Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF9BD674C3F711EF801C3046762E951A.roa
File: DF9BD674C3F711EF801C3046762E951A.roa (raw, json)
Hash identifier: PqUJDyE9d17JdwfIbavHdVyYgeSh21yJJJ/oz4uVW7g=
Subject key identifier: 15:80:3F:1A:60:71:D2:7E:4B:34:83:12:26:48:51:7E:9A:A8:B1:51
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF80
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF9BD674C3F711EF801C3046762E951A.roa
Signing time: Fri 27 Dec 2024 02:11:25 +0000
ROA not before: Fri 27 Dec 2024 02:11:19 +0000
ROA not after: Fri 12 Dec 2025 02:11:19 +0000
asID: 984
IP address blocks: 45.194.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61312 (0xef80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 02:11:19 2024 GMT
Not After : Dec 12 02:11:19 2025 GMT
Subject: CN=676e0ccd-6a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d4:6a:ca:18:36:89:a7:a2:16:d7:00:20:d7:
0e:a4:58:9f:6b:f1:62:c8:b4:ae:d3:3d:eb:61:f8:
04:b7:c8:c4:95:83:5b:6f:af:74:30:fc:4b:66:fc:
98:7e:87:05:94:51:8b:56:14:7e:95:a0:ef:20:38:
71:70:4a:7d:4b:e7:ea:51:a6:42:ad:bc:8d:cf:33:
b6:82:b0:5c:cc:f8:df:85:18:69:8b:5d:26:13:77:
45:e9:40:48:4b:62:5a:d6:84:40:79:e2:df:f2:7e:
68:48:2b:2d:06:36:09:54:8b:a1:d3:bd:fe:cf:66:
29:32:19:a3:80:55:19:da:97:cf:fc:b9:95:49:2a:
36:3c:f1:0f:c6:c1:c7:b8:fa:2a:24:b0:71:43:ab:
26:aa:13:7e:ba:42:fb:55:ea:18:bd:a8:cf:3c:a7:
8e:1c:e3:e7:19:09:be:e9:0c:f6:d8:38:ae:9b:df:
6d:b7:df:f9:88:0e:2f:e6:53:47:28:80:53:70:9e:
e3:33:9a:e5:3f:3c:89:01:4f:69:19:d4:6d:79:39:
5b:b5:58:a8:61:79:29:51:3f:ef:79:58:0e:ba:7e:
98:0c:8d:31:40:e5:34:55:5e:a1:39:36:a9:5b:5b:
23:3d:27:39:cc:e5:43:38:24:9c:52:61:7a:32:f2:
71:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:80:3F:1A:60:71:D2:7E:4B:34:83:12:26:48:51:7E:9A:A8:B1:51
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF9BD674C3F711EF801C3046762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.80.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:16:99:3d:15:75:8e:d3:86:6c:a8:8d:87:55:f3:81:12:be:
bb:3c:67:d3:19:c1:84:ed:06:75:90:9b:45:78:6a:d5:6d:46:
94:56:15:8b:95:da:ce:92:0b:45:fd:f2:09:f8:b8:46:e4:a4:
9c:43:84:6c:a8:4c:2f:4b:35:3f:3e:81:ca:ee:9b:2c:6e:de:
3d:41:de:ed:d3:6f:28:36:d3:df:ef:e3:0c:89:e0:29:61:22:
a4:5a:57:f7:7f:5b:fe:59:c0:1b:5b:66:68:b5:3f:5d:51:ca:
16:02:3d:14:5e:9a:c9:04:b2:eb:d2:96:8a:a1:16:e5:c4:9b:
87:d6:95:66:a1:6f:90:3f:e8:36:af:34:db:3f:d6:d3:53:e1:
6c:c1:b1:13:97:aa:44:9e:df:96:55:d0:43:73:3b:7f:df:13:
19:a5:72:73:72:f6:92:21:7d:9c:6d:fb:e3:6a:a8:7f:fc:ca:
ec:26:56:b2:f6:a4:1b:65:cc:97:32:08:7f:25:89:0b:f3:dc:
42:88:9a:60:68:13:46:7b:79:34:06:93:d0:28:b0:72:f4:60:
0e:cd:6b:94:dd:5c:e8:86:62:2f:5a:03:76:71:bc:ab:ae:50:
34:ea:b1:6f:8b:7c:f5:ad:6e:39:92:8c:aa:96:4f:86:72:7b:
0a:44:75:ad
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO+AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDIxMTE5WhcNMjUxMjEyMDIxMTE5WjAYMRYw
FAYDVQQDEw02NzZlMGNjZC02YTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1dRqyhg2iaeiFtcAINcOpFifa/FiyLSu0z3rYfgEt8jElYNbb690MPxL
ZvyYfocFlFGLVhR+laDvIDhxcEp9S+fqUaZCrbyNzzO2grBczPjfhRhpi10mE3dF
6UBIS2Ja1oRAeeLf8n5oSCstBjYJVIuh073+z2YpMhmjgFUZ2pfP/LmVSSo2PPEP
xsHHuPoqJLBxQ6smqhN+ukL7VeoYvajPPKeOHOPnGQm+6Qz22Dium99tt9/5iA4v
5lNHKIBTcJ7jM5rlPzyJAU9pGdRteTlbtVioYXkpUT/veVgOun6YDI0xQOU0VV6h
OTapW1sjPSc5zOVDOCScUmF6MvJx4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBWA
PxpgcdJ+SzSDEiZIUX6aqLFRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERjlCRDY3NEMzRjcxMUVGODAxQzMwNDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcJQMA0GCSqGSIb3DQEBCwUA
A4IBAQBuFpk9FXWO04ZsqI2HVfOBEr67PGfTGcGE7QZ1kJtFeGrVbUaUVhWLldrO
kgtF/fIJ+LhG5KScQ4RsqEwvSzU/PoHK7pssbt49Qd7t028oNtPf7+MMieApYSKk
Wlf3f1v+WcAbW2ZotT9dUcoWAj0UXprJBLLr0paKoRblxJuH1pVmoW+QP+g2rzTb
P9bTU+FswbETl6pEnt+WVdBDczt/3xMZpXJzcvaSIX2cbfvjaqh//MrsJlay9qQb
ZcyXMgh/JYkL89xCiJpgaBNGe3k0BpPQKLBy9GAOzWuU3VzohmIvWgN2cbyrrlA0
6rFvi3z1rW45koyqlk+GcnsKRHWt
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:03 2025 by rpki-client