Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9DFC9008C3F911EF8BCAE152762E951A.roa
File: 9DFC9008C3F911EF8BCAE152762E951A.roa (raw, json)
Hash identifier: Vjpxz3trkcNazomBCG9X1Ppk8RH+7e/sZ2rdeOIb7yg=
Subject key identifier: D0:FA:29:EF:2E:70:4C:E0:B8:D4:2F:A3:13:C4:9E:C1:0C:DF:EB:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF92
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9DFC9008C3F911EF8BCAE152762E951A.roa
Signing time: Fri 27 Dec 2024 02:23:54 +0000
ROA not before: Fri 27 Dec 2024 02:23:50 +0000
ROA not after: Fri 12 Dec 2025 02:23:50 +0000
asID: 984
IP address blocks: 45.194.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61330 (0xef92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 02:23:50 2024 GMT
Not After : Dec 12 02:23:50 2025 GMT
Subject: CN=676e0fba-9a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f3:d5:6e:02:78:73:4e:a4:00:2b:b5:4a:b8:
df:24:ac:9f:52:08:e1:1a:f9:22:0e:18:80:14:d7:
d7:14:83:30:7b:9d:87:ce:4c:bc:c5:1b:3c:f4:f1:
7d:e5:62:b7:ff:67:2b:28:7d:79:3a:13:d9:72:77:
11:5a:4c:f6:a7:d9:87:42:e5:0f:2f:1d:62:cf:0a:
93:75:08:a5:47:f4:1e:15:c5:f1:13:25:aa:ca:77:
82:00:7d:4c:51:0f:73:ab:62:89:73:fb:93:6d:30:
06:ca:39:cc:9e:70:f8:54:99:b3:d1:55:8f:cb:11:
dd:39:04:ae:81:c6:14:e3:50:10:25:03:52:2a:f3:
67:ff:a3:b7:c0:8a:9d:9f:bc:92:28:ca:8f:c1:b0:
f1:43:29:54:c0:71:eb:d0:7b:f6:7b:6c:3b:99:cd:
1f:ff:b3:c4:32:85:4a:9b:86:22:33:ef:b6:eb:66:
e3:a6:e7:99:d5:ff:0f:04:10:5e:96:05:01:5a:0f:
b1:97:9b:34:69:02:cc:02:36:48:30:4d:28:91:83:
1e:a2:c2:ec:91:bc:c0:8c:8d:cd:19:2b:c2:3b:53:
f9:48:3b:4e:04:d3:fd:8b:60:c1:e7:39:92:79:b6:
6d:14:19:3f:fa:d2:eb:da:f0:19:cd:3d:2e:c1:6f:
ac:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:FA:29:EF:2E:70:4C:E0:B8:D4:2F:A3:13:C4:9E:C1:0C:DF:EB:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9DFC9008C3F911EF8BCAE152762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.91.0/24
Signature Algorithm: sha256WithRSAEncryption
96:fc:8b:ca:1b:3d:92:b6:38:b6:3c:05:3a:37:94:26:e3:30:
95:c2:62:0d:f5:47:1f:61:74:4d:94:09:53:43:43:db:72:44:
a2:c0:9d:86:b5:47:e5:d7:95:aa:13:d3:fc:8c:66:23:b2:b3:
72:7a:87:2b:b6:c3:ad:05:f0:e2:30:96:0b:d8:96:2f:7a:ad:
f2:e9:c3:fa:a7:b3:11:39:4d:6f:1a:a2:2a:1b:0a:c9:4e:45:
dc:bb:79:a3:e3:54:46:b9:3b:ee:c2:ae:9f:c2:c2:e5:36:c1:
a9:21:69:c6:86:00:13:20:08:7b:aa:b4:94:06:a3:0d:f5:1f:
78:d4:82:b3:9c:79:4a:bb:fe:c6:14:f8:3c:ef:11:81:f8:bb:
98:62:91:bd:63:72:03:80:4f:b2:9c:29:05:db:8c:e3:97:3e:
d1:a9:ea:49:5b:bf:08:d5:5f:1d:6b:39:3c:68:71:b7:f7:58:
b2:f7:ce:ac:64:8f:00:6d:b0:09:fc:16:4d:04:b6:f9:71:9f:
09:05:2f:12:91:25:2c:b5:ec:68:89:41:5b:64:64:90:63:ec:
89:cc:98:a5:34:58:bc:49:c1:bd:66:04:f5:a7:5b:eb:18:09:
96:ac:b8:c0:df:1f:84:a1:cb:b3:da:67:a6:3a:b8:03:0c:33:
4c:db:c5:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO+SMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDIyMzUwWhcNMjUxMjEyMDIyMzUwWjAYMRYw
FAYDVQQDEw02NzZlMGZiYS05YTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr/PVbgJ4c06kACu1SrjfJKyfUgjhGvkiDhiAFNfXFIMwe52Hzky8xRs8
9PF95WK3/2crKH15OhPZcncRWkz2p9mHQuUPLx1izwqTdQilR/QeFcXxEyWqyneC
AH1MUQ9zq2KJc/uTbTAGyjnMnnD4VJmz0VWPyxHdOQSugcYU41AQJQNSKvNn/6O3
wIqdn7ySKMqPwbDxQylUwHHr0Hv2e2w7mc0f/7PEMoVKm4YiM++262bjpueZ1f8P
BBBelgUBWg+xl5s0aQLMAjZIME0okYMeosLskbzAjI3NGSvCO1P5SDtOBNP9i2DB
5zmSebZtFBk/+tLr2vAZzT0uwW+sMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFND6
Ke8ucEzguNQvoxPEnsEM3+sUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85REZDOTAwOEMzRjkxMUVGOEJDQUUxNTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcJbMA0GCSqGSIb3DQEBCwUA
A4IBAQCW/IvKGz2Stji2PAU6N5Qm4zCVwmIN9UcfYXRNlAlTQ0PbckSiwJ2GtUfl
15WqE9P8jGYjsrNyeocrtsOtBfDiMJYL2JYveq3y6cP6p7MROU1vGqIqGwrJTkXc
u3mj41RGuTvuwq6fwsLlNsGpIWnGhgATIAh7qrSUBqMN9R941IKznHlKu/7GFPg8
7xGB+LuYYpG9Y3IDgE+ynCkF24zjlz7RqepJW78I1V8dazk8aHG391iy986sZI8A
bbAJ/BZNBLb5cZ8JBS8SkSUstexoiUFbZGSQY+yJzJilNFi8ScG9ZgT1p1vrGAmW
rLjA3x+Eocuz2memOrgDDDNM28U0
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:16 2025 by rpki-client