Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A974F442C3FF11EF8C8E0D7E762E951A.roa
File: A974F442C3FF11EF8C8E0D7E762E951A.roa (raw, json)
Hash identifier: 6uFUMmrMFWBw4muI/ZgzVZgq6cyBFHJCmEAdVegV/To=
Subject key identifier: B4:88:79:10:C7:1D:CA:18:29:82:6F:20:25:A1:98:9D:6B:D3:6E:44
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EFC8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A974F442C3FF11EF8C8E0D7E762E951A.roa
Signing time: Fri 27 Dec 2024 03:07:10 +0000
ROA not before: Fri 27 Dec 2024 03:07:06 +0000
ROA not after: Fri 12 Dec 2025 03:07:06 +0000
asID: 984
IP address blocks: 45.195.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61384 (0xefc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 03:07:06 2024 GMT
Not After : Dec 12 03:07:06 2025 GMT
Subject: CN=676e19de-cab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2c:46:f7:19:fb:4d:00:2c:6f:d2:8f:58:ff:
1b:30:6e:4b:3a:ab:04:ec:3c:6e:11:9e:bb:65:4f:
e0:12:2d:4f:b9:7c:ca:92:b7:08:3f:b8:b3:00:01:
d3:11:8c:3f:56:df:85:8b:9c:48:77:c5:ec:a1:a0:
1e:5b:60:10:3f:37:73:8f:18:cc:e4:8e:b2:4c:46:
64:33:d7:dd:b7:76:bf:b1:2d:ce:0e:d4:41:88:3a:
87:13:ac:e3:49:18:3b:e2:a1:18:04:f0:c9:d5:00:
ba:78:29:61:7c:d2:6d:47:83:cc:98:6f:f1:28:5e:
14:20:69:4a:0f:5f:ec:22:68:77:82:9a:da:88:b2:
cd:d0:3e:ea:df:56:46:03:2a:8f:11:7d:98:18:68:
95:86:8a:f2:1a:7e:54:7a:b7:74:75:da:df:b8:0a:
af:7c:1b:28:0f:4f:cb:f1:43:d7:b3:9d:95:f2:df:
db:56:4a:d5:61:80:13:1a:e0:10:9f:50:ea:9d:04:
3b:95:c3:97:bd:eb:a6:44:f2:4c:95:ba:9e:ef:3c:
c0:9f:45:da:e4:a0:ff:50:95:69:b3:50:b7:49:fe:
44:d6:37:c3:60:ec:38:4a:a9:b8:18:22:29:45:aa:
bf:2b:b2:50:24:51:60:5a:7b:e7:24:67:07:a9:17:
90:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:88:79:10:C7:1D:CA:18:29:82:6F:20:25:A1:98:9D:6B:D3:6E:44
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A974F442C3FF11EF8C8E0D7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.89.0/24
Signature Algorithm: sha256WithRSAEncryption
10:28:c9:1a:24:bc:c6:59:e4:11:81:d9:79:c3:86:5b:a3:4b:
04:37:8b:78:db:fe:c1:7f:44:92:f0:40:ed:53:33:9a:dc:a7:
9d:31:8b:d0:72:5d:a3:96:f3:6c:ce:88:83:32:3d:40:0f:0b:
03:b4:79:b3:e1:0f:06:fd:c0:9f:e7:e2:e6:35:bf:a5:eb:08:
87:31:4f:b2:0e:cf:e8:fb:62:c4:41:05:0f:04:e2:92:da:d2:
f5:da:a4:10:00:12:d1:c0:96:a3:1c:dc:f9:4b:be:a3:fd:02:
d1:a7:b9:56:3b:5b:7c:5c:d1:5c:6b:e7:72:9c:5c:c5:5b:dc:
7c:ec:df:8e:87:55:dc:b1:c1:f6:1e:6f:ef:4f:66:a6:f6:f8:
bc:82:ba:6d:63:3d:2c:1e:0c:45:f9:6c:89:f9:38:b7:33:ad:
58:76:8f:a2:4b:09:6b:e2:34:a0:ea:ba:d2:5f:e6:f0:ae:1b:
3c:a5:82:8e:93:72:08:0e:bc:4c:7e:7b:dc:10:bf:33:60:8b:
52:20:18:da:0e:7f:d6:e3:8e:64:a6:d4:97:c2:c8:1a:7a:8d:
d9:f5:af:eb:4c:0c:76:38:81:42:f1:e2:b2:29:d6:f6:da:a9:
f8:37:56:3c:07:82:cf:d6:b3:0b:22:32:98:07:c7:62:a3:5e:
fa:1f:17:12
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO/IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDMwNzA2WhcNMjUxMjEyMDMwNzA2WjAYMRYw
FAYDVQQDEw02NzZlMTlkZS1jYWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1CxG9xn7TQAsb9KPWP8bMG5LOqsE7DxuEZ67ZU/gEi1PuXzKkrcIP7iz
AAHTEYw/Vt+Fi5xId8XsoaAeW2AQPzdzjxjM5I6yTEZkM9fdt3a/sS3ODtRBiDqH
E6zjSRg74qEYBPDJ1QC6eClhfNJtR4PMmG/xKF4UIGlKD1/sImh3gpraiLLN0D7q
31ZGAyqPEX2YGGiVhoryGn5Uerd0ddrfuAqvfBsoD0/L8UPXs52V8t/bVkrVYYAT
GuAQn1DqnQQ7lcOXveumRPJMlbqe7zzAn0Xa5KD/UJVps1C3Sf5E1jfDYOw4Sqm4
GCIpRaq/K7JQJFFgWnvnJGcHqReQDQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLSI
eRDHHcoYKYJvICWhmJ1r025EMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOTc0RjQ0MkMzRkYxMUVGOEM4RTBEN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcNZMA0GCSqGSIb3DQEBCwUA
A4IBAQAQKMkaJLzGWeQRgdl5w4Zbo0sEN4t42/7Bf0SS8EDtUzOa3KedMYvQcl2j
lvNszoiDMj1ADwsDtHmz4Q8G/cCf5+LmNb+l6wiHMU+yDs/o+2LEQQUPBOKS2tL1
2qQQABLRwJajHNz5S76j/QLRp7lWO1t8XNFca+dynFzFW9x87N+Oh1XcscH2Hm/v
T2am9vi8grptYz0sHgxF+WyJ+Ti3M61Ydo+iSwlr4jSg6rrSX+bwrhs8pYKOk3II
DrxMfnvcEL8zYItSIBjaDn/W445kptSXwsgaeo3Z9a/rTAx2OIFC8eKyKdb22qn4
N1Y8B4LP1rMLIjKYB8dio176HxcS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:35 2025 by rpki-client