Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A5FD62FEC3FA11EF8C87975A762E951A.roa
File: A5FD62FEC3FA11EF8C87975A762E951A.roa (raw, json)
Hash identifier: M1RPuSOCCO4zNwMdRXKdn9+J9EA3uokw7JMhmeu+XgI=
Subject key identifier: 24:82:76:10:EA:07:38:0F:75:61:B6:07:50:26:53:E2:F2:30:AB:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF9C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A5FD62FEC3FA11EF8C87975A762E951A.roa
Signing time: Fri 27 Dec 2024 02:31:17 +0000
ROA not before: Fri 27 Dec 2024 02:31:13 +0000
ROA not after: Fri 12 Dec 2025 02:31:13 +0000
asID: 984
IP address blocks: 45.194.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61340 (0xef9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 02:31:13 2024 GMT
Not After : Dec 12 02:31:13 2025 GMT
Subject: CN=676e1174-8e29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7a:c2:b7:76:0a:d8:71:07:80:f0:da:08:8a:
7d:ac:32:0f:84:e3:38:d0:a4:ef:02:ed:33:e9:fd:
ce:49:8d:c8:2a:6c:82:cc:61:2c:9c:80:50:3a:aa:
38:d7:5c:80:d5:cd:26:ed:b7:5d:df:00:d2:72:88:
4e:e9:1d:32:03:63:42:e0:52:ab:ec:b1:2c:73:7c:
87:a2:b1:73:26:ca:8d:48:f1:c5:7d:d3:8c:9b:ee:
c8:8d:d4:f4:1b:9f:48:fe:b0:bc:5e:83:97:a2:fc:
a2:b1:d1:cf:eb:a9:22:2c:d0:a3:9e:1b:f8:1b:77:
7b:d0:d3:8c:16:9f:3a:78:d1:43:6c:57:b4:55:9c:
6c:4e:54:f8:82:9e:8a:c5:82:77:ae:03:b3:69:7f:
83:c5:02:e1:be:1b:ce:ee:9d:87:da:28:96:7a:43:
78:29:72:10:d6:b9:35:4f:40:95:1a:99:b0:fd:28:
4b:40:b4:69:3f:5f:23:1b:83:55:c9:a1:17:d8:46:
28:b7:0b:c7:19:d0:60:39:37:d0:ac:6d:2c:59:6a:
f1:d1:5f:f8:2d:94:d1:20:41:2c:4f:8b:92:60:93:
4a:29:b8:13:3f:79:d2:93:a8:cd:2b:1f:44:7a:ea:
d6:c6:28:8b:1f:0c:c4:8c:f3:98:04:56:15:be:80:
7e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:82:76:10:EA:07:38:0F:75:61:B6:07:50:26:53:E2:F2:30:AB:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A5FD62FEC3FA11EF8C87975A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.122.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:66:61:09:6a:12:4f:a3:76:75:54:34:5a:7d:45:96:43:11:
2f:27:ee:cd:f7:25:1c:83:45:73:44:ca:a8:8f:11:09:33:7d:
ac:3a:70:08:ca:a5:ac:d7:89:71:a6:ac:7d:ca:64:55:66:81:
b9:4d:cd:d9:7c:1b:ef:68:f3:d8:03:b2:12:89:bf:7b:4c:4d:
ef:65:24:cc:6c:fa:a8:0c:e5:01:3f:77:e1:97:86:62:14:e0:
55:b3:7b:df:26:06:4b:c7:6b:2c:3c:87:10:19:f1:65:66:9e:
b6:cd:f4:8a:6a:34:38:4f:78:fc:a1:85:01:c8:b6:b2:d9:3b:
c4:a7:8a:8f:83:eb:a3:08:41:d3:b2:ad:91:d7:97:d8:e9:90:
8b:74:28:49:b1:22:e8:93:87:81:aa:62:99:d5:91:7b:fe:2b:
a7:06:e9:ad:10:8f:88:ea:17:42:ea:41:9f:94:69:f9:15:26:
95:cf:45:7f:4e:5f:8d:c1:0f:68:d2:34:61:b0:c0:4a:1c:b5:
f9:0f:ad:c4:d8:e5:0f:1b:d7:3b:7f:c8:05:88:5d:e2:3d:61:
17:31:8c:3f:e4:0a:1a:5d:a3:a5:f8:8b:12:09:19:00:fa:5d:
37:3c:f9:c8:b3:72:6d:0e:dd:e9:6e:c1:97:ec:fd:67:3e:d5:
00:ea:3d:bd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO+cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDIzMTEzWhcNMjUxMjEyMDIzMTEzWjAYMRYw
FAYDVQQDEw02NzZlMTE3NC04ZTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx3rCt3YK2HEHgPDaCIp9rDIPhOM40KTvAu0z6f3OSY3IKmyCzGEsnIBQ
Oqo411yA1c0m7bdd3wDScohO6R0yA2NC4FKr7LEsc3yHorFzJsqNSPHFfdOMm+7I
jdT0G59I/rC8XoOXovyisdHP66kiLNCjnhv4G3d70NOMFp86eNFDbFe0VZxsTlT4
gp6KxYJ3rgOzaX+DxQLhvhvO7p2H2iiWekN4KXIQ1rk1T0CVGpmw/ShLQLRpP18j
G4NVyaEX2EYotwvHGdBgOTfQrG0sWWrx0V/4LZTRIEEsT4uSYJNKKbgTP3nSk6jN
Kx9EeurWxiiLHwzEjPOYBFYVvoB+twIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCSC
dhDqBzgPdWG2B1AmU+LyMKuyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNUZENjJGRUMzRkExMUVGOEM4Nzk3NUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcJ6MA0GCSqGSIb3DQEBCwUA
A4IBAQCtZmEJahJPo3Z1VDRafUWWQxEvJ+7N9yUcg0VzRMqojxEJM32sOnAIyqWs
14lxpqx9ymRVZoG5Tc3ZfBvvaPPYA7ISib97TE3vZSTMbPqoDOUBP3fhl4ZiFOBV
s3vfJgZLx2ssPIcQGfFlZp62zfSKajQ4T3j8oYUByLay2TvEp4qPg+ujCEHTsq2R
15fY6ZCLdChJsSLok4eBqmKZ1ZF7/iunBumtEI+I6hdC6kGflGn5FSaVz0V/Tl+N
wQ9o0jRhsMBKHLX5D63E2OUPG9c7f8gFiF3iPWEXMYw/5AoaXaOl+IsSCRkA+l03
PPnIs3JtDt3pbsGX7P1nPtUA6j29
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:42 2025 by rpki-client