Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E653A048C40411EF8DDF62A0762E951A.roa
File: E653A048C40411EF8DDF62A0762E951A.roa (raw, json)
Hash identifier: TNTAB25pYgy7kZp7P6TrbN8KyphRjrg8RxvEbVCXBws=
Subject key identifier: 62:5C:30:21:66:96:04:42:8C:35:E2:FA:E9:6D:D2:37:C3:81:F5:80
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EFFE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E653A048C40411EF8DDF62A0762E951A.roa
Signing time: Fri 27 Dec 2024 03:44:40 +0000
ROA not before: Fri 27 Dec 2024 03:44:36 +0000
ROA not after: Sun 12 Dec 2027 03:44:36 +0000
asID: 17561
IP address blocks: 45.195.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61438 (0xeffe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 03:44:36 2024 GMT
Not After : Dec 12 03:44:36 2027 GMT
Subject: CN=676e22a7-4628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9b:1e:cd:d0:fe:6b:1c:53:e2:c5:5a:b5:e9:
06:68:da:55:00:0e:35:d2:04:e8:e5:df:eb:cc:d9:
df:b0:73:bd:c9:7e:51:00:3c:ac:5e:3f:f1:bb:ea:
22:95:f2:b6:ce:81:8a:c3:6c:c6:64:fe:e5:ae:1c:
76:18:8f:6c:07:33:60:d1:46:a8:a9:2c:b5:f7:8f:
1b:2f:74:2f:3e:47:2c:f4:a1:85:91:dc:6d:5d:e6:
98:ad:c6:fb:ae:61:67:5e:94:a1:91:dc:c5:7b:1b:
9c:61:f1:d5:77:42:9d:bc:a4:1e:05:7f:29:f7:ab:
bd:df:5a:12:98:7e:7c:26:3b:62:53:e3:eb:08:e9:
8d:08:66:68:e4:19:dd:f3:80:24:09:9c:e5:b7:a9:
87:bb:5c:8c:3e:38:cb:a2:4c:05:5e:23:16:d3:a7:
cd:c7:94:70:2c:1e:db:ba:f3:56:e8:d5:37:04:8d:
f9:b8:14:8a:19:1e:b9:bc:60:80:e6:b1:45:31:bd:
c5:d0:bc:90:b7:18:b4:d6:da:a4:a4:29:13:f0:3f:
0f:f7:87:2f:26:ff:9a:48:42:ad:8c:60:8d:c1:f6:
6a:57:9f:17:c6:8d:e1:91:6c:74:26:90:28:f1:d7:
f7:ce:d2:6f:55:1d:81:14:63:01:da:d8:b3:52:f0:
a1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:5C:30:21:66:96:04:42:8C:35:E2:FA:E9:6D:D2:37:C3:81:F5:80
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E653A048C40411EF8DDF62A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.249.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:1e:72:37:d7:e7:34:fc:72:80:d9:ba:6b:7b:f6:5e:5f:0f:
fa:65:27:49:0d:72:89:a1:8b:d1:9c:8d:8d:aa:5a:aa:05:29:
de:cd:95:4e:c8:06:a2:88:73:46:62:69:96:09:9c:06:c5:45:
9e:f3:c3:7d:19:c5:da:39:8d:a4:e9:b6:10:8a:c0:81:b2:d1:
20:cd:62:16:cf:8e:da:ef:18:bb:d5:6e:37:2a:75:4b:d5:08:
6a:7c:93:b7:bd:62:6e:d5:e1:df:db:6c:b8:04:79:4f:eb:16:
13:d5:6b:bf:d2:9c:6c:2b:59:12:e0:28:88:76:89:6a:1a:26:
f0:01:b4:9e:9c:87:03:0c:5a:93:b5:5f:50:ba:91:a7:7c:f9:
bd:c9:da:09:87:b6:50:ed:27:9a:b5:a0:c0:0f:c3:62:dd:9c:
15:73:f5:0e:f7:e0:06:4b:d2:fa:95:f5:09:58:53:ba:40:20:
59:79:94:3a:6e:ff:c1:e7:56:cf:e5:0c:73:f9:85:6e:33:f0:
89:4e:2f:c3:02:dd:1c:69:82:4f:55:c1:d1:29:6d:2e:04:68:
99:ed:e2:38:8a:ef:dc:16:d9:4e:a5:4e:4f:98:39:17:4c:2b:
c0:9b:b5:c1:f5:15:88:ba:18:33:7a:2e:10:23:ef:6c:1a:4d:
74:38:5b:c6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO/+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDM0NDM2WhcNMjcxMjEyMDM0NDM2WjAYMRYw
FAYDVQQDEw02NzZlMjJhNy00NjI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvJsezdD+axxT4sVatekGaNpVAA410gTo5d/rzNnfsHO9yX5RADysXj/x
u+oilfK2zoGKw2zGZP7lrhx2GI9sBzNg0UaoqSy1948bL3QvPkcs9KGFkdxtXeaY
rcb7rmFnXpShkdzFexucYfHVd0KdvKQeBX8p96u931oSmH58JjtiU+PrCOmNCGZo
5Bnd84AkCZzlt6mHu1yMPjjLokwFXiMW06fNx5RwLB7buvNW6NU3BI35uBSKGR65
vGCA5rFFMb3F0LyQtxi01tqkpCkT8D8P94cvJv+aSEKtjGCNwfZqV58Xxo3hkWx0
JpAo8df3ztJvVR2BFGMB2tizUvChBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGJc
MCFmlgRCjDXi+ult0jfDgfWAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNjUzQTA0OEM0MDQxMUVGOERERjYyQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcP5MA0GCSqGSIb3DQEBCwUA
A4IBAQAvHnI31+c0/HKA2bpre/ZeXw/6ZSdJDXKJoYvRnI2NqlqqBSnezZVOyAai
iHNGYmmWCZwGxUWe88N9GcXaOY2k6bYQisCBstEgzWIWz47a7xi71W43KnVL1Qhq
fJO3vWJu1eHf22y4BHlP6xYT1Wu/0pxsK1kS4CiIdolqGibwAbSenIcDDFqTtV9Q
upGnfPm9ydoJh7ZQ7SeataDAD8Ni3ZwVc/UO9+AGS9L6lfUJWFO6QCBZeZQ6bv/B
51bP5Qxz+YVuM/CJTi/DAt0caYJPVcHRKW0uBGiZ7eI4iu/cFtlOpU5PmDkXTCvA
m7XB9RWIuhgzei4QI+9sGk10OFvG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:05 2025 by rpki-client