Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DEC96B36C39C11EF91CEEC7D762E951A.roa
File: DEC96B36C39C11EF91CEEC7D762E951A.roa (raw, json)
Hash identifier: r+ZLBRn4tjzDW86XSU5dayxmwqBlMM1xdH20/7vfYgM=
Subject key identifier: 1F:5E:87:0C:13:54:B3:22:98:D5:9D:BA:2F:06:8C:F1:1A:F5:65:2D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ED6B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DEC96B36C39C11EF91CEEC7D762E951A.roa
Signing time: Thu 26 Dec 2024 15:19:59 +0000
ROA not before: Thu 26 Dec 2024 15:19:56 +0000
ROA not after: Fri 12 Dec 2025 15:19:56 +0000
asID: 984
IP address blocks: 45.199.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60779 (0xed6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 15:19:56 2024 GMT
Not After : Dec 12 15:19:56 2025 GMT
Subject: CN=676d741f-6036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:df:99:9b:e5:18:76:e0:35:89:57:c8:10:d4:
81:84:96:fc:d7:54:19:34:a5:2c:97:26:69:fe:34:
4e:52:6b:5a:df:a1:ce:f5:32:56:41:96:1f:76:ca:
50:1d:28:0a:d7:9a:fb:e2:a2:45:b2:64:22:13:0f:
e2:89:5d:c7:d2:c1:5c:e5:ca:0a:01:54:73:8d:7b:
f5:78:0d:01:ec:09:06:1c:f1:6f:b8:55:52:2f:d4:
61:fa:84:ae:1b:39:0e:3d:ce:16:55:00:36:31:b7:
8c:82:65:65:8b:f6:a9:25:8f:3a:9b:51:38:73:28:
a6:a3:8a:e8:0c:49:aa:73:bb:d3:b4:ec:57:c8:cc:
17:65:38:a1:74:ca:5a:ca:72:57:2c:95:3f:91:47:
8d:6f:ce:2b:75:e8:60:d2:c0:a3:03:f1:79:56:ff:
48:37:73:39:dc:b2:9d:c7:89:4a:d8:02:58:ce:9e:
cd:2e:db:9e:a1:0f:a4:4b:01:69:63:e0:ad:f0:b0:
f3:92:4d:58:ce:8c:e4:cd:0e:73:48:25:7b:03:56:
7b:e9:13:72:b1:82:33:de:12:dc:70:18:8b:80:31:
cc:7c:68:b0:2c:0b:d1:af:37:68:38:9e:8b:ee:76:
39:db:b8:0d:33:d6:d2:ed:9b:82:cb:81:ba:07:40:
86:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:5E:87:0C:13:54:B3:22:98:D5:9D:BA:2F:06:8C:F1:1A:F5:65:2D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DEC96B36C39C11EF91CEEC7D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.134.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:f4:e1:71:6b:0f:f5:04:df:09:26:0e:c5:e2:70:fc:89:db:
6b:b9:52:22:87:b4:4b:5c:5e:9d:1a:c3:80:9d:5f:af:cf:e3:
e7:3d:6e:38:a2:9e:84:b2:11:70:c0:49:80:76:dc:e4:11:25:
e4:7a:cd:cb:ba:62:77:f9:48:07:cf:be:23:e6:5f:c1:37:b2:
ec:9f:89:ef:ab:d4:72:e8:41:17:4b:3f:ca:f6:ec:84:9a:66:
eb:cb:95:73:d2:0b:58:60:71:99:76:85:67:0e:07:3c:4a:c0:
38:25:e5:ad:e7:6d:bf:6c:a4:bb:b3:b9:86:a6:11:e8:4a:32:
88:84:cb:30:e7:a0:f4:46:90:06:42:aa:4e:99:87:86:b8:fc:
96:c0:bb:48:11:5c:47:43:39:97:11:da:f9:c9:14:99:36:a4:
f4:86:b1:14:c6:67:53:42:2e:c0:8a:37:32:cb:1c:1f:b0:29:
d6:5a:ee:e9:c1:0b:f7:bc:e7:5d:0d:93:4c:96:a4:16:dd:2e:
cb:6d:eb:8a:9d:3f:be:12:c8:0b:e0:3b:d5:6e:be:36:73:3b:
53:13:ce:58:40:32:eb:bd:7c:c8:88:f5:9d:40:c9:ee:30:15:
79:83:d7:f3:d1:c3:f2:99:31:a2:71:bd:e5:20:32:9b:36:3f:
34:34:c0:18
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO1rMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTUxOTU2WhcNMjUxMjEyMTUxOTU2WjAYMRYw
FAYDVQQDEw02NzZkNzQxZi02MDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApN+Zm+UYduA1iVfIENSBhJb811QZNKUslyZp/jROUmta36HO9TJWQZYf
dspQHSgK15r74qJFsmQiEw/iiV3H0sFc5coKAVRzjXv1eA0B7AkGHPFvuFVSL9Rh
+oSuGzkOPc4WVQA2MbeMgmVli/apJY86m1E4cyimo4roDEmqc7vTtOxXyMwXZTih
dMpaynJXLJU/kUeNb84rdehg0sCjA/F5Vv9IN3M53LKdx4lK2AJYzp7NLtueoQ+k
SwFpY+Ct8LDzkk1YzozkzQ5zSCV7A1Z76RNysYIz3hLccBiLgDHMfGiwLAvRrzdo
OJ6L7nY527gNM9bS7ZuCy4G6B0CG6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB9e
hwwTVLMimNWdui8GjPEa9WUtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERUM5NkIzNkMzOUMxMUVGOTFDRUVDN0Q3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALceGMA0GCSqGSIb3DQEBCwUA
A4IBAQCh9OFxaw/1BN8JJg7F4nD8idtruVIih7RLXF6dGsOAnV+vz+PnPW44op6E
shFwwEmAdtzkESXkes3LumJ3+UgHz74j5l/BN7Lsn4nvq9Ry6EEXSz/K9uyEmmbr
y5Vz0gtYYHGZdoVnDgc8SsA4JeWt522/bKS7s7mGphHoSjKIhMsw56D0RpAGQqpO
mYeGuPyWwLtIEVxHQzmXEdr5yRSZNqT0hrEUxmdTQi7AijcyyxwfsCnWWu7pwQv3
vOddDZNMlqQW3S7LbeuKnT++EsgL4DvVbr42cztTE85YQDLrvXzIiPWdQMnuMBV5
g9fz0cPymTGicb3lIDKbNj80NMAY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:00 2025 by rpki-client