Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCF743D6C3F011EF8C908291762E951A.roa
File: FCF743D6C3F011EF8C908291762E951A.roa (raw, json)
Hash identifier: c/s/Aa2mfTZKqKet1oFBy/46FU2E0KM/bHI7QwpR4qc=
Subject key identifier: 00:99:88:49:D5:AB:B2:7E:D0:5B:21:A4:51:18:B3:5C:97:CA:B0:B9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF50
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCF743D6C3F011EF8C908291762E951A.roa
Signing time: Fri 27 Dec 2024 01:22:08 +0000
ROA not before: Fri 27 Dec 2024 01:22:04 +0000
ROA not after: Fri 12 Dec 2025 01:22:04 +0000
asID: 984
IP address blocks: 45.192.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61264 (0xef50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 01:22:04 2024 GMT
Not After : Dec 12 01:22:04 2025 GMT
Subject: CN=676e013f-20dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a9:5e:0f:17:db:f9:7c:7c:79:1b:5c:3c:fc:
19:bc:51:39:0b:61:92:94:bc:0f:37:bb:f4:89:0d:
ed:6a:9c:ba:84:11:57:91:09:64:c7:68:b9:0a:a4:
c8:73:7e:85:87:aa:0c:aa:7b:be:8e:05:f5:70:5b:
0b:4d:cd:37:25:c8:84:40:04:01:6d:b1:2e:e9:32:
9f:c6:cf:e5:0d:bf:9a:bc:d2:c2:f7:36:34:bf:ae:
fc:c1:5d:51:95:f4:38:3c:a0:3f:fa:04:28:ba:4c:
83:43:33:49:29:b0:13:c9:4e:4f:25:44:ee:2e:2e:
4e:02:84:c0:e9:59:df:65:63:0b:b2:f3:c2:c6:8a:
3a:7e:5f:7b:0a:d8:67:99:b6:cf:c5:72:d3:88:00:
31:f4:bb:c8:bd:13:23:df:ec:eb:9d:00:c6:03:40:
f3:14:82:7c:a3:c7:46:2d:50:ed:ba:fc:ba:78:72:
e0:ba:5b:23:fa:76:3f:f3:2d:55:96:37:ca:37:d8:
fc:83:72:5f:80:7d:81:11:da:88:1d:0b:65:50:c6:
6b:97:07:ae:e3:f6:52:6a:57:2a:2a:bb:7b:87:f8:
37:74:51:c5:2f:34:35:c0:8e:81:a6:a3:19:33:3c:
4d:b1:f4:d0:96:40:8b:22:63:c6:4c:4a:fd:dd:ab:
0e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:99:88:49:D5:AB:B2:7E:D0:5B:21:A4:51:18:B3:5C:97:CA:B0:B9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCF743D6C3F011EF8C908291762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.248.0/24
Signature Algorithm: sha256WithRSAEncryption
49:7b:9c:ef:c2:7f:2a:ab:71:35:c4:91:42:6c:b6:46:bc:b7:
9f:04:33:25:72:a6:3d:76:b0:1f:97:89:1f:66:7e:dd:64:09:
c9:55:f1:9b:94:cf:f3:3a:0a:3e:0d:80:87:6e:cc:1a:4a:fc:
26:b3:aa:37:0b:0c:51:a4:e9:0c:ab:f7:67:96:a5:bc:fd:77:
cc:01:8f:32:30:3a:6a:8f:2d:07:85:2e:fc:e2:31:c8:0d:38:
2c:6d:f7:ec:be:75:9e:f9:6a:ef:17:45:53:9f:cc:7d:0f:da:
06:db:fb:ad:70:d8:d8:33:62:bd:ff:4c:6e:fd:64:9c:ec:fa:
aa:b4:77:65:9a:c8:17:98:4b:09:aa:fd:06:cd:14:07:28:01:
66:a7:74:8d:d5:07:b6:e4:ba:69:44:20:f3:41:da:f2:cd:ab:
ad:1c:36:45:8c:92:86:0c:39:a5:69:9d:88:14:9e:1b:eb:10:
44:6d:55:5b:11:f4:92:f7:50:82:5b:4b:e2:d7:dc:94:00:8a:
64:2d:b2:b7:a1:74:62:58:54:f5:02:85:44:f6:f3:67:25:d3:
68:4b:45:60:a1:b0:ef:80:39:70:c9:66:01:d5:27:b9:31:41:
f5:61:44:0b:a1:35:bb:e6:62:25:39:e6:5a:cd:84:e5:c0:d8:
20:59:0b:c7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO9QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDEyMjA0WhcNMjUxMjEyMDEyMjA0WjAYMRYw
FAYDVQQDEw02NzZlMDEzZi0yMGRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw6leDxfb+Xx8eRtcPPwZvFE5C2GSlLwPN7v0iQ3tapy6hBFXkQlkx2i5
CqTIc36Fh6oMqnu+jgX1cFsLTc03JciEQAQBbbEu6TKfxs/lDb+avNLC9zY0v678
wV1RlfQ4PKA/+gQoukyDQzNJKbATyU5PJUTuLi5OAoTA6VnfZWMLsvPCxoo6fl97
CthnmbbPxXLTiAAx9LvIvRMj3+zrnQDGA0DzFIJ8o8dGLVDtuvy6eHLgulsj+nY/
8y1VljfKN9j8g3JfgH2BEdqIHQtlUMZrlweu4/ZSalcqKrt7h/g3dFHFLzQ1wI6B
pqMZMzxNsfTQlkCLImPGTEr93asOpwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFACZ
iEnVq7J+0FshpFEYs1yXyrC5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQ0Y3NDNENkMzRjAxMUVGOEM5MDgyOTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcD4MA0GCSqGSIb3DQEBCwUA
A4IBAQBJe5zvwn8qq3E1xJFCbLZGvLefBDMlcqY9drAfl4kfZn7dZAnJVfGblM/z
Ogo+DYCHbswaSvwms6o3CwxRpOkMq/dnlqW8/XfMAY8yMDpqjy0HhS784jHIDTgs
bffsvnWe+WrvF0VTn8x9D9oG2/utcNjYM2K9/0xu/WSc7PqqtHdlmsgXmEsJqv0G
zRQHKAFmp3SN1Qe25LppRCDzQdryzautHDZFjJKGDDmlaZ2IFJ4b6xBEbVVbEfSS
91CCW0vi19yUAIpkLbK3oXRiWFT1AoVE9vNnJdNoS0VgobDvgDlwyWYB1Se5MUH1
YUQLoTW75mIlOeZazYTlwNggWQvH
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:11 2025 by rpki-client