Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9962622C3F211EF96F2A29F762E951A.roa
File: C9962622C3F211EF96F2A29F762E951A.roa (raw, json)
Hash identifier: qRlQ7MApmkj36Wcko4lo+L/eMiAgmzoyEYtDDA5FSbs=
Subject key identifier: 00:C2:81:22:89:B6:0B:8C:24:C5:78:AF:44:3F:39:DF:9F:7A:09:D4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF62
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9962622C3F211EF96F2A29F762E951A.roa
Signing time: Fri 27 Dec 2024 01:35:00 +0000
ROA not before: Fri 27 Dec 2024 01:34:56 +0000
ROA not after: Sun 12 Dec 2027 01:34:56 +0000
asID: 17561
IP address blocks: 45.194.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61282 (0xef62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 01:34:56 2024 GMT
Not After : Dec 12 01:34:56 2027 GMT
Subject: CN=676e0444-11da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:be:1e:a8:f4:e2:37:0d:49:4d:f9:54:83:af:
1a:a8:e5:78:17:ca:29:21:ad:48:9e:b7:15:fa:4b:
a6:e6:4a:01:c3:19:f5:90:1c:f2:e1:d2:d1:de:bc:
52:4c:4e:d1:0c:fe:ed:ef:79:68:54:86:f4:f2:5c:
73:76:d7:20:46:d2:f5:dd:9e:94:36:90:60:ee:af:
2c:e1:cc:72:a3:07:13:f7:41:8d:bb:76:38:42:a8:
f9:f7:6b:a5:89:2e:82:a5:99:c0:d9:32:92:d9:07:
59:88:6e:a6:59:59:3f:a8:22:e6:97:31:99:23:69:
6f:c6:5d:48:64:c6:dc:48:79:52:0e:ef:6f:c9:75:
3e:dd:51:42:d6:68:a6:5f:d1:62:51:a3:a6:06:99:
f2:94:42:82:da:bd:f6:b6:27:28:76:ac:ef:65:dc:
87:0e:b7:49:c0:77:ab:06:91:6f:fd:13:0e:ca:83:
51:6c:89:79:1a:e3:2e:38:41:58:13:5a:03:ac:ac:
92:75:07:34:b1:48:b5:cd:5e:e7:6c:aa:3f:22:68:
48:ac:93:bc:c7:9f:db:20:ca:7a:64:68:c6:c6:00:
5d:29:e7:6e:0e:5a:9a:95:35:88:40:2a:3a:b4:b7:
08:4e:12:e0:ba:60:d9:f9:c5:9e:cf:e7:2d:e6:b9:
e7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C2:81:22:89:B6:0B:8C:24:C5:78:AF:44:3F:39:DF:9F:7A:09:D4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9962622C3F211EF96F2A29F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.4.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:35:c5:3e:08:e0:94:be:eb:fb:47:0b:ae:57:2f:a4:94:32:
56:77:eb:5d:84:f4:0a:4d:50:46:24:b5:d2:15:ae:28:20:a1:
3c:30:2a:4e:aa:29:6d:0e:56:a2:15:f9:59:67:09:64:55:da:
de:bf:79:0d:52:4b:c6:dc:0d:17:7a:46:ef:f8:5c:c4:8a:b6:
c4:ac:93:af:35:83:c6:dd:d9:de:1b:f2:55:0e:6e:81:55:0d:
35:22:bf:90:d4:ba:da:8f:f2:27:6f:43:f1:28:ed:8c:0c:6f:
49:a6:cb:10:d2:97:04:3b:a2:8c:6d:32:f4:cd:09:d4:1b:85:
50:4c:45:3d:29:0c:aa:34:98:ea:dc:11:c2:2e:c8:76:bb:ae:
a4:4a:e4:ed:b1:ab:15:19:88:19:b5:5d:f4:49:ad:9f:a5:b1:
24:78:32:eb:39:49:55:c2:38:15:c3:24:27:bb:bd:32:cb:dd:
4c:61:f1:b3:19:b4:23:4a:66:1c:5b:37:50:97:ad:3a:57:b4:
5b:69:61:3d:f7:54:7b:cb:ca:7c:cd:f1:fb:91:eb:16:d7:44:
62:f4:8e:87:5f:29:41:66:e2:31:00:c8:0d:23:ad:f2:78:34:
9a:ab:24:ee:6c:c7:14:de:f5:84:12:63:c6:c8:90:83:50:46:
17:b7:7c:38
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO9iMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDEzNDU2WhcNMjcxMjEyMDEzNDU2WjAYMRYw
FAYDVQQDEw02NzZlMDQ0NC0xMWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu74eqPTiNw1JTflUg68aqOV4F8opIa1InrcV+kum5koBwxn1kBzy4dLR
3rxSTE7RDP7t73loVIb08lxzdtcgRtL13Z6UNpBg7q8s4cxyowcT90GNu3Y4Qqj5
92uliS6CpZnA2TKS2QdZiG6mWVk/qCLmlzGZI2lvxl1IZMbcSHlSDu9vyXU+3VFC
1mimX9FiUaOmBpnylEKC2r32ticodqzvZdyHDrdJwHerBpFv/RMOyoNRbIl5GuMu
OEFYE1oDrKySdQc0sUi1zV7nbKo/ImhIrJO8x5/bIMp6ZGjGxgBdKeduDlqalTWI
QCo6tLcIThLgumDZ+cWez+ct5rnnPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFADC
gSKJtguMJMV4r0Q/Od+fegnUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOTk2MjYyMkMzRjIxMUVGOTZGMkEyOUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcIEMA0GCSqGSIb3DQEBCwUA
A4IBAQCNNcU+COCUvuv7RwuuVy+klDJWd+tdhPQKTVBGJLXSFa4oIKE8MCpOqilt
DlaiFflZZwlkVdrev3kNUkvG3A0Xekbv+FzEirbErJOvNYPG3dneG/JVDm6BVQ01
Ir+Q1Lraj/Inb0PxKO2MDG9JpssQ0pcEO6KMbTL0zQnUG4VQTEU9KQyqNJjq3BHC
Lsh2u66kSuTtsasVGYgZtV30Sa2fpbEkeDLrOUlVwjgVwyQnu70yy91MYfGzGbQj
SmYcWzdQl606V7RbaWE991R7y8p8zfH7kesW10Ri9I6HXylBZuIxAMgNI63yeDSa
qyTubMcU3vWEEmPGyJCDUEYXt3w4
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:45 2025 by rpki-client