+
6R8rNqkMpTWc9JeUXrGt3TbGrRoQKgUIcFKAOWWxfUP/DqsmEsIrclNS4EbiZJtO
U8JlRnUaN98Oa47A1s5L79IrntbyHfhoDzfY3QoQDvnstot4jyXNNRaSy+eyQG94
+RPvvPyE+x3t2NePGoq7mFdjH83AtwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLQb
TTUokZYQJWmaqsEoXtCBxhWuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QjMwOEY3QUNDMDkxMUVGQUVGNUJDOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALce9MA0GCSqGSIb3DQEBCwUA
A4IBAQCSQ2S4ttp7VpjUfMSdgtPx39id0AKG+2jfh0r79/uojtsaQcinAFOmGr52
2zyXNCvRllvf/+Lj6s2Eg+OfgyyCafSlknexoXdu8T2eLMM+W+qCBvNyHKrdPW7U
2L95t9rGrrLjKTAsVgIl4jb3BEzkpKiLlKbmGg5BFQ35/Tji95eLzgMzXhzyMV5v
YVTj4f0MENsbEtVCe2jwoeAPi2lIgx6uvVsAXqD8kOSCDvzW/84l8eLQZeAn0JhX
OCgBWNHEHzKEgSyz96JoshYse8RrqN9pL7bITK1Z8UWY0JUcamYcSg3l3WVJ+VFK
wqybCIQxlSwJWmY6L27lJ+QryIkk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:17 2025 by rpki-client