Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DAFDE6C8C3EF11EF8A2C9089762E951A.roa
File: DAFDE6C8C3EF11EF8A2C9089762E951A.roa (raw, json)
Hash identifier: kFm3b1+qvGK4c5RYMB9xIuHBlfdRzSlNkVtPWCoDfhQ=
Subject key identifier: 8F:A6:D5:75:67:98:6F:07:C5:71:AF:C6:DA:B3:37:60:95:02:11:9E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF44
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DAFDE6C8C3EF11EF8A2C9089762E951A.roa
Signing time: Fri 27 Dec 2024 01:14:01 +0000
ROA not before: Fri 27 Dec 2024 01:13:57 +0000
ROA not after: Sun 12 Dec 2027 01:13:57 +0000
asID: 17561
IP address blocks: 45.192.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61252 (0xef44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 01:13:57 2024 GMT
Not After : Dec 12 01:13:57 2027 GMT
Subject: CN=676dff59-994d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:18:7b:7f:64:99:ea:ce:c8:12:dc:78:71:ff:
71:3a:5e:b6:92:42:d0:cf:e8:56:06:4f:ae:21:7f:
d4:de:a2:37:0d:27:3c:72:09:a4:15:1e:c9:cc:dc:
6e:91:96:d9:1d:9a:90:8c:b3:09:c1:2b:44:51:0c:
97:db:b9:e1:84:dd:25:e1:2f:3a:f7:06:80:c0:20:
14:b3:d0:76:70:0a:2f:67:df:2f:56:36:53:bc:3d:
2c:5c:74:2b:da:61:b1:94:22:7d:cb:82:ef:db:24:
76:f8:75:9f:78:01:f1:94:24:2b:eb:29:72:4d:c3:
e5:6c:48:94:22:03:4a:3a:9d:47:d0:e4:35:39:10:
86:87:e4:e7:dc:e7:1f:8a:9b:d9:1d:d6:f4:a4:a6:
a0:5e:6e:b4:3c:5d:27:a0:e3:26:cf:7d:c2:cd:da:
88:32:a1:af:bb:9e:94:69:04:35:ed:dd:f1:26:e2:
95:ac:8b:d2:60:73:23:66:56:7a:f1:44:cb:5a:25:
1c:f8:47:13:91:d8:ee:3f:dc:8d:be:a4:19:7d:72:
15:c5:7e:ff:8b:ad:96:5d:ec:45:ff:84:24:be:9d:
da:a7:22:36:3e:5c:d1:f7:0c:b5:0c:85:ce:c9:2d:
44:5e:20:a0:69:d3:57:64:57:28:69:bf:0c:d0:f4:
31:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:A6:D5:75:67:98:6F:07:C5:71:AF:C6:DA:B3:37:60:95:02:11:9E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DAFDE6C8C3EF11EF8A2C9089762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.242.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:ce:d7:1b:87:d1:68:de:cd:b6:e2:4c:74:d7:34:83:eb:a8:
5b:21:92:4a:ee:39:79:27:b6:eb:51:9b:d8:1a:33:e8:2d:d8:
75:c1:cc:da:6e:0b:de:27:bc:9e:8a:48:fb:b4:ee:de:4b:65:
16:5e:25:b6:51:30:3c:ea:74:00:cb:6d:4f:e7:5a:e5:d4:48:
a8:f0:84:b8:c1:37:95:c2:85:d4:f8:75:11:fb:92:2d:62:53:
12:1b:66:8d:7e:04:58:41:9c:75:6a:51:96:e5:9b:f3:80:98:
b9:a1:32:95:6b:93:44:f1:39:00:f1:91:9b:05:91:06:e1:d5:
d0:be:83:33:41:c0:2f:e8:bb:5d:90:3d:4c:6f:b9:82:97:5e:
d0:e0:ee:e3:67:ef:80:93:3f:8a:16:b0:5c:3f:fd:13:8b:1b:
9a:7e:16:86:30:81:7a:91:cb:9f:00:44:19:98:40:99:d5:39:
e1:52:41:82:ba:6c:64:8c:49:e5:a7:b8:72:d7:7c:9c:c0:34:
2d:25:fd:de:38:34:3b:da:36:44:f4:e5:6f:2e:57:84:10:77:
d9:2b:82:9f:01:b7:ad:ce:ea:2f:f8:63:6d:f4:e7:c2:f8:43:
78:13:46:2e:02:ce:99:c2:f8:8c:ba:7d:1a:78:a5:04:a2:1a:
07:42:26:8c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO9EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDExMzU3WhcNMjcxMjEyMDExMzU3WjAYMRYw
FAYDVQQDEw02NzZkZmY1OS05OTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoxh7f2SZ6s7IEtx4cf9xOl62kkLQz+hWBk+uIX/U3qI3DSc8cgmkFR7J
zNxukZbZHZqQjLMJwStEUQyX27nhhN0l4S869waAwCAUs9B2cAovZ98vVjZTvD0s
XHQr2mGxlCJ9y4Lv2yR2+HWfeAHxlCQr6ylyTcPlbEiUIgNKOp1H0OQ1ORCGh+Tn
3OcfipvZHdb0pKagXm60PF0noOMmz33CzdqIMqGvu56UaQQ17d3xJuKVrIvSYHMj
ZlZ68UTLWiUc+EcTkdjuP9yNvqQZfXIVxX7/i62WXexF/4Qkvp3apyI2PlzR9wy1
DIXOyS1EXiCgadNXZFcoab8M0PQxRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI+m
1XVnmG8HxXGvxtqzN2CVAhGeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQUZERTZDOEMzRUYxMUVGOEEyQzkwODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcDyMA0GCSqGSIb3DQEBCwUA
A4IBAQAuztcbh9Fo3s224kx01zSD66hbIZJK7jl5J7brUZvYGjPoLdh1wczabgve
J7yeikj7tO7eS2UWXiW2UTA86nQAy21P51rl1Eio8IS4wTeVwoXU+HUR+5ItYlMS
G2aNfgRYQZx1alGW5ZvzgJi5oTKVa5NE8TkA8ZGbBZEG4dXQvoMzQcAv6LtdkD1M
b7mCl17Q4O7jZ++Akz+KFrBcP/0TixuafhaGMIF6kcufAEQZmECZ1TnhUkGCumxk
jEnlp7hy13ycwDQtJf3eODQ72jZE9OVvLleEEHfZK4KfAbetzuov+GNt9OfC+EN4
E0YuAs6ZwviMun0aeKUEohoHQiaM
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:49 2025 by rpki-client