Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AC18BF84C39211EFADE045BC762E951A.roa
File: AC18BF84C39211EFADE045BC762E951A.roa (raw, json)
Hash identifier: 3XtcTLa8HEdm0gykDT6ou34VvuX4EtvAp0OrmjcD55w=
Subject key identifier: E8:08:D6:82:78:E6:81:42:96:38:0E:45:95:B8:C8:04:8A:4C:C4:2E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECFB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AC18BF84C39211EFADE045BC762E951A.roa
Signing time: Thu 26 Dec 2024 14:06:59 +0000
ROA not before: Thu 26 Dec 2024 14:06:56 +0000
ROA not after: Sun 12 Dec 2027 14:06:56 +0000
asID: 17561
IP address blocks: 45.196.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60667 (0xecfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 14:06:56 2024 GMT
Not After : Dec 12 14:06:56 2027 GMT
Subject: CN=676d6303-eb2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:09:81:e0:37:10:de:4a:31:3a:bb:9d:a6:bb:
c1:53:ed:2e:b4:ee:90:e6:ee:83:92:59:4e:6f:4d:
c1:bf:3d:a4:4b:43:07:9c:ed:e9:7d:69:1d:45:4b:
0d:72:f4:ba:e3:99:01:9c:8e:f2:c2:56:9e:51:63:
a1:6f:ee:01:23:33:ae:a1:0b:39:15:59:9c:7a:35:
07:55:2e:82:4c:9e:09:88:3a:71:2a:c6:31:e9:7b:
5b:d0:45:18:0b:44:4d:81:51:cf:ef:c7:78:5b:80:
22:bd:ab:a8:68:ab:cc:2c:42:74:3a:a2:56:fa:4e:
fb:ab:ae:9f:b6:4b:93:c8:b0:33:bc:81:65:d5:40:
77:13:9b:41:a0:8a:98:08:f9:c3:25:9b:9d:81:91:
19:9e:0f:23:88:61:e5:ba:0b:6f:4b:44:c0:f6:f1:
19:31:a1:de:45:14:9a:bb:4b:0d:1d:ac:17:e9:79:
a0:c0:61:30:6d:d3:85:23:82:74:ba:c3:d5:a4:66:
cd:71:62:51:d2:c6:df:c9:de:f1:cc:05:ba:fa:67:
21:09:84:81:cd:bf:95:0f:25:9d:b5:69:b0:d7:eb:
f5:0d:7e:9e:2e:7b:f3:44:82:4f:b4:f4:5a:0b:5a:
aa:58:d6:2c:59:5e:0e:ba:7a:24:c6:f6:75:a2:89:
23:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:08:D6:82:78:E6:81:42:96:38:0E:45:95:B8:C8:04:8A:4C:C4:2E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AC18BF84C39211EFADE045BC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.239.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:b6:33:91:d6:83:e2:02:7b:74:48:29:16:86:46:bf:67:03:
9f:e7:b7:f9:26:98:be:31:7c:82:2b:e2:96:c9:df:b6:01:b5:
28:35:18:82:3c:07:27:71:78:99:57:90:be:29:46:4f:69:8a:
aa:09:b8:82:8f:9a:08:1b:0a:1c:fa:0f:40:b9:97:28:af:56:
28:3e:f4:ee:cf:7a:db:3b:13:db:92:df:56:28:c4:be:e1:04:
9c:ea:fc:d3:7f:f8:6e:b0:b7:1e:7b:70:23:cb:48:25:70:7d:
a6:fa:ff:40:83:f6:34:9c:98:95:c5:19:b6:26:36:e4:eb:a8:
ef:3b:e0:a5:66:b0:cc:5b:70:df:de:32:d2:ca:6e:12:5d:6a:
f4:d9:e3:bc:ea:77:9c:80:84:c4:21:ed:99:a7:f6:ba:f4:dd:
4d:a5:b4:22:9c:28:f6:60:69:1f:d6:dd:17:0b:b9:22:78:18:
5f:14:26:03:50:2d:eb:d6:04:79:2b:eb:92:da:58:ac:ef:c7:
68:53:45:82:b1:ea:4a:1d:a0:b9:5f:9e:2e:b1:63:3c:67:9c:
0d:38:99:4c:57:39:89:9e:cc:5d:94:c6:48:2b:db:01:23:f3:
bb:bb:e3:da:22:41:30:08:2b:54:ba:c7:1e:da:2d:fc:e4:53:
29:51:c2:a1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOz7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTQwNjU2WhcNMjcxMjEyMTQwNjU2WjAYMRYw
FAYDVQQDEw02NzZkNjMwMy1lYjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0gmB4DcQ3koxOrudprvBU+0utO6Q5u6DkllOb03Bvz2kS0MHnO3pfWkd
RUsNcvS645kBnI7ywlaeUWOhb+4BIzOuoQs5FVmcejUHVS6CTJ4JiDpxKsYx6Xtb
0EUYC0RNgVHP78d4W4AivauoaKvMLEJ0OqJW+k77q66ftkuTyLAzvIFl1UB3E5tB
oIqYCPnDJZudgZEZng8jiGHlugtvS0TA9vEZMaHeRRSau0sNHawX6XmgwGEwbdOF
I4J0usPVpGbNcWJR0sbfyd7xzAW6+mchCYSBzb+VDyWdtWmw1+v1DX6eLnvzRIJP
tPRaC1qqWNYsWV4OunokxvZ1ookjTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOgI
1oJ45oFCljgORZW4yASKTMQuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQzE4QkY4NEMzOTIxMUVGQURFMDQ1QkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTvMA0GCSqGSIb3DQEBCwUA
A4IBAQCitjOR1oPiAnt0SCkWhka/ZwOf57f5Jpi+MXyCK+KWyd+2AbUoNRiCPAcn
cXiZV5C+KUZPaYqqCbiCj5oIGwoc+g9AuZcor1YoPvTuz3rbOxPbkt9WKMS+4QSc
6vzTf/husLcee3Ajy0glcH2m+v9Ag/Y0nJiVxRm2Jjbk66jvO+ClZrDMW3Df3jLS
ym4SXWr02eO86necgITEIe2Zp/a69N1NpbQinCj2YGkf1t0XC7kieBhfFCYDUC3r
1gR5K+uS2lis78doU0WCsepKHaC5X54usWM8Z5wNOJlMVzmJnsxdlMZIK9sBI/O7
u+PaIkEwCCtUusce2i385FMpUcKh
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:46 2025 by rpki-client