Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF3B18B0C3FB11EFB89B8F64762E951A.roa
File: FF3B18B0C3FB11EFB89B8F64762E951A.roa (raw, json)
Hash identifier: c1oWH/zMfxXX8e8uk6yWOLui+NV3oyS2iV379ib0/Uw=
Subject key identifier: 7D:4F:65:38:4D:F8:05:BE:19:CB:F6:3B:83:95:6E:65:A2:98:8F:43
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EFAA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF3B18B0C3FB11EFB89B8F64762E951A.roa
Signing time: Fri 27 Dec 2024 02:40:56 +0000
ROA not before: Fri 27 Dec 2024 02:40:52 +0000
ROA not after: Sun 12 Dec 2027 02:40:52 +0000
asID: 17561
IP address blocks: 45.195.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61354 (0xefaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 02:40:52 2024 GMT
Not After : Dec 12 02:40:52 2027 GMT
Subject: CN=676e13b8-5971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:77:50:35:ba:91:81:77:d2:6c:94:15:56:4b:
0b:17:d0:1b:96:4f:87:23:15:57:4b:25:15:1e:47:
3e:c0:a3:e5:1e:a2:1f:ec:45:27:b2:b4:68:8e:9a:
53:83:4f:72:67:73:a8:e1:24:b0:a9:aa:2c:7f:c4:
d7:a6:11:72:e5:f3:d9:a3:e5:1f:f3:18:1f:21:bc:
73:71:d3:dd:42:98:35:91:a0:a8:b5:b8:17:e3:51:
69:c4:4c:b6:ea:86:67:c0:d3:e9:b0:b8:fd:d9:3e:
39:bc:11:97:51:8a:f3:33:38:c0:75:63:7b:99:7d:
b8:dc:52:5f:68:56:a5:0f:29:61:6f:7b:77:09:35:
71:cd:3b:ca:15:ce:79:74:9d:6d:cb:ef:dd:92:2a:
a0:a7:cc:b1:67:29:94:8f:f4:dc:05:a9:a3:63:46:
a1:9f:6a:05:54:b8:ef:dc:59:17:e7:7e:86:c9:00:
90:bb:a0:f1:ef:df:8c:b8:db:07:63:1b:fd:08:bb:
0f:7a:b6:8f:d5:ce:d1:75:90:ed:09:bc:2e:66:16:
11:0f:ac:dd:2f:ae:ab:89:00:4d:4a:c5:0a:d3:be:
5b:89:06:14:90:e9:0e:37:9f:f1:74:3b:dc:15:a1:
db:e9:1f:34:a7:b0:fc:b5:40:8a:62:8b:ce:db:0b:
1e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:4F:65:38:4D:F8:05:BE:19:CB:F6:3B:83:95:6E:65:A2:98:8F:43
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF3B18B0C3FB11EFB89B8F64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.8.0/24
Signature Algorithm: sha256WithRSAEncryption
55:63:f1:ba:53:d7:f4:f4:d8:91:fc:11:29:b4:d8:8c:b1:d9:
cd:9b:3b:a0:9b:21:93:9f:cd:c0:29:0c:60:21:b9:86:ff:ed:
4e:d6:46:0a:83:dc:1d:f7:12:ef:d3:1c:47:e6:01:13:3b:d8:
ac:32:a1:0b:20:a7:b3:3f:10:5e:e6:e5:a9:95:7f:9c:18:3e:
81:64:4c:94:f6:01:e3:32:16:d5:d3:24:89:18:28:aa:3b:15:
c5:e5:b3:1e:39:94:0c:ad:7d:ea:e8:cb:6c:08:9a:7a:b9:9b:
f6:26:36:df:78:0f:ba:8a:81:40:3c:07:b4:fc:90:a6:05:a6:
b1:e7:89:96:ba:50:c4:4e:9c:e4:47:93:4c:27:7d:e3:df:61:
77:08:42:7f:8e:c4:ca:d8:16:9c:3d:72:af:74:f5:bb:66:6d:
cc:48:62:07:0c:d8:b6:be:e6:6b:9c:91:9e:86:56:d9:68:8b:
76:25:24:f8:bc:8c:4d:2e:25:fb:0d:33:91:05:3e:77:cf:61:
8d:d2:f9:73:db:58:5e:da:66:b5:04:29:1c:d2:4d:2c:85:0c:
0b:71:2c:34:46:15:27:77:50:dd:50:76:2d:c8:da:12:74:87:
69:3b:88:bd:2c:18:b4:53:49:fe:b9:1f:15:74:39:41:03:c6:
61:3d:27:26
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO+qMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDI0MDUyWhcNMjcxMjEyMDI0MDUyWjAYMRYw
FAYDVQQDEw02NzZlMTNiOC01OTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsXdQNbqRgXfSbJQVVksLF9Ablk+HIxVXSyUVHkc+wKPlHqIf7EUnsrRo
jppTg09yZ3Oo4SSwqaosf8TXphFy5fPZo+Uf8xgfIbxzcdPdQpg1kaCotbgX41Fp
xEy26oZnwNPpsLj92T45vBGXUYrzMzjAdWN7mX243FJfaFalDylhb3t3CTVxzTvK
Fc55dJ1ty+/dkiqgp8yxZymUj/TcBamjY0ahn2oFVLjv3FkX536GyQCQu6Dx79+M
uNsHYxv9CLsPeraP1c7RdZDtCbwuZhYRD6zdL66riQBNSsUK075biQYUkOkON5/x
dDvcFaHb6R80p7D8tUCKYovO2wsecQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH1P
ZThN+AW+Gcv2O4OVbmWimI9DMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRjNCMThCMEMzRkIxMUVGQjg5QjhGNjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcMIMA0GCSqGSIb3DQEBCwUA
A4IBAQBVY/G6U9f09NiR/BEptNiMsdnNmzugmyGTn83AKQxgIbmG/+1O1kYKg9wd
9xLv0xxH5gETO9isMqELIKezPxBe5uWplX+cGD6BZEyU9gHjMhbV0ySJGCiqOxXF
5bMeOZQMrX3q6MtsCJp6uZv2JjbfeA+6ioFAPAe0/JCmBaax54mWulDETpzkR5NM
J33j32F3CEJ/jsTK2BacPXKvdPW7Zm3MSGIHDNi2vuZrnJGehlbZaIt2JST4vIxN
LiX7DTORBT53z2GN0vlz21he2ma1BCkc0k0shQwLcSw0RhUnd1DdUHYtyNoSdIdp
O4i9LBi0U0n+uR8VdDlBA8ZhPScm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:31 2025 by rpki-client