Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB0E93BCBDB011EFB59F018A762E951A.roa
File: FB0E93BCBDB011EFB59F018A762E951A.roa (raw, json)
Hash identifier: r9vZhPvLh6H3IIFDqNnE2CdSLFK3GtbSuabWN8Z6nKs=
Subject key identifier: D7:18:8D:B1:4C:7C:4A:84:9F:9B:6F:6D:3E:E5:B0:14:64:F9:1C:0F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E4AF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB0E93BCBDB011EFB59F018A762E951A.roa
Signing time: Thu 19 Dec 2024 02:28:50 +0000
ROA not before: Thu 19 Dec 2024 02:28:46 +0000
ROA not after: Wed 10 Dec 2025 02:28:46 +0000
asID: 984
IP address blocks: 45.198.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58543 (0xe4af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 02:28:46 2024 GMT
Not After : Dec 10 02:28:46 2025 GMT
Subject: CN=676384e1-d998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:94:71:6f:31:3b:27:bd:47:f9:d5:c2:50:b6:
12:9d:e7:28:02:be:5f:8b:bb:12:d2:61:d3:7d:08:
6f:d2:cf:12:90:bc:0b:61:50:c4:2a:36:a1:ba:39:
ed:32:ad:82:c3:31:d1:60:ab:80:1e:71:d9:24:1c:
66:00:c1:09:d7:97:c7:a4:d7:08:0d:83:a0:4e:a1:
13:92:66:b7:40:85:c7:b7:9a:8b:e0:a7:a0:da:64:
de:36:3b:bd:ef:83:c3:66:28:55:5d:51:42:69:58:
c0:04:f0:42:08:95:7e:78:e4:51:37:b4:f4:5d:d5:
d0:e7:08:2d:e9:5a:69:08:90:ec:22:b1:b2:c4:e9:
86:71:88:d3:d9:21:09:87:3a:a8:67:09:43:33:b0:
e9:af:2d:fb:6b:57:12:ec:88:79:4c:37:fa:b6:54:
ac:f5:1b:31:4e:6a:98:fc:fd:ad:d3:b5:a6:e1:5c:
68:62:63:05:e5:94:e5:e4:65:dc:04:60:5c:c1:41:
25:b2:f9:07:8e:23:96:1d:67:ff:23:ef:d4:99:5c:
f7:02:7d:21:28:27:94:ef:d7:7a:84:6f:fb:b1:1f:
e1:51:2e:a3:f5:a2:9d:fd:cf:9e:f1:68:24:d2:78:
b9:45:69:6a:4e:f5:73:52:84:46:d7:85:98:5a:7e:
da:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:18:8D:B1:4C:7C:4A:84:9F:9B:6F:6D:3E:E5:B0:14:64:F9:1C:0F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB0E93BCBDB011EFB59F018A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.239.0/24
Signature Algorithm: sha256WithRSAEncryption
00:c9:eb:af:b5:01:8b:ca:ec:44:24:fe:c6:c5:45:89:1b:2f:
05:29:f9:e0:6d:e6:5a:42:40:ee:44:de:67:03:84:61:cf:d2:
d2:8f:b0:cd:ff:b8:eb:a8:cc:6d:e2:6d:35:99:42:48:55:a6:
d8:bb:59:ad:50:35:a0:03:42:44:ae:46:1f:47:7c:0a:ba:32:
af:44:ef:83:bf:83:5a:e1:b6:92:58:29:f1:4b:3c:2d:9f:51:
dc:c5:e2:bf:cf:f3:8b:70:3a:dc:14:b0:24:fa:8f:b8:0a:a1:
c9:75:f4:47:b3:08:c6:ef:c2:8b:25:01:a5:d0:7d:7a:55:5a:
5d:f1:65:00:1d:ee:21:e8:54:83:b6:1d:e6:53:9d:11:a2:18:
2d:0c:91:5d:5c:fe:6c:f3:16:ae:b1:1c:45:90:d6:1b:03:f1:
90:c3:fc:6d:95:48:99:49:29:fc:85:13:b3:f3:78:0e:07:cd:
83:32:00:c1:34:ab:c4:25:f0:8a:78:93:93:45:0b:c3:3a:23:
b3:4e:26:f1:6d:ab:d7:93:79:1e:4d:92:c0:62:bd:7b:b6:84:
de:7d:ac:b4:26:ef:d3:fe:a2:1a:29:ef:8b:62:01:f7:19:0d:
88:1d:eb:d5:3e:dc:37:10:91:be:6d:ca:f8:b2:7b:c5:ad:6d:
15:75:54:96
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOSvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDIyODQ2WhcNMjUxMjEwMDIyODQ2WjAYMRYw
FAYDVQQDEw02NzYzODRlMS1kOTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxZRxbzE7J71H+dXCULYSnecoAr5fi7sS0mHTfQhv0s8SkLwLYVDEKjah
ujntMq2CwzHRYKuAHnHZJBxmAMEJ15fHpNcIDYOgTqETkma3QIXHt5qL4Keg2mTe
Nju974PDZihVXVFCaVjABPBCCJV+eORRN7T0XdXQ5wgt6VppCJDsIrGyxOmGcYjT
2SEJhzqoZwlDM7Dpry37a1cS7Ih5TDf6tlSs9RsxTmqY/P2t07Wm4VxoYmMF5ZTl
5GXcBGBcwUElsvkHjiOWHWf/I+/UmVz3An0hKCeU79d6hG/7sR/hUS6j9aKd/c+e
8Wgk0ni5RWlqTvVzUoRG14WYWn7aIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNcY
jbFMfEqEn5tvbT7lsBRk+RwPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQjBFOTNCQ0JEQjAxMUVGQjU5RjAxOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcbvMA0GCSqGSIb3DQEBCwUA
A4IBAQAAyeuvtQGLyuxEJP7GxUWJGy8FKfngbeZaQkDuRN5nA4Rhz9LSj7DN/7jr
qMxt4m01mUJIVabYu1mtUDWgA0JErkYfR3wKujKvRO+Dv4Na4baSWCnxSzwtn1Hc
xeK/z/OLcDrcFLAk+o+4CqHJdfRHswjG78KLJQGl0H16VVpd8WUAHe4h6FSDth3m
U50RohgtDJFdXP5s8xausRxFkNYbA/GQw/xtlUiZSSn8hROz83gOB82DMgDBNKvE
JfCKeJOTRQvDOiOzTibxbavXk3keTZLAYr17toTefay0Ju/T/qIaKe+LYgH3GQ2I
HevVPtw3EJG+bcr4snvFrW0VdVSW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:20 2025 by rpki-client