Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C3046E8BDAF11EFA6A8CC7E762E951A.roa
File: 9C3046E8BDAF11EFA6A8CC7E762E951A.roa (raw, json)
Hash identifier: ItgOe96QLU7Z8jtf1a1D4ZVrXlq3ZgjFs/mXb3kbnbw=
Subject key identifier: 77:CE:66:B1:DC:67:DE:60:D6:DF:73:41:57:D4:F6:3C:46:DD:16:BF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E49D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C3046E8BDAF11EFA6A8CC7E762E951A.roa
Signing time: Thu 19 Dec 2024 02:19:01 +0000
ROA not before: Thu 19 Dec 2024 02:18:57 +0000
ROA not after: Wed 10 Dec 2025 02:18:57 +0000
asID: 984
IP address blocks: 45.198.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58525 (0xe49d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 02:18:57 2024 GMT
Not After : Dec 10 02:18:57 2025 GMT
Subject: CN=67638295-b296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:70:1a:43:99:dc:09:c8:b1:e5:b0:e8:13:c9:
c1:ac:b3:cb:c1:b5:41:62:a1:cd:7d:8a:e7:92:75:
8c:72:05:7c:ea:e2:a5:61:0d:4c:3d:14:ac:39:9d:
59:15:6d:ab:ed:77:e1:7e:25:94:58:88:17:8b:e2:
c0:a5:e6:c7:c2:97:c3:d7:88:fe:8d:8c:d7:e5:b9:
23:0f:9e:f9:25:0d:32:a1:2f:e8:66:40:f6:e1:c2:
81:d1:4c:2a:38:ba:ec:d9:7f:11:ec:8e:44:58:d6:
ce:d7:4e:e7:e4:5d:30:15:44:46:da:b0:49:5f:50:
69:d5:a2:b1:c2:34:50:bc:7e:09:2b:97:fc:8b:af:
64:59:b2:84:ad:19:cf:ee:c3:ac:b3:d4:fa:b0:c1:
39:f7:07:1a:71:75:75:79:f8:15:0e:22:4c:8f:13:
3d:bc:78:9f:2d:34:7a:f5:74:89:fd:c3:3b:ee:ca:
dd:03:16:f2:cc:63:6b:3c:56:d0:8c:4a:f9:85:06:
e8:15:7d:f0:3e:b2:4d:79:cf:b7:bc:50:89:31:13:
70:cc:23:3b:1f:11:3e:78:e0:00:ab:b5:2c:ea:70:
69:05:74:0b:03:c6:41:84:3e:35:83:70:d6:89:1d:
32:2b:81:b2:70:da:57:1b:be:94:4f:44:6f:1c:2c:
70:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:CE:66:B1:DC:67:DE:60:D6:DF:73:41:57:D4:F6:3C:46:DD:16:BF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C3046E8BDAF11EFA6A8CC7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.230.0/24
Signature Algorithm: sha256WithRSAEncryption
05:81:a7:56:9a:b2:8c:3f:b9:5d:e0:6a:f7:d8:d5:d6:c9:53:
8a:c3:eb:8b:42:cd:60:8e:86:92:2b:4d:61:41:53:69:bd:02:
17:7a:f0:3c:d5:10:a7:98:b4:a5:70:90:45:b7:b1:a7:e6:a7:
1d:78:ce:8d:ea:0a:6a:46:cb:4d:0c:5a:05:90:72:c8:58:0c:
78:c1:03:92:75:84:5c:5d:ac:80:79:3d:59:09:67:d2:e3:11:
2b:e9:16:c7:f5:54:1e:3f:bb:e6:20:f4:0f:df:69:87:e5:14:
54:fe:78:d6:ce:8c:9f:24:55:7b:c6:22:f9:2a:1e:85:f0:65:
42:ec:4f:b0:49:b7:52:b2:92:d4:66:c0:3e:a7:3f:f1:fb:fe:
5f:64:3f:52:09:17:52:3d:ac:b3:75:4a:3d:33:b4:3f:29:33:
23:06:a0:90:dc:5f:65:67:37:87:bd:ae:bb:15:8a:68:4d:79:
c4:d6:e3:91:3a:58:06:fb:9f:0c:4a:95:5f:ee:16:56:0e:9e:
f7:26:15:35:45:81:31:e5:34:42:60:ea:3e:b7:ae:85:d8:12:
b7:ac:ee:7a:21:1e:d4:6e:05:3c:5e:eb:a0:ff:f4:88:03:81:
4b:b0:30:6c:2c:b5:99:f2:ba:ea:e3:5e:bd:be:5b:6d:6c:86:
cf:20:70:1d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOSdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDIxODU3WhcNMjUxMjEwMDIxODU3WjAYMRYw
FAYDVQQDEw02NzYzODI5NS1iMjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2nAaQ5ncCcix5bDoE8nBrLPLwbVBYqHNfYrnknWMcgV86uKlYQ1MPRSs
OZ1ZFW2r7XfhfiWUWIgXi+LApebHwpfD14j+jYzX5bkjD575JQ0yoS/oZkD24cKB
0UwqOLrs2X8R7I5EWNbO107n5F0wFURG2rBJX1Bp1aKxwjRQvH4JK5f8i69kWbKE
rRnP7sOss9T6sME59wcacXV1efgVDiJMjxM9vHifLTR69XSJ/cM77srdAxbyzGNr
PFbQjEr5hQboFX3wPrJNec+3vFCJMRNwzCM7HxE+eOAAq7Us6nBpBXQLA8ZBhD41
g3DWiR0yK4GycNpXG76UT0RvHCxwDQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHfO
ZrHcZ95g1t9zQVfU9jxG3Ra/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QzMwNDZFOEJEQUYxMUVGQTZBOENDN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcbmMA0GCSqGSIb3DQEBCwUA
A4IBAQAFgadWmrKMP7ld4Gr32NXWyVOKw+uLQs1gjoaSK01hQVNpvQIXevA81RCn
mLSlcJBFt7Gn5qcdeM6N6gpqRstNDFoFkHLIWAx4wQOSdYRcXayAeT1ZCWfS4xEr
6RbH9VQeP7vmIPQP32mH5RRU/njWzoyfJFV7xiL5Kh6F8GVC7E+wSbdSspLUZsA+
pz/x+/5fZD9SCRdSPayzdUo9M7Q/KTMjBqCQ3F9lZzeHva67FYpoTXnE1uOROlgG
+58MSpVf7hZWDp73JhU1RYEx5TRCYOo+t66F2BK3rO56IR7UbgU8Xuug//SIA4FL
sDBsLLWZ8rrq4169vlttbIbPIHAd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:33 2025 by rpki-client