Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91D42594C3F311EF9C22F6A4762E951A.roa
File: 91D42594C3F311EF9C22F6A4762E951A.roa (raw, json)
Hash identifier: IgZ6asECsE45TtOpjSj7BzGYi0bOx3fzn+fnYmBUgQA=
Subject key identifier: 4B:4A:95:7A:F8:FD:32:03:DD:89:39:7A:99:45:96:F0:58:E4:60:5B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF6A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91D42594C3F311EF9C22F6A4762E951A.roa
Signing time: Fri 27 Dec 2024 01:40:36 +0000
ROA not before: Fri 27 Dec 2024 01:40:29 +0000
ROA not after: Fri 12 Dec 2025 01:40:29 +0000
asID: 984
IP address blocks: 45.194.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61290 (0xef6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 01:40:29 2024 GMT
Not After : Dec 12 01:40:29 2025 GMT
Subject: CN=676e0594-48b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:74:70:d0:68:73:34:51:33:f5:e2:f6:72:d4:
f5:11:d6:9d:3c:08:91:c5:03:05:4c:8a:c5:5b:c3:
92:31:cb:e9:88:b7:03:27:a4:e0:11:66:7d:5b:95:
63:f9:c1:90:a9:77:da:67:9b:df:7e:a6:35:56:e3:
71:7c:94:c5:0f:fc:b4:d1:a7:7c:fe:f9:b6:ec:86:
c9:90:69:0a:3e:8d:9e:4e:0f:37:a9:53:59:90:29:
86:5f:24:9d:38:c5:dd:55:1e:75:a1:81:e9:89:c3:
e8:7e:c4:d9:10:40:bc:53:c5:7b:75:2d:f8:13:2a:
9e:34:73:26:1c:fb:10:1f:5e:1f:0c:ea:ba:c9:e5:
8b:2a:b2:54:2d:c4:f5:17:60:d6:27:44:0e:ff:d8:
5c:e1:91:c3:16:81:6c:13:4f:92:21:58:0b:04:d6:
1d:1d:6b:02:c1:7a:55:c2:61:0d:0d:8d:12:25:0b:
9a:91:fa:fa:4d:ce:ed:f9:9f:02:b8:9f:e0:cb:ed:
64:16:91:91:30:de:14:4f:7d:d9:c5:b9:b5:ac:69:
df:7a:06:1f:0a:87:1b:fc:13:70:3e:4e:5c:97:2b:
03:3b:b9:1e:3e:41:df:a3:ad:1f:52:73:87:77:98:
af:a6:6b:a7:4e:77:c0:e0:ab:16:f5:b7:65:06:ed:
7a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:4A:95:7A:F8:FD:32:03:DD:89:39:7A:99:45:96:F0:58:E4:60:5B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91D42594C3F311EF9C22F6A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.8.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:d8:cc:f7:8c:94:74:e3:d8:67:dc:14:27:b4:63:42:b3:16:
62:b3:f6:67:b2:fb:c9:96:82:bd:59:04:fb:5c:39:49:0a:88:
4c:00:95:e7:34:57:42:6c:50:b2:94:16:e6:9d:d0:62:d0:ed:
ea:25:83:6e:56:2c:eb:ca:50:20:29:59:ab:42:9a:01:31:92:
53:b9:c8:65:8c:54:0b:3d:9b:df:ba:51:f8:fb:ca:28:79:02:
9a:fb:e8:ca:09:ad:ac:cf:bd:6e:e1:ed:d7:f2:80:76:35:16:
d7:1b:d1:0b:9d:ba:09:8f:92:d2:14:73:3b:19:98:07:6a:5d:
fa:21:ae:d2:1f:34:aa:2e:7d:2b:d8:32:a2:e1:a1:6b:ac:58:
88:1b:08:70:de:52:ae:e6:29:8e:52:a8:be:02:fd:d3:5c:e3:
76:58:92:71:f0:24:b6:0e:fc:06:30:64:2b:f9:1a:dd:b2:43:
05:00:f6:da:87:59:f5:43:62:b9:45:97:cb:88:4e:ab:04:b3:
27:aa:f6:d0:8e:1a:22:31:ac:aa:38:75:5a:28:2b:4c:0c:03:
e3:b0:ea:4a:cf:4a:a5:b2:f3:2f:ae:3e:b7:78:38:55:b4:0e:
0a:20:78:ed:40:a3:32:8f:64:70:95:06:90:70:f7:91:0f:08:
5a:e0:1a:b9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO9qMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDE0MDI5WhcNMjUxMjEyMDE0MDI5WjAYMRYw
FAYDVQQDEw02NzZlMDU5NC00OGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsnRw0GhzNFEz9eL2ctT1EdadPAiRxQMFTIrFW8OSMcvpiLcDJ6TgEWZ9
W5Vj+cGQqXfaZ5vffqY1VuNxfJTFD/y00ad8/vm27IbJkGkKPo2eTg83qVNZkCmG
XySdOMXdVR51oYHpicPofsTZEEC8U8V7dS34EyqeNHMmHPsQH14fDOq6yeWLKrJU
LcT1F2DWJ0QO/9hc4ZHDFoFsE0+SIVgLBNYdHWsCwXpVwmENDY0SJQuakfr6Tc7t
+Z8CuJ/gy+1kFpGRMN4UT33Zxbm1rGnfegYfCocb/BNwPk5clysDO7kePkHfo60f
UnOHd5ivpmunTnfA4KsW9bdlBu16qQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEtK
lXr4/TID3Yk5eplFlvBY5GBbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MUQ0MjU5NEMzRjMxMUVGOUMyMkY2QTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcIIMA0GCSqGSIb3DQEBCwUA
A4IBAQBN2Mz3jJR049hn3BQntGNCsxZis/ZnsvvJloK9WQT7XDlJCohMAJXnNFdC
bFCylBbmndBi0O3qJYNuVizrylAgKVmrQpoBMZJTuchljFQLPZvfulH4+8ooeQKa
++jKCa2sz71u4e3X8oB2NRbXG9ELnboJj5LSFHM7GZgHal36Ia7SHzSqLn0r2DKi
4aFrrFiIGwhw3lKu5imOUqi+Av3TXON2WJJx8CS2DvwGMGQr+RrdskMFAPbah1n1
Q2K5RZfLiE6rBLMnqvbQjhoiMayqOHVaKCtMDAPjsOpKz0qlsvMvrj63eDhVtA4K
IHjtQKMyj2RwlQaQcPeRDwha4Bq5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:54 2025 by rpki-client