Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EB1AEA74BDAF11EF8E076C82762E951A.roa
File: EB1AEA74BDAF11EF8E076C82762E951A.roa (raw, json)
Hash identifier: Vi1NsObCbYFvfNXw3P0PLA8Ibi0aQT/WvLSnhUE0MvI=
Subject key identifier: 2B:9F:EE:7C:55:8C:45:83:A8:54:1F:EC:1B:FB:2B:38:73:C5:C3:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E4A1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EB1AEA74BDAF11EF8E076C82762E951A.roa
Signing time: Thu 19 Dec 2024 02:21:13 +0000
ROA not before: Thu 19 Dec 2024 02:21:10 +0000
ROA not after: Wed 10 Dec 2025 02:21:10 +0000
asID: 984
IP address blocks: 45.198.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58529 (0xe4a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 02:21:10 2024 GMT
Not After : Dec 10 02:21:10 2025 GMT
Subject: CN=67638319-352a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c9:63:94:5e:bb:b3:43:4d:06:0b:7b:ff:51:
14:1e:02:90:85:fc:e2:16:2e:01:0e:5d:87:e1:fd:
9d:c9:70:86:d5:f1:dd:f9:4d:fc:07:96:9e:d0:6e:
a3:a2:b0:1e:55:71:34:1d:2e:df:e7:25:f6:d5:1d:
e5:14:0f:6e:73:af:18:8c:b8:b2:ec:43:80:02:76:
b6:cd:b5:fa:8d:61:90:b0:20:aa:d2:0b:c6:cb:b4:
11:f8:17:56:39:47:12:b0:43:10:82:ef:a8:36:2d:
7f:f4:23:20:c4:d9:f5:a5:0e:c5:74:21:86:78:33:
c3:f2:49:f4:d0:c8:34:17:7b:8f:fb:5d:33:b1:cc:
fa:b2:17:98:6c:e5:41:09:80:cd:3c:44:d8:e1:22:
2a:fd:dd:8d:f9:67:34:1d:2a:7b:b9:e8:b9:59:a2:
e0:e5:26:45:19:b5:ef:fc:75:e1:6c:97:bc:56:14:
f7:d1:0e:5d:df:44:1e:60:1d:19:c0:e7:ad:02:87:
b3:ed:67:bd:d6:67:23:4d:59:00:14:e7:d8:44:52:
3c:b8:08:4c:c8:d9:5a:32:7d:4d:f2:b2:b0:4f:36:
65:80:b2:25:9e:3c:87:f0:41:10:c1:0a:bc:da:ab:
47:04:34:6d:79:de:9c:97:4e:35:97:2e:72:aa:3e:
3d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9F:EE:7C:55:8C:45:83:A8:54:1F:EC:1B:FB:2B:38:73:C5:C3:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EB1AEA74BDAF11EF8E076C82762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.232.0/24
Signature Algorithm: sha256WithRSAEncryption
93:6d:42:b0:bc:5d:17:9a:37:03:e7:c0:5a:0e:03:b5:73:e2:
7a:30:cd:4a:21:5d:b2:00:c4:fb:a6:d0:d2:e7:e1:b8:05:3e:
26:e4:ef:73:91:3a:de:84:af:94:8a:5a:ff:59:d1:41:86:c5:
56:c2:5f:1d:92:45:30:f1:77:cd:14:b0:1c:10:9b:be:da:87:
24:8a:eb:3a:f0:51:e5:d6:4a:bd:8d:cc:5c:e5:82:ed:8d:e3:
0c:76:1c:b8:3e:93:51:80:37:78:3c:31:e8:25:61:d2:c2:79:
fc:88:24:50:35:79:48:71:e2:c1:2a:d9:26:2f:e4:e9:16:a3:
43:3b:1e:a4:97:22:f6:a1:ac:4a:00:cd:6e:8a:d7:20:1f:2e:
8f:91:ce:ca:ae:eb:41:ce:63:17:43:66:4c:fb:77:32:3d:fa:
be:ef:cc:c4:b3:18:57:11:6f:3c:45:f5:89:ce:2c:57:d6:82:
54:cc:7c:f3:8d:c7:94:1d:e7:93:37:fb:50:c8:1b:c3:dd:eb:
ce:49:d0:73:1b:64:4b:12:02:1c:1f:e5:93:fe:a7:d9:e5:b6:
6d:60:28:23:40:a4:f0:66:39:e7:50:c4:e9:ff:b9:6b:68:f2:
cf:55:7e:3b:42:44:bc:9e:b5:49:f7:cb:7d:c1:92:cd:d2:03:
6c:26:bb:20
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOShMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDIyMTEwWhcNMjUxMjEwMDIyMTEwWjAYMRYw
FAYDVQQDEw02NzYzODMxOS0zNTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAusljlF67s0NNBgt7/1EUHgKQhfziFi4BDl2H4f2dyXCG1fHd+U38B5ae
0G6jorAeVXE0HS7f5yX21R3lFA9uc68YjLiy7EOAAna2zbX6jWGQsCCq0gvGy7QR
+BdWOUcSsEMQgu+oNi1/9CMgxNn1pQ7FdCGGeDPD8kn00Mg0F3uP+10zscz6sheY
bOVBCYDNPETY4SIq/d2N+Wc0HSp7uei5WaLg5SZFGbXv/HXhbJe8VhT30Q5d30Qe
YB0ZwOetAoez7We91mcjTVkAFOfYRFI8uAhMyNlaMn1N8rKwTzZlgLIlnjyH8EEQ
wQq82qtHBDRted6cl041ly5yqj493QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCuf
7nxVjEWDqFQf7Bv7KzhzxcPeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQjFBRUE3NEJEQUYxMUVGOEUwNzZDODI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcboMA0GCSqGSIb3DQEBCwUA
A4IBAQCTbUKwvF0XmjcD58BaDgO1c+J6MM1KIV2yAMT7ptDS5+G4BT4m5O9zkTre
hK+Uilr/WdFBhsVWwl8dkkUw8XfNFLAcEJu+2ockius68FHl1kq9jcxc5YLtjeMM
dhy4PpNRgDd4PDHoJWHSwnn8iCRQNXlIceLBKtkmL+TpFqNDOx6klyL2oaxKAM1u
itcgHy6Pkc7KrutBzmMXQ2ZM+3cyPfq+78zEsxhXEW88RfWJzixX1oJUzHzzjceU
HeeTN/tQyBvD3evOSdBzG2RLEgIcH+WT/qfZ5bZtYCgjQKTwZjnnUMTp/7lraPLP
VX47QkS8nrVJ98t9wZLN0gNsJrsg
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:54 2025 by rpki-client