Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9888DF80BDB111EFB6CEEE8E762E951A.roa
File: 9888DF80BDB111EFB6CEEE8E762E951A.roa (raw, json)
Hash identifier: XVP4rDUhKB4t4jaTFCxt/MYmNXQN+Wv9nBNgl/OMXvU=
Subject key identifier: 0A:30:76:B2:E9:BF:43:98:50:FF:F1:30:CE:2E:61:78:32:CE:7F:DA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E4B7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9888DF80BDB111EFB6CEEE8E762E951A.roa
Signing time: Thu 19 Dec 2024 02:33:14 +0000
ROA not before: Thu 19 Dec 2024 02:33:10 +0000
ROA not after: Wed 10 Dec 2025 02:33:10 +0000
asID: 984
IP address blocks: 45.198.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58551 (0xe4b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 02:33:10 2024 GMT
Not After : Dec 10 02:33:10 2025 GMT
Subject: CN=676385ea-46ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b0:8c:93:c6:94:f9:86:aa:18:0b:7f:2e:ea:
a5:2c:a5:cd:fd:84:a3:c5:ae:c0:ee:ff:e5:2b:76:
26:c7:ac:ab:e3:fd:c8:04:a3:b6:7e:bd:4d:55:eb:
2d:f9:4b:56:91:58:e6:ce:ad:92:ae:c0:66:8b:80:
79:65:fd:83:39:59:c6:f5:88:7c:bc:e1:17:c9:8f:
f1:96:28:03:ea:4b:25:3a:be:d2:0f:23:8f:f6:a3:
c7:eb:f4:33:5b:f5:5f:01:62:ec:35:d6:2d:42:db:
70:f3:f5:cd:78:3e:65:6e:11:42:b5:17:d8:20:2c:
d2:ac:5b:04:36:74:7b:12:56:47:eb:ef:16:33:81:
36:be:d5:9f:7c:ac:f5:af:db:e0:13:5d:1b:85:c1:
68:83:e3:22:f1:c8:60:7e:33:dc:25:f2:78:ee:10:
3a:69:17:78:7d:a0:c9:39:c3:57:a5:0b:f6:f9:3e:
21:9c:be:21:63:cd:bc:5b:7c:e8:f0:62:ba:03:5f:
d3:6e:f5:2e:50:5c:98:28:87:38:ad:3b:03:d4:af:
9f:ab:5d:fb:93:b0:a6:39:c9:3e:bd:1d:ad:9a:1e:
0b:25:d0:9d:95:2b:2b:d5:7a:da:54:7d:e3:49:79:
ed:30:3c:a7:8c:fc:e6:cb:97:5e:60:f9:7c:f2:2a:
00:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:30:76:B2:E9:BF:43:98:50:FF:F1:30:CE:2E:61:78:32:CE:7F:DA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9888DF80BDB111EFB6CEEE8E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.243.0/24
Signature Algorithm: sha256WithRSAEncryption
05:7f:97:11:20:1c:f5:42:c8:c3:2d:d3:22:37:31:52:a8:9a:
f2:62:e2:2c:f2:d1:64:57:f3:69:06:79:34:80:68:da:b2:88:
69:e6:3b:7f:d9:60:af:25:ed:bb:c3:6b:97:55:86:fb:78:e3:
2e:6e:bb:a4:9b:2e:32:0c:9c:b1:22:4b:62:d0:be:df:94:2b:
e7:10:2c:9f:00:07:f4:51:8b:70:0c:8c:3a:9c:d2:04:60:c1:
82:90:1d:99:de:0c:3d:8a:32:f9:32:c3:48:45:0d:d6:80:12:
47:5b:1e:1d:38:33:ed:41:fa:ba:e6:2c:a7:20:eb:4c:f5:e6:
bb:6b:7b:94:c9:4d:18:93:25:93:4f:b7:26:e3:05:05:6e:7a:
f9:e8:7d:83:09:42:f7:53:df:f6:1a:41:37:4c:21:92:e0:2a:
7b:cf:08:03:dc:1c:e8:bf:d5:5c:e1:9d:7c:f4:5d:8f:90:a9:
60:b4:ae:97:0d:22:ea:0d:2e:54:33:e6:82:f2:2b:9b:7f:e7:
c4:71:87:4a:09:80:e3:e4:3e:df:1a:95:a0:37:a8:44:8d:8c:
77:bd:88:cc:26:93:38:16:ec:e8:6f:13:3e:f0:52:50:ca:73:
af:e0:5e:8f:29:b2:e7:5a:28:7c:fe:35:17:0d:86:a6:96:2f:
cf:e1:f4:9d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOS3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDIzMzEwWhcNMjUxMjEwMDIzMzEwWjAYMRYw
FAYDVQQDEw02NzYzODVlYS00NmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAm7CMk8aU+YaqGAt/LuqlLKXN/YSjxa7A7v/lK3Ymx6yr4/3IBKO2fr1N
Vest+UtWkVjmzq2SrsBmi4B5Zf2DOVnG9Yh8vOEXyY/xligD6kslOr7SDyOP9qPH
6/QzW/VfAWLsNdYtQttw8/XNeD5lbhFCtRfYICzSrFsENnR7ElZH6+8WM4E2vtWf
fKz1r9vgE10bhcFog+Mi8chgfjPcJfJ47hA6aRd4faDJOcNXpQv2+T4hnL4hY828
W3zo8GK6A1/TbvUuUFyYKIc4rTsD1K+fq137k7CmOck+vR2tmh4LJdCdlSsr1Xra
VH3jSXntMDynjPzmy5deYPl88ioA0QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAow
drLpv0OYUP/xMM4uYXgyzn/aMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85ODg4REY4MEJEQjExMUVGQjZDRUVFOEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcbzMA0GCSqGSIb3DQEBCwUA
A4IBAQAFf5cRIBz1QsjDLdMiNzFSqJryYuIs8tFkV/NpBnk0gGjasohp5jt/2WCv
Je27w2uXVYb7eOMubrukmy4yDJyxIkti0L7flCvnECyfAAf0UYtwDIw6nNIEYMGC
kB2Z3gw9ijL5MsNIRQ3WgBJHWx4dODPtQfq65iynIOtM9ea7a3uUyU0YkyWTT7cm
4wUFbnr56H2DCUL3U9/2GkE3TCGS4Cp7zwgD3Bzov9Vc4Z189F2PkKlgtK6XDSLq
DS5UM+aC8iubf+fEcYdKCYDj5D7fGpWgN6hEjYx3vYjMJpM4FuzobxM+8FJQynOv
4F6PKbLnWih8/jUXDYamli/P4fSd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:55 2025 by rpki-client