Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9402400C38811EFBAE3CC7E762E951A.roa
File: A9402400C38811EFBAE3CC7E762E951A.roa (raw, json)
Hash identifier: PhZ0Y08p3AQWNLEEGS16dTQFwPCzo/ooHR5lM34PdPU=
Subject key identifier: B0:A6:6F:8E:AC:E6:84:54:D2:E8:F3:F3:C7:C2:C9:5B:37:B9:F7:59
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC8F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9402400C38811EFBAE3CC7E762E951A.roa
Signing time: Thu 26 Dec 2024 12:55:19 +0000
ROA not before: Thu 26 Dec 2024 12:55:16 +0000
ROA not after: Sun 12 Dec 2027 12:55:16 +0000
asID: 17561
IP address blocks: 45.196.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60559 (0xec8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 12:55:16 2024 GMT
Not After : Dec 12 12:55:16 2027 GMT
Subject: CN=676d5237-fdcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d2:40:00:f7:50:bd:16:9c:30:66:8d:6e:1f:
26:7e:34:cd:27:6e:6d:8a:9d:aa:de:4c:76:2a:25:
b8:74:a3:6c:52:13:2a:3a:80:87:11:c3:3b:93:76:
59:50:0f:24:b1:85:64:05:ef:95:fe:68:13:2a:c4:
6b:b3:a8:36:04:51:df:cb:89:9a:23:26:9f:24:37:
cf:27:cb:49:3f:79:5c:fb:d4:6d:94:64:31:0d:0b:
ea:1e:ca:4b:2e:c2:e4:d6:46:26:fb:29:49:1e:c2:
61:fa:46:a8:db:ee:ad:18:80:12:f5:df:5e:e5:e0:
4f:01:a4:5e:c6:c0:b1:30:d6:8a:27:cc:58:dd:99:
86:5e:87:4d:12:fe:04:f9:bf:fb:fa:57:32:1a:3a:
ec:16:81:f4:1a:8c:b2:58:0f:ec:06:7a:37:e9:0d:
48:88:1e:d5:d9:72:3d:fb:78:40:e8:a9:73:48:71:
82:7e:91:fe:08:4d:d8:eb:5f:fe:06:20:75:cf:83:
57:4c:6c:e8:b4:16:d3:08:72:c6:7e:ad:9d:9b:e5:
3e:76:58:2a:59:08:c1:76:0d:74:18:17:78:71:12:
74:19:20:51:b1:93:94:75:4b:d4:d3:16:22:88:4d:
6e:cc:0c:fc:ef:a8:52:a9:9d:bb:01:2c:0a:c9:ef:
02:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A6:6F:8E:AC:E6:84:54:D2:E8:F3:F3:C7:C2:C9:5B:37:B9:F7:59
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9402400C38811EFBAE3CC7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.153.0/24
Signature Algorithm: sha256WithRSAEncryption
67:0c:ca:3a:60:a8:1a:47:02:39:26:d9:86:0e:f0:3a:b0:68:
49:d2:7d:ef:ca:ed:f1:3e:fd:0c:66:63:d2:d1:b7:b0:08:fb:
f2:8e:e0:09:b1:d2:fb:7a:65:7e:bc:bc:11:c5:4a:15:49:27:
d1:5c:28:6d:77:95:dd:c9:35:a1:9f:d2:cd:c9:d2:c3:bd:6a:
b7:72:34:25:64:d9:c2:73:b4:7c:7b:73:73:81:36:b8:1f:78:
4b:bf:76:82:83:4e:89:f8:61:09:47:4d:af:37:63:2e:98:46:
2c:87:37:82:4b:18:20:cf:da:fd:ce:33:7c:fc:7a:80:0b:ee:
e3:d5:fa:1f:e9:53:04:7c:25:a1:af:b0:bd:d3:74:a6:fc:6d:
be:bd:56:1b:9a:15:5e:e8:bf:6b:86:46:5e:6e:09:36:0b:bb:
5f:a8:d7:37:d3:5c:f2:ec:92:bb:de:a0:80:cc:23:57:27:32:
44:03:00:3d:f3:f3:25:1c:2e:9f:4d:25:e8:77:b2:c7:35:6f:
7d:a3:ff:79:f6:38:bb:cf:65:1b:8d:6b:a2:17:3f:cd:0c:c1:
f2:1d:16:b4:cb:4e:77:12:e3:50:2b:c7:ae:fd:a8:d1:ae:dc:
14:e2:3f:0a:9e:d0:b8:93:20:29:d9:5e:1e:46:4e:63:d5:85:
e1:c3:8d:27
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOyPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTI1NTE2WhcNMjcxMjEyMTI1NTE2WjAYMRYw
FAYDVQQDEw02NzZkNTIzNy1mZGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvdJAAPdQvRacMGaNbh8mfjTNJ25tip2q3kx2KiW4dKNsUhMqOoCHEcM7
k3ZZUA8ksYVkBe+V/mgTKsRrs6g2BFHfy4maIyafJDfPJ8tJP3lc+9RtlGQxDQvq
HspLLsLk1kYm+ylJHsJh+kao2+6tGIAS9d9e5eBPAaRexsCxMNaKJ8xY3ZmGXodN
Ev4E+b/7+lcyGjrsFoH0GoyyWA/sBno36Q1IiB7V2XI9+3hA6KlzSHGCfpH+CE3Y
61/+BiB1z4NXTGzotBbTCHLGfq2dm+U+dlgqWQjBdg10GBd4cRJ0GSBRsZOUdUvU
0xYiiE1uzAz876hSqZ27ASwKye8CCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLCm
b46s5oRU0ujz88fCyVs3ufdZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOTQwMjQwMEMzODgxMUVGQkFFM0NDN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcSZMA0GCSqGSIb3DQEBCwUA
A4IBAQBnDMo6YKgaRwI5JtmGDvA6sGhJ0n3vyu3xPv0MZmPS0bewCPvyjuAJsdL7
emV+vLwRxUoVSSfRXChtd5XdyTWhn9LNydLDvWq3cjQlZNnCc7R8e3NzgTa4H3hL
v3aCg06J+GEJR02vN2MumEYshzeCSxggz9r9zjN8/HqAC+7j1fof6VMEfCWhr7C9
03Sm/G2+vVYbmhVe6L9rhkZebgk2C7tfqNc301zy7JK73qCAzCNXJzJEAwA98/Ml
HC6fTSXod7LHNW99o/959ji7z2UbjWuiFz/NDMHyHRa0y053EuNQK8eu/ajRrtwU
4j8KntC4kyAp2V4eRk5j1YXhw40n
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:10 2025 by rpki-client