Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D5C30CCC3BD11EFB81B704B762E951A.roa
File: 9D5C30CCC3BD11EFB81B704B762E951A.roa (raw, json)
Hash identifier: OyOgJLmMvG9xb1ZMVDeFdExXhQNwKLlDDKTpzT20IiE=
Subject key identifier: 4E:A2:0C:FC:31:C1:2F:32:72:52:A4:D2:A3:2E:FB:60:E8:6E:92:86
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EEC3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D5C30CCC3BD11EFB81B704B762E951A.roa
Signing time: Thu 26 Dec 2024 19:14:23 +0000
ROA not before: Thu 26 Dec 2024 19:14:19 +0000
ROA not after: Fri 12 Dec 2025 19:14:19 +0000
asID: 984
IP address blocks: 45.207.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61123 (0xeec3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 19:14:19 2024 GMT
Not After : Dec 12 19:14:19 2025 GMT
Subject: CN=676dab0f-a1b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b4:8a:e4:a0:e3:43:bf:13:57:fe:a4:58:17:
e4:8b:ec:a5:1a:6c:74:dd:46:e7:e4:30:3d:30:f7:
66:a4:d2:2f:9e:11:bf:1b:18:f9:db:57:f8:6b:e3:
a4:d4:06:14:cd:27:7d:1c:9e:27:17:48:72:45:40:
51:04:b5:67:14:e9:14:f5:a0:eb:38:26:3c:9e:27:
95:8e:0d:08:9b:74:1e:4d:23:2e:d4:bf:8c:50:5a:
54:d6:10:41:41:c7:c7:24:33:f2:18:ba:c4:7e:11:
1c:dd:bd:7c:01:01:56:9a:39:f3:21:12:72:bb:b4:
31:3f:e8:9d:81:02:d8:43:11:a2:ad:de:d7:dd:62:
88:b4:e1:10:f1:90:97:e7:1b:f3:57:bf:99:37:35:
a5:2e:d9:cb:01:74:49:6e:7e:99:30:b4:2d:7b:49:
b5:08:6b:bf:56:a8:fd:1a:24:e9:70:fa:f1:cb:40:
9e:19:86:0d:43:ee:ce:d0:a9:6f:3e:90:88:bd:32:
43:6c:dd:03:64:15:c4:63:38:fd:82:ac:31:23:df:
c2:b5:4b:62:59:63:5d:b0:e7:d1:4c:7c:71:5e:e0:
6a:a6:1a:6a:0c:14:e9:e8:2b:89:0e:fe:15:3d:f9:
2a:5f:47:ae:9c:7c:21:9b:2b:9d:89:d3:86:e2:72:
6a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A2:0C:FC:31:C1:2F:32:72:52:A4:D2:A3:2E:FB:60:E8:6E:92:86
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D5C30CCC3BD11EFB81B704B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.162.0/24
Signature Algorithm: sha256WithRSAEncryption
23:e7:0b:3c:c6:b8:64:97:fc:87:e5:50:1f:33:89:c0:33:02:
e8:d0:cc:97:8c:93:b6:81:d5:df:29:d0:cb:7a:cf:65:16:0a:
99:b5:2e:6b:b6:c4:99:c3:8c:89:c0:a1:11:f4:cf:77:66:16:
6a:1b:a8:da:aa:44:11:87:5d:01:80:59:d3:71:bf:08:66:02:
0d:46:00:90:f4:80:07:2e:dc:0b:b6:03:52:48:9e:4c:bb:98:
9f:30:08:32:86:0c:db:7f:6d:8b:37:c5:2c:dd:fd:fc:6e:bf:
11:cf:2e:d1:f8:dc:64:54:4d:ab:9d:d9:75:c8:75:78:87:0d:
dd:88:0f:e4:a4:40:13:b3:59:55:3a:b9:35:19:7d:0f:ff:8c:
2f:db:f4:d5:22:9f:d0:6a:bb:c2:fe:6a:33:64:ea:69:5d:ea:
65:ad:67:f0:6c:6f:cb:ff:43:99:e2:4e:9c:be:0d:66:b3:37:
74:e1:bf:a8:cc:8d:86:e3:32:c5:65:c2:cb:e2:c7:a6:66:f8:
1d:94:c7:1d:dd:3d:d3:e2:9c:aa:74:0c:68:9c:85:9c:5f:6c:
fe:6c:06:82:a7:7a:d8:d6:c5:ab:e1:2c:dd:4e:0a:c5:4f:a9:
b6:8d:83:4b:d1:9f:6d:7d:85:fc:ac:41:d9:49:5f:b8:10:34:
1a:85:b3:06
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO7DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTkxNDE5WhcNMjUxMjEyMTkxNDE5WjAYMRYw
FAYDVQQDEw02NzZkYWIwZi1hMWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7rSK5KDjQ78TV/6kWBfki+ylGmx03Ubn5DA9MPdmpNIvnhG/Gxj521f4
a+Ok1AYUzSd9HJ4nF0hyRUBRBLVnFOkU9aDrOCY8nieVjg0Im3QeTSMu1L+MUFpU
1hBBQcfHJDPyGLrEfhEc3b18AQFWmjnzIRJyu7QxP+idgQLYQxGird7X3WKItOEQ
8ZCX5xvzV7+ZNzWlLtnLAXRJbn6ZMLQte0m1CGu/Vqj9GiTpcPrxy0CeGYYNQ+7O
0KlvPpCIvTJDbN0DZBXEYzj9gqwxI9/CtUtiWWNdsOfRTHxxXuBqphpqDBTp6CuJ
Dv4VPfkqX0eunHwhmyudidOG4nJqFQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE6i
DPwxwS8yclKk0qMu+2DobpKGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RDVDMzBDQ0MzQkQxMUVGQjgxQjcwNEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+iMA0GCSqGSIb3DQEBCwUA
A4IBAQAj5ws8xrhkl/yH5VAfM4nAMwLo0MyXjJO2gdXfKdDLes9lFgqZtS5rtsSZ
w4yJwKER9M93ZhZqG6jaqkQRh10BgFnTcb8IZgINRgCQ9IAHLtwLtgNSSJ5Mu5if
MAgyhgzbf22LN8Us3f38br8Rzy7R+NxkVE2rndl1yHV4hw3diA/kpEATs1lVOrk1
GX0P/4wv2/TVIp/QarvC/mozZOppXeplrWfwbG/L/0OZ4k6cvg1mszd04b+ozI2G
4zLFZcLL4semZvgdlMcd3T3T4pyqdAxonIWcX2z+bAaCp3rY1sWr4SzdTgrFT6m2
jYNL0Z9tfYX8rEHZSV+4EDQahbMG
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:01 2025 by rpki-client