Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D91136E4C39511EFA36D3D51762E951A.roa
File: D91136E4C39511EFA36D3D51762E951A.roa (raw, json)
Hash identifier: HWiVwQsa6E1s/e1QiICjs6AsU2Kg9Fc8A4JtvP05Mxc=
Subject key identifier: 07:50:F6:F2:85:4E:FB:8C:DD:2D:2E:CE:B3:3B:87:6A:BB:2B:B3:7F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ED1F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D91136E4C39511EFA36D3D51762E951A.roa
Signing time: Thu 26 Dec 2024 14:29:43 +0000
ROA not before: Thu 26 Dec 2024 14:29:39 +0000
ROA not after: Fri 12 Dec 2025 14:29:39 +0000
asID: 984
IP address blocks: 45.197.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60703 (0xed1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 14:29:39 2024 GMT
Not After : Dec 12 14:29:39 2025 GMT
Subject: CN=676d6857-c311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c5:04:1b:ec:52:6c:11:55:ee:a6:23:45:cf:
4f:90:82:f5:7e:f0:ca:0e:e9:57:bd:a2:93:97:40:
62:49:d7:a2:fb:c1:12:bb:e6:cc:b5:1d:01:ae:b5:
6f:43:55:7b:aa:37:0b:d5:01:21:90:79:04:54:ba:
8b:2b:fb:18:93:f5:59:a9:79:3b:0d:d1:fb:94:bd:
e4:1b:f9:ab:98:87:d8:ca:6e:66:b3:a6:8e:7e:12:
23:e8:da:b8:f2:ec:b1:fe:4e:a2:b6:2b:9a:cc:b4:
d3:ad:cc:9c:85:17:77:ff:60:1a:fd:2d:19:d9:1c:
6f:79:f5:3e:87:26:3d:fd:1c:25:8c:02:94:9f:80:
f8:19:9e:ab:ea:bf:ee:ba:0a:a3:2a:23:6f:c1:ac:
03:59:93:bd:94:ad:55:1e:4a:ff:00:1d:d7:57:29:
02:17:60:0f:f5:27:ee:24:2b:8c:72:c1:e8:37:d1:
ff:dd:86:d4:24:7d:e1:96:8f:b1:36:19:53:30:1b:
73:f3:82:fc:85:d0:66:ff:5e:74:27:20:63:9b:9a:
c7:89:e0:25:72:6d:ef:d8:d6:10:60:5d:2e:1f:29:
9e:4b:c6:7e:8f:2b:ac:c6:ac:b3:d7:af:04:4f:bd:
4a:99:f2:76:58:46:a5:5c:31:a8:b2:c3:8d:81:d5:
5d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:50:F6:F2:85:4E:FB:8C:DD:2D:2E:CE:B3:3B:87:6A:BB:2B:B3:7F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D91136E4C39511EFA36D3D51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.7.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:5e:13:21:09:0d:91:c0:73:af:57:41:82:20:29:85:ec:73:
92:50:23:da:0e:24:96:d8:ba:bb:5d:95:7a:7d:c9:97:31:e8:
ad:72:16:3b:c8:22:28:a9:c5:dd:37:49:8f:56:41:85:59:4f:
f1:07:d3:79:78:30:0a:5b:c4:ae:9f:3a:4f:a5:68:0d:26:86:
94:9f:de:d6:3c:d8:f7:7b:0c:2e:30:7c:d4:87:a0:a3:67:8a:
da:f4:e8:b0:9b:14:6c:1d:73:5b:23:8d:8b:85:7e:33:bc:a5:
dc:e9:b0:17:9d:73:4a:67:3d:fb:9a:f0:b6:38:ee:5e:f9:ff:
4e:43:c3:b3:93:9c:78:6a:96:46:4b:14:90:4e:44:75:5b:48:
8c:9a:0f:be:d0:e1:a0:f8:d3:48:97:53:a8:38:a7:d6:99:1a:
b3:b7:3b:0e:37:6e:41:68:98:51:8b:bf:f4:40:f9:24:20:6a:
36:af:c4:02:8c:e4:19:8a:86:f2:f9:fb:32:d2:3f:b2:cb:1c:
57:a3:72:8e:2d:4c:6c:0b:96:e0:c3:35:98:b0:a7:f9:d1:c8:
e5:a2:b1:ef:3b:7d:f3:c5:f9:07:dc:e7:b6:e0:a7:52:10:76:
68:ec:a5:e0:c6:08:dd:cc:32:bb:0c:4c:ff:99:cc:59:4b:b7:
c8:d8:9d:e3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO0fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTQyOTM5WhcNMjUxMjEyMTQyOTM5WjAYMRYw
FAYDVQQDEw02NzZkNjg1Ny1jMzExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy8UEG+xSbBFV7qYjRc9PkIL1fvDKDulXvaKTl0BiSdei+8ESu+bMtR0B
rrVvQ1V7qjcL1QEhkHkEVLqLK/sYk/VZqXk7DdH7lL3kG/mrmIfYym5ms6aOfhIj
6Nq48uyx/k6itiuazLTTrcychRd3/2Aa/S0Z2RxvefU+hyY9/RwljAKUn4D4GZ6r
6r/uugqjKiNvwawDWZO9lK1VHkr/AB3XVykCF2AP9SfuJCuMcsHoN9H/3YbUJH3h
lo+xNhlTMBtz84L8hdBm/150JyBjm5rHieAlcm3v2NYQYF0uHymeS8Z+jyusxqyz
168ET71KmfJ2WEalXDGossONgdVdAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAdQ
9vKFTvuM3S0uzrM7h2q7K7N/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOTExMzZFNEMzOTUxMUVGQTM2RDNENTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcUHMA0GCSqGSIb3DQEBCwUA
A4IBAQCLXhMhCQ2RwHOvV0GCICmF7HOSUCPaDiSW2Lq7XZV6fcmXMeitchY7yCIo
qcXdN0mPVkGFWU/xB9N5eDAKW8SunzpPpWgNJoaUn97WPNj3ewwuMHzUh6CjZ4ra
9OiwmxRsHXNbI42LhX4zvKXc6bAXnXNKZz37mvC2OO5e+f9OQ8Ozk5x4apZGSxSQ
TkR1W0iMmg++0OGg+NNIl1OoOKfWmRqztzsON25BaJhRi7/0QPkkIGo2r8QCjOQZ
ioby+fsy0j+yyxxXo3KOLUxsC5bgwzWYsKf50cjlorHvO33zxfkH3Oe24KdSEHZo
7KXgxgjdzDK7DEz/mcxZS7fI2J3j
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:41 2025 by rpki-client