Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D697EB66C3E411EFAD4BC942762E951A.roa
File: D697EB66C3E411EFAD4BC942762E951A.roa (raw, json)
Hash identifier: 2yh4uGNHbqBETVKk4vARz5K2HT9yk0PWTLjcXdfOmEE=
Subject key identifier: 38:06:8F:4F:EE:9F:EC:4E:16:3E:50:41:FA:63:24:27:B7:21:62:3E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF1D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D697EB66C3E411EFAD4BC942762E951A.roa
Signing time: Thu 26 Dec 2024 23:55:09 +0000
ROA not before: Thu 26 Dec 2024 23:55:05 +0000
ROA not after: Sun 12 Dec 2027 23:55:05 +0000
asID: 17561
IP address blocks: 45.192.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61213 (0xef1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 23:55:05 2024 GMT
Not After : Dec 12 23:55:05 2027 GMT
Subject: CN=676decdd-a768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fe:8b:a8:61:64:dc:5e:22:1c:b5:3d:59:f3:
03:68:4a:1f:73:80:7c:48:f4:45:4b:a9:36:ac:81:
22:3b:59:fb:19:7b:f8:39:c4:c6:3f:48:a4:ea:a3:
4a:54:26:df:83:57:9b:5f:7b:40:8d:d3:a6:8a:e6:
d1:da:86:40:d0:3e:cc:d9:37:08:59:7e:6f:b1:30:
97:a4:c0:fe:8b:42:b4:64:93:10:b5:6e:2e:95:e3:
e3:94:ff:bc:30:05:d1:99:00:e0:dc:7a:ab:dd:72:
65:9e:d5:6e:66:7f:17:38:4c:cb:04:11:f4:32:96:
97:6d:8a:fb:3e:c5:f4:58:2a:a8:6b:f0:00:89:48:
29:4b:a1:73:78:68:89:2e:d2:00:07:7c:ba:6a:ed:
d4:7e:6c:2d:df:0e:69:c6:2f:3e:f5:a2:b6:56:3e:
e9:a1:dc:81:de:8d:d6:47:f0:9b:56:1f:7a:58:df:
89:46:44:07:bf:c9:2d:00:9a:ae:b6:26:e3:f0:b6:
e6:10:38:d5:f2:ec:9e:9c:ee:e5:b4:17:84:d0:bc:
85:62:af:8f:ae:4e:a9:cb:97:d8:48:62:c4:92:3e:
5b:b1:f8:8c:a9:4b:ff:52:e2:48:92:e8:7b:a7:45:
e7:d0:45:9a:f2:3e:be:89:a0:6b:8b:e5:48:9e:2e:
74:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:06:8F:4F:EE:9F:EC:4E:16:3E:50:41:FA:63:24:27:B7:21:62:3E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D697EB66C3E411EFAD4BC942762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.223.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:46:d9:df:44:f6:fe:d9:39:0b:e5:41:e2:10:69:ad:f1:4d:
43:58:6f:2f:ce:84:65:ad:66:f7:8b:8f:57:5c:69:a2:f5:18:
3b:92:50:85:76:13:9d:09:ef:ce:6a:d1:56:32:e7:92:43:88:
73:52:db:81:6e:ea:f1:af:84:d2:2b:ed:dc:0f:8b:07:35:0f:
b2:76:24:f2:22:53:a8:f1:b1:18:9e:36:6d:d8:4f:d5:12:32:
46:d0:b2:88:65:11:c0:9f:79:69:0b:6d:13:af:ae:b5:e3:74:
7e:df:b4:07:27:50:46:61:a9:54:50:f2:3b:26:e7:3d:4f:65:
cd:49:c0:e8:bd:51:51:a4:40:1e:a7:f9:57:bc:b4:12:5c:5e:
7b:23:59:1d:8f:4a:70:76:f7:11:d7:e0:23:42:e7:e2:32:80:
3c:71:8c:8f:4c:ac:3f:16:66:b0:9f:81:b4:f1:9e:0f:b9:a4:
cb:96:e5:fc:96:b0:80:84:08:aa:07:5f:17:53:a9:d8:03:dd:
fd:59:1a:17:c9:c0:22:9c:78:29:5f:96:70:3a:9a:c0:36:97:
65:58:33:58:4b:95:70:f1:0c:00:5e:45:65:6b:06:e0:73:ed:
d8:83:27:d4:01:b3:83:d3:06:89:ad:d2:15:6e:98:38:ba:ad:
a9:58:0c:5d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO8dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MjM1NTA1WhcNMjcxMjEyMjM1NTA1WjAYMRYw
FAYDVQQDEw02NzZkZWNkZC1hNzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwf6LqGFk3F4iHLU9WfMDaEofc4B8SPRFS6k2rIEiO1n7GXv4OcTGP0ik
6qNKVCbfg1ebX3tAjdOmiubR2oZA0D7M2TcIWX5vsTCXpMD+i0K0ZJMQtW4ulePj
lP+8MAXRmQDg3Hqr3XJlntVuZn8XOEzLBBH0MpaXbYr7PsX0WCqoa/AAiUgpS6Fz
eGiJLtIAB3y6au3Ufmwt3w5pxi8+9aK2Vj7podyB3o3WR/CbVh96WN+JRkQHv8kt
AJqutibj8LbmEDjV8uyenO7ltBeE0LyFYq+Prk6py5fYSGLEkj5bsfiMqUv/UuJI
kuh7p0Xn0EWa8j6+iaBri+VIni50TQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDgG
j0/un+xOFj5QQfpjJCe3IWI+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENjk3RUI2NkMzRTQxMUVGQUQ0QkM5NDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcDfMA0GCSqGSIb3DQEBCwUA
A4IBAQA7RtnfRPb+2TkL5UHiEGmt8U1DWG8vzoRlrWb3i49XXGmi9Rg7klCFdhOd
Ce/OatFWMueSQ4hzUtuBburxr4TSK+3cD4sHNQ+ydiTyIlOo8bEYnjZt2E/VEjJG
0LKIZRHAn3lpC20Tr66143R+37QHJ1BGYalUUPI7Juc9T2XNScDovVFRpEAep/lX
vLQSXF57I1kdj0pwdvcR1+AjQufiMoA8cYyPTKw/Fmawn4G08Z4PuaTLluX8lrCA
hAiqB18XU6nYA939WRoXycAinHgpX5ZwOprANpdlWDNYS5Vw8QwAXkVlawbgc+3Y
gyfUAbOD0waJrdIVbpg4uq2pWAxd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:44 2025 by rpki-client