Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF8E93DEC39011EFBC1D00B3762E951A.roa
File: FF8E93DEC39011EFBC1D00B3762E951A.roa (raw, json)
Hash identifier: /HXX8kqImemGwyilestLSRCBEGctUoyFTavtjHwSVAs=
Subject key identifier: DE:F1:A7:6D:DF:3F:07:59:C7:F4:DC:A1:2D:A3:89:D1:6F:2F:38:5C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECE9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF8E93DEC39011EFBC1D00B3762E951A.roa
Signing time: Thu 26 Dec 2024 13:55:00 +0000
ROA not before: Thu 26 Dec 2024 13:54:57 +0000
ROA not after: Sun 12 Dec 2027 13:54:57 +0000
asID: 17561
IP address blocks: 45.196.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60649 (0xece9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 13:54:57 2024 GMT
Not After : Dec 12 13:54:57 2027 GMT
Subject: CN=676d6034-14e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9b:03:39:de:2d:25:66:17:60:74:13:70:33:
5f:ff:f7:db:c3:da:64:f7:9e:64:7d:f6:44:ef:ea:
34:da:94:1e:0e:da:ec:25:45:60:92:01:03:16:37:
ef:dc:b3:a0:d5:46:be:ba:48:c2:cd:ff:40:ac:b2:
b3:69:97:38:5a:fe:10:c7:53:4e:2d:68:f2:0e:b1:
bb:eb:e2:69:dd:d3:10:dc:e5:e4:b0:dc:ec:e4:5d:
cb:a3:6d:5c:ea:21:fe:7b:bc:90:b0:e7:9d:c2:7e:
c0:f0:0a:3a:b6:2c:69:e6:92:32:b8:a6:ea:bb:16:
8b:ea:d4:d2:63:d6:33:dd:b7:40:78:96:85:d1:40:
40:e9:b3:7e:d0:9c:77:80:ca:b0:6c:ce:0d:a9:80:
43:8a:c7:d7:2e:9c:f9:88:18:f5:78:15:32:cf:49:
ff:a3:e5:5b:b5:44:14:e0:5c:20:f1:a2:ac:9c:37:
bb:69:aa:cb:2e:a0:9e:b3:57:6b:98:d8:e3:27:5b:
05:19:f0:0f:22:55:b6:1f:6d:21:68:91:1a:ea:ff:
7a:cc:55:bb:cf:da:a0:73:f4:c8:f1:0a:5d:38:56:
d8:d8:98:10:93:66:d9:9f:f8:a4:82:fe:82:fe:c8:
2b:83:76:3b:f7:bd:7a:ad:a6:e5:ff:b5:58:ae:b7:
dd:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F1:A7:6D:DF:3F:07:59:C7:F4:DC:A1:2D:A3:89:D1:6F:2F:38:5C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF8E93DEC39011EFBC1D00B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.230.0/24
Signature Algorithm: sha256WithRSAEncryption
98:95:78:33:fa:de:90:c5:24:6f:44:89:5b:97:12:63:51:a0:
d3:ef:9f:00:23:ed:f2:63:fb:ec:3c:de:e3:fd:06:8a:4d:97:
a9:33:8b:86:64:b2:5a:a9:15:cc:b2:21:21:95:86:e9:1c:2d:
f3:42:8b:a2:15:9b:51:c5:85:98:4f:a7:e4:6d:9c:0a:87:78:
27:ad:1f:43:ab:3f:4a:c7:f4:58:4d:37:bc:de:3b:5d:1d:0a:
ce:f9:5b:27:39:72:f9:03:45:8c:c4:68:11:74:1c:04:e3:4d:
87:08:ba:88:6a:4c:19:e1:1c:e8:82:f6:47:77:56:80:08:29:
28:b9:2f:8e:ac:18:3b:8b:83:38:7f:83:55:a4:54:c0:f9:87:
54:34:7b:e5:d6:c3:b0:7a:09:98:ea:01:6d:72:78:7f:d0:91:
54:8e:fa:96:fe:a8:6d:e0:5d:0d:ea:53:d3:d6:21:a8:e6:ee:
c7:6f:65:e3:79:55:f6:45:e2:fd:6c:a7:f9:26:90:3e:56:e3:
f5:75:3d:ea:c0:81:3b:6f:00:cf:ad:96:03:38:cd:b3:4a:32:
ee:13:7c:e7:39:d1:8a:84:e7:7a:f1:9d:4e:4c:9f:48:fb:8c:
7a:ff:25:48:cb:6e:e2:14:c9:04:98:05:6f:7a:1f:2c:e0:e6:
04:df:09:a4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOzpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTM1NDU3WhcNMjcxMjEyMTM1NDU3WjAYMRYw
FAYDVQQDEw02NzZkNjAzNC0xNGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1JsDOd4tJWYXYHQTcDNf//fbw9pk955kffZE7+o02pQeDtrsJUVgkgED
Fjfv3LOg1Ua+ukjCzf9ArLKzaZc4Wv4Qx1NOLWjyDrG76+Jp3dMQ3OXksNzs5F3L
o21c6iH+e7yQsOedwn7A8Ao6tixp5pIyuKbquxaL6tTSY9Yz3bdAeJaF0UBA6bN+
0Jx3gMqwbM4NqYBDisfXLpz5iBj1eBUyz0n/o+VbtUQU4Fwg8aKsnDe7aarLLqCe
s1drmNjjJ1sFGfAPIlW2H20haJEa6v96zFW7z9qgc/TI8QpdOFbY2JgQk2bZn/ik
gv6C/sgrg3Y79716rabl/7VYrrfd1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN7x
p23fPwdZx/TcoS2jidFvLzhcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRjhFOTNERUMzOTAxMUVGQkMxRDAwQjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTmMA0GCSqGSIb3DQEBCwUA
A4IBAQCYlXgz+t6QxSRvRIlblxJjUaDT758AI+3yY/vsPN7j/QaKTZepM4uGZLJa
qRXMsiEhlYbpHC3zQouiFZtRxYWYT6fkbZwKh3gnrR9Dqz9Kx/RYTTe83jtdHQrO
+VsnOXL5A0WMxGgRdBwE402HCLqIakwZ4RzogvZHd1aACCkouS+OrBg7i4M4f4NV
pFTA+YdUNHvl1sOwegmY6gFtcnh/0JFUjvqW/qht4F0N6lPT1iGo5u7Hb2XjeVX2
ReL9bKf5JpA+VuP1dT3qwIE7bwDPrZYDOM2zSjLuE3znOdGKhOd68Z1OTJ9I+4x6
/yVIy27iFMkEmAVveh8s4OYE3wmk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:40 2025 by rpki-client