Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9517ED2EC39611EFAC384B57762E951A.roa
File: 9517ED2EC39611EFAC384B57762E951A.roa (raw, json)
Hash identifier: ysgbs9Y0vffdG4mLKANP2rFvpoT42dZGu4WSi4jSIqg=
Subject key identifier: E4:F5:BB:54:80:F0:EE:45:10:7D:3E:A8:34:44:8D:20:44:1E:4B:F3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ED27
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9517ED2EC39611EFAC384B57762E951A.roa
Signing time: Thu 26 Dec 2024 14:34:58 +0000
ROA not before: Thu 26 Dec 2024 14:34:55 +0000
ROA not after: Fri 12 Dec 2025 14:34:55 +0000
asID: 984
IP address blocks: 45.197.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60711 (0xed27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 14:34:55 2024 GMT
Not After : Dec 12 14:34:55 2025 GMT
Subject: CN=676d6992-70f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9d:6f:28:99:24:8f:7a:66:05:38:fa:e3:8d:
55:00:bb:d3:b7:f5:54:0a:79:a4:b6:7d:af:f9:14:
fb:80:3f:f5:fb:ba:af:97:7a:84:69:91:03:ca:da:
83:8a:ca:b1:ee:f9:ae:2a:41:a6:f2:f9:aa:9e:a3:
a4:c1:77:56:04:e5:bb:ee:f4:d5:41:28:7c:c1:13:
79:a5:01:bd:12:22:5e:49:0d:c0:01:5c:c2:89:14:
be:bb:1f:67:98:28:3b:92:f6:fc:b2:22:16:5b:81:
07:15:10:c7:bd:31:eb:bb:27:23:27:df:1e:50:93:
cf:b4:b8:5f:86:19:88:a0:0b:11:da:93:03:30:f5:
77:74:f7:0b:e3:5d:7e:a8:5b:96:a4:18:71:d7:f4:
17:fe:f4:0c:4d:b9:05:d2:2a:6f:4f:5e:ed:25:dc:
9e:09:13:27:e1:33:3f:45:fe:6d:fd:c7:d0:09:db:
14:6a:75:f3:45:34:4e:c0:7e:d7:87:36:d3:4a:63:
80:3f:c1:47:48:bd:2a:af:83:ac:77:8f:49:8c:65:
8d:b5:bc:4a:c3:a7:83:9e:85:2f:1a:13:11:1a:56:
21:24:9d:f3:67:71:2c:dd:bd:84:6f:de:97:14:16:
0f:36:dd:39:c9:bb:bc:df:dc:18:df:6c:9c:19:61:
05:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F5:BB:54:80:F0:EE:45:10:7D:3E:A8:34:44:8D:20:44:1E:4B:F3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9517ED2EC39611EFAC384B57762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.22.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:2c:2e:fe:4e:48:22:f4:46:27:33:ea:81:fc:ad:8a:8a:1a:
b8:14:fa:13:cd:76:e2:fb:e4:b5:2f:ea:fe:20:a5:44:7e:74:
0c:4c:01:2a:da:db:4b:8b:dc:34:81:58:8f:70:46:c5:56:d5:
53:e3:a6:b7:fd:37:47:16:cf:7d:83:c6:51:59:0b:c2:43:8f:
c1:a7:31:5b:df:08:97:be:0d:e6:61:13:5e:e8:4e:a3:ce:71:
5c:7e:4d:95:d2:b8:bc:8f:cf:ea:ac:e0:42:ab:ef:57:fd:80:
5b:12:78:89:f2:71:6e:57:64:e9:b0:c5:66:71:96:0d:02:5b:
73:89:e4:a3:87:05:89:5d:ae:ce:cd:30:a2:05:ad:70:2a:ab:
36:58:ad:9e:64:25:3c:41:16:10:a0:52:8d:af:f1:d4:6e:7a:
fa:79:76:3e:f8:84:5e:10:44:25:5e:aa:b2:43:28:e4:2d:89:
9c:c7:3a:3a:07:aa:1d:36:ca:49:95:37:56:09:1a:c7:d1:f4:
89:7e:35:d3:96:61:e9:ff:f8:59:bd:40:5f:80:46:f7:d5:79:
01:6f:ce:d4:0e:71:12:b9:00:94:9d:6a:1d:3d:31:ea:e3:96:
01:8a:f6:b0:ff:74:53:de:ea:28:84:d8:da:45:99:a7:6b:9a:
6f:d9:f5:b6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO0nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTQzNDU1WhcNMjUxMjEyMTQzNDU1WjAYMRYw
FAYDVQQDEw02NzZkNjk5Mi03MGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6Z1vKJkkj3pmBTj6441VALvTt/VUCnmktn2v+RT7gD/1+7qvl3qEaZED
ytqDisqx7vmuKkGm8vmqnqOkwXdWBOW77vTVQSh8wRN5pQG9EiJeSQ3AAVzCiRS+
ux9nmCg7kvb8siIWW4EHFRDHvTHruycjJ98eUJPPtLhfhhmIoAsR2pMDMPV3dPcL
411+qFuWpBhx1/QX/vQMTbkF0ipvT17tJdyeCRMn4TM/Rf5t/cfQCdsUanXzRTRO
wH7XhzbTSmOAP8FHSL0qr4Osd49JjGWNtbxKw6eDnoUvGhMRGlYhJJ3zZ3Es3b2E
b96XFBYPNt05ybu839wY32ycGWEFywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOT1
u1SA8O5FEH0+qDREjSBEHkvzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NTE3RUQyRUMzOTYxMUVGQUMzODRCNTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcUWMA0GCSqGSIb3DQEBCwUA
A4IBAQAKLC7+Tkgi9EYnM+qB/K2Kihq4FPoTzXbi++S1L+r+IKVEfnQMTAEq2ttL
i9w0gViPcEbFVtVT46a3/TdHFs99g8ZRWQvCQ4/BpzFb3wiXvg3mYRNe6E6jznFc
fk2V0ri8j8/qrOBCq+9X/YBbEniJ8nFuV2TpsMVmcZYNAltzieSjhwWJXa7OzTCi
Ba1wKqs2WK2eZCU8QRYQoFKNr/HUbnr6eXY++IReEEQlXqqyQyjkLYmcxzo6B6od
NspJlTdWCRrH0fSJfjXTlmHp//hZvUBfgEb31XkBb87UDnESuQCUnWodPTHq45YB
ivaw/3RT3uoohNjaRZmna5pv2fW2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:53 2025 by rpki-client