Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA0C650EC38E11EFA60B44A3762E951A.roa
File: BA0C650EC38E11EFA60B44A3762E951A.roa (raw, json)
Hash identifier: C/YQADwvofsoWFhZgzi08q8ksmKJy82T5YkTMJqHCsA=
Subject key identifier: AD:B2:80:24:B2:BA:69:16:CD:1F:FF:49:08:E7:16:A0:9E:5A:C8:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECD1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA0C650EC38E11EFA60B44A3762E951A.roa
Signing time: Thu 26 Dec 2024 13:38:45 +0000
ROA not before: Thu 26 Dec 2024 13:38:41 +0000
ROA not after: Sun 12 Dec 2027 13:38:41 +0000
asID: 17561
IP address blocks: 45.196.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60625 (0xecd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 13:38:41 2024 GMT
Not After : Dec 12 13:38:41 2027 GMT
Subject: CN=676d5c64-cd4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d2:cb:a2:49:62:4f:ea:b1:95:c5:c5:c8:0f:
d1:17:ce:27:b2:20:da:67:b6:21:eb:de:04:d0:85:
39:2a:d3:43:de:32:af:5f:0c:62:75:46:3d:c2:7b:
74:7e:ea:92:f0:72:23:4f:ee:6f:1d:0f:07:b8:f1:
39:83:a9:db:4e:0d:c7:ad:f6:f0:57:54:bf:85:15:
dd:d8:f5:39:e5:1c:03:2e:28:79:50:cb:8f:4c:eb:
38:89:b4:d9:e0:07:7b:48:bb:38:db:39:b5:53:66:
9d:ed:17:9a:94:a8:76:e0:01:76:e5:cc:fa:2d:72:
97:42:fe:9e:e0:e8:49:ef:c0:54:8b:1f:0d:b0:a0:
5e:6e:51:b8:ba:cf:84:31:7b:6a:08:42:65:6c:f8:
f1:7d:60:eb:9c:3f:c2:53:50:0e:86:cb:b9:18:c0:
43:34:1d:a2:e5:64:03:1f:bc:f3:cd:a4:b0:75:93:
39:00:25:1b:09:62:f0:48:c5:76:1a:a0:2c:4a:a9:
db:1e:d4:35:10:92:0a:d6:32:87:38:d1:25:46:a1:
d0:e8:17:f3:3e:d5:44:63:4f:b0:a1:b5:6a:e2:4c:
33:c4:57:5a:bb:90:d5:d0:6b:a8:2c:2e:43:99:08:
5e:69:5a:51:e3:83:53:e8:ad:c0:6f:c7:13:42:ce:
b1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B2:80:24:B2:BA:69:16:CD:1F:FF:49:08:E7:16:A0:9E:5A:C8:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA0C650EC38E11EFA60B44A3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.218.0/24
Signature Algorithm: sha256WithRSAEncryption
61:8c:a9:94:53:fe:81:32:0d:9c:ab:ff:92:e2:89:c9:af:df:
5d:d4:87:d3:7c:aa:45:04:04:4e:35:6a:0e:42:a7:b9:bb:b6:
d4:3c:a8:51:17:de:d4:f7:01:93:15:69:5f:4a:ff:88:cd:76:
39:9a:17:31:c4:87:09:35:6e:fe:f8:4f:5f:d1:f5:cd:d5:45:
34:7c:9d:70:ae:f7:a9:74:63:28:f9:0d:c6:64:e0:f9:3f:b3:
b1:22:26:c8:47:25:85:e3:be:24:11:b1:f3:ba:35:db:86:51:
29:f4:47:72:43:9f:ea:0f:7b:5f:4d:d8:b1:ee:25:0b:ef:c6:
1f:56:7d:56:b4:88:e4:12:19:04:2a:29:4f:cb:d0:d5:82:d3:
c1:42:03:e0:a9:ac:a3:63:6b:76:88:24:00:30:a4:01:92:ec:
5d:c8:65:94:86:e2:fc:16:48:f3:44:14:66:d5:4a:a6:d3:07:
c6:9f:39:97:47:8b:d8:10:90:a5:83:76:df:0b:6c:c5:28:a9:
db:6c:e2:0e:2b:dc:ec:f9:5d:d3:0b:e8:e8:f0:a3:5d:6e:0c:
ed:77:29:9e:ae:83:08:56:9b:30:ac:4a:e6:59:54:4e:c1:f3:
d1:16:32:27:7e:fd:57:c7:4e:8b:c8:12:da:a8:21:cc:aa:09:
09:33:be:29
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOzRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTMzODQxWhcNMjcxMjEyMTMzODQxWjAYMRYw
FAYDVQQDEw02NzZkNWM2NC1jZDRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwdLLokliT+qxlcXFyA/RF84nsiDaZ7Yh694E0IU5KtND3jKvXwxidUY9
wnt0fuqS8HIjT+5vHQ8HuPE5g6nbTg3HrfbwV1S/hRXd2PU55RwDLih5UMuPTOs4
ibTZ4Ad7SLs42zm1U2ad7RealKh24AF25cz6LXKXQv6e4OhJ78BUix8NsKBeblG4
us+EMXtqCEJlbPjxfWDrnD/CU1AOhsu5GMBDNB2i5WQDH7zzzaSwdZM5ACUbCWLw
SMV2GqAsSqnbHtQ1EJIK1jKHONElRqHQ6BfzPtVEY0+wobVq4kwzxFdau5DV0Guo
LC5DmQheaVpR44NT6K3Ab8cTQs6xswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK2y
gCSyumkWzR//SQjnFqCeWsjdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQTBDNjUwRUMzOEUxMUVGQTYwQjQ0QTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTaMA0GCSqGSIb3DQEBCwUA
A4IBAQBhjKmUU/6BMg2cq/+S4onJr99d1IfTfKpFBARONWoOQqe5u7bUPKhRF97U
9wGTFWlfSv+IzXY5mhcxxIcJNW7++E9f0fXN1UU0fJ1wrvepdGMo+Q3GZOD5P7Ox
IibIRyWF474kEbHzujXbhlEp9EdyQ5/qD3tfTdix7iUL78YfVn1WtIjkEhkEKilP
y9DVgtPBQgPgqayjY2t2iCQAMKQBkuxdyGWUhuL8FkjzRBRm1Uqm0wfGnzmXR4vY
EJClg3bfC2zFKKnbbOIOK9zs+V3TC+jo8KNdbgztdymeroMIVpswrErmWVROwfPR
FjInfv1Xx06LyBLaqCHMqgkJM74p
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:24 2025 by rpki-client