Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0D303B2C39411EF80FADE4C762E951A.roa
File: F0D303B2C39411EF80FADE4C762E951A.roa (raw, json)
Hash identifier: AXs5+46M/tlNiEPm8aS4CC+F9ABzMfBJ5Fv06pEVXM0=
Subject key identifier: 27:8B:51:AA:CA:E7:5C:96:6B:EA:7D:4F:C1:06:C8:A7:9E:E5:A6:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ED15
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0D303B2C39411EF80FADE4C762E951A.roa
Signing time: Thu 26 Dec 2024 14:23:13 +0000
ROA not before: Thu 26 Dec 2024 14:23:10 +0000
ROA not after: Sun 12 Dec 2027 14:23:10 +0000
asID: 17561
IP address blocks: 45.196.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60693 (0xed15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 14:23:10 2024 GMT
Not After : Dec 12 14:23:10 2027 GMT
Subject: CN=676d66d1-add5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:45:4f:d2:10:43:27:8c:89:7a:dc:f0:e8:7b:
f0:68:d6:99:ce:1c:eb:3c:8f:21:21:c3:42:b7:d5:
65:80:4d:77:ea:71:e9:d0:50:ec:57:59:5e:72:39:
0f:76:93:36:e8:4f:68:8d:2e:10:ad:bb:cd:41:28:
94:a1:65:c4:6f:ab:ea:09:7c:80:de:0b:93:c9:83:
da:a0:1f:42:a6:a8:f4:24:1d:ff:e8:a3:03:d1:f4:
4d:63:7a:8b:6a:65:8f:c5:dd:72:be:28:e9:d0:0c:
3d:d2:6f:47:32:6e:28:d9:fa:92:7c:2e:68:f7:c2:
55:9a:4e:c3:21:75:02:f5:2d:07:fc:5a:88:3a:f4:
dd:f1:f7:c3:6a:e3:33:e3:11:32:56:b7:cf:bd:c9:
55:54:c6:92:11:c3:71:3c:97:b6:07:d1:43:e2:0d:
ca:3d:db:9c:7d:a0:b9:45:5b:9c:51:a6:5e:0b:f8:
5b:91:0c:20:bc:9b:a1:10:7b:c6:95:ea:a6:26:ef:
6a:74:e7:15:f3:32:66:88:76:79:b0:55:0d:08:13:
0a:06:82:17:a4:a9:91:6f:74:92:73:40:5a:cb:d7:
c5:69:a9:f6:e1:72:c1:bb:96:0c:c8:11:2a:01:1d:
20:8b:5c:ee:e4:eb:86:d2:7e:4f:de:33:66:17:c2:
54:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8B:51:AA:CA:E7:5C:96:6B:EA:7D:4F:C1:06:C8:A7:9E:E5:A6:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0D303B2C39411EF80FADE4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.252.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:95:93:a6:65:17:12:37:2d:d5:1a:45:7b:9d:a1:b6:57:77:
ac:13:19:54:49:d8:1d:fa:8a:67:ed:ea:9c:1f:a9:30:20:2f:
6c:3a:c2:54:bc:9c:58:34:f0:99:6c:9e:91:b4:6b:8a:35:2a:
e6:14:9c:e9:66:ef:e8:6e:96:6d:31:15:77:4d:a4:cb:70:6d:
38:fa:69:02:db:13:88:f3:8e:92:17:1a:fe:8e:54:1a:e6:30:
cd:41:60:21:41:5f:53:62:d9:4f:f6:91:5e:22:61:ad:fc:c1:
97:a3:ba:b6:1a:1b:4d:22:dd:88:2a:a8:04:dc:17:f1:d4:eb:
c0:f8:dc:37:fa:2e:0c:1b:c0:df:1b:88:cd:14:72:b2:10:6e:
a9:c9:bb:b4:1d:47:ae:31:5b:e4:3a:13:c1:e5:c9:9e:52:85:
20:04:2a:97:fc:8e:77:51:1f:92:72:eb:36:83:04:b0:12:53:
f6:d1:b6:35:c1:e8:e0:5c:d1:b9:7d:ca:cc:fb:bf:bf:19:52:
12:75:a7:71:e1:74:40:54:ad:9b:c4:45:da:e6:ae:f7:a0:8e:
97:74:d2:aa:5a:9d:88:a6:c4:88:4f:ff:0f:21:5a:53:9e:01:
15:92:4c:f4:a6:3e:3a:70:2f:fd:89:43:48:8b:d0:a3:ff:fd:
96:f1:10:25
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO0VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTQyMzEwWhcNMjcxMjEyMTQyMzEwWjAYMRYw
FAYDVQQDEw02NzZkNjZkMS1hZGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp0VP0hBDJ4yJetzw6HvwaNaZzhzrPI8hIcNCt9VlgE136nHp0FDsV1le
cjkPdpM26E9ojS4QrbvNQSiUoWXEb6vqCXyA3guTyYPaoB9Cpqj0JB3/6KMD0fRN
Y3qLamWPxd1yvijp0Aw90m9HMm4o2fqSfC5o98JVmk7DIXUC9S0H/FqIOvTd8ffD
auMz4xEyVrfPvclVVMaSEcNxPJe2B9FD4g3KPducfaC5RVucUaZeC/hbkQwgvJuh
EHvGleqmJu9qdOcV8zJmiHZ5sFUNCBMKBoIXpKmRb3SSc0Bay9fFaan24XLBu5YM
yBEqAR0gi1zu5OuG0n5P3jNmF8JUnQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCeL
UarK51yWa+p9T8EGyKee5aa8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMEQzMDNCMkMzOTQxMUVGODBGQURFNEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcT8MA0GCSqGSIb3DQEBCwUA
A4IBAQBPlZOmZRcSNy3VGkV7naG2V3esExlUSdgd+opn7eqcH6kwIC9sOsJUvJxY
NPCZbJ6RtGuKNSrmFJzpZu/obpZtMRV3TaTLcG04+mkC2xOI846SFxr+jlQa5jDN
QWAhQV9TYtlP9pFeImGt/MGXo7q2GhtNIt2IKqgE3Bfx1OvA+Nw3+i4MG8DfG4jN
FHKyEG6pybu0HUeuMVvkOhPB5cmeUoUgBCqX/I53UR+Scus2gwSwElP20bY1wejg
XNG5fcrM+7+/GVISdadx4XRAVK2bxEXa5q73oI6XdNKqWp2IpsSIT/8PIVpTngEV
kkz0pj46cC/9iUNIi9Cj//2W8RAl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:36 2025 by rpki-client