Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CD34648C3F311EF8889AFA0762E951A.roa
File: 2CD34648C3F311EF8889AFA0762E951A.roa (raw, json)
Hash identifier: aJHVnF4FYRQ6zLxRGGQgSb8PeEFYVwPpvCMytoaaM+E=
Subject key identifier: 27:30:E7:D6:CD:31:05:EA:29:3A:41:D5:E6:E1:F1:F6:D1:98:93:3B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF66
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CD34648C3F311EF8889AFA0762E951A.roa
Signing time: Fri 27 Dec 2024 01:37:47 +0000
ROA not before: Fri 27 Dec 2024 01:37:41 +0000
ROA not after: Fri 12 Dec 2025 01:37:41 +0000
asID: 984
IP address blocks: 45.194.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61286 (0xef66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Dec 27 01:37:41 2024 GMT
Not After : Dec 12 01:37:41 2025 GMT
Subject: CN=676e04eb-2ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d3:40:42:e0:d8:08:59:c3:a6:f1:7a:1e:be:
3b:ac:30:7d:e9:27:72:a7:81:48:be:3e:08:2b:4d:
56:b0:d2:ab:72:dc:19:27:80:53:5b:d6:fb:8a:4f:
9a:92:6b:8f:f8:b3:c0:b6:8a:f0:51:d3:0b:f3:a1:
22:26:93:55:d1:c0:c3:e9:c3:f8:26:fe:12:30:38:
85:7d:ee:a3:ac:cd:77:0b:51:8b:aa:a4:c0:21:5d:
c8:a9:93:a1:42:69:6f:49:91:52:dd:68:69:ab:f1:
71:67:ad:47:98:67:1e:47:96:5e:94:c5:aa:3b:4b:
5e:6f:ba:06:8a:aa:4a:da:83:fd:e6:8c:50:11:f3:
75:dd:c6:fe:fe:4c:2e:b6:bb:91:3a:53:19:69:4c:
cf:e7:25:3f:2a:29:7d:a0:21:8b:31:2c:ee:15:5a:
93:c3:78:58:c7:4a:13:dd:56:58:b9:26:bb:c6:46:
5e:84:f3:38:9d:b9:a2:d4:49:79:c3:61:f4:36:cd:
f2:7b:22:c0:a6:b6:0d:c7:fc:b3:b2:42:36:d1:f6:
3f:b6:97:87:19:e2:ce:5d:e1:b3:05:f1:b6:13:53:
a2:56:70:95:a8:4c:bf:8a:13:f5:ad:14:e3:84:72:
52:58:42:27:4f:56:ad:a3:59:59:f8:26:7f:1b:31:
84:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:30:E7:D6:CD:31:05:EA:29:3A:41:D5:E6:E1:F1:F6:D1:98:93:3B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CD34648C3F311EF8889AFA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.6.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:53:ff:c8:db:64:d7:57:69:eb:2b:cd:b2:f2:e3:00:b7:d7:
cd:76:43:d1:0c:37:ca:82:e2:71:87:a1:79:6a:cb:4a:9f:4c:
c8:4f:32:4e:8f:f5:eb:26:a1:d3:32:9e:4d:f6:e4:85:75:49:
30:41:e6:69:df:35:65:13:5d:53:c3:46:81:33:bf:fd:52:f7:
5a:83:68:c7:e2:35:1a:40:b9:ee:e5:a5:d7:bc:b4:17:89:b9:
3d:90:f1:f0:99:72:d0:6b:e3:84:20:33:0b:cc:08:d4:fb:cd:
86:78:23:98:6f:7e:b1:59:04:d2:16:34:07:c1:aa:86:a8:02:
5d:1a:21:31:a1:3f:cd:d1:61:8a:fa:87:41:9c:6b:4f:07:7c:
c6:0b:ea:36:60:f9:0a:b1:c9:76:24:b8:e5:91:fe:db:b9:4e:
3d:25:ea:19:28:d0:56:5f:34:ee:1c:62:11:4e:20:7c:bd:13:
f1:fb:ae:cf:36:c2:38:a7:e8:d1:4e:73:14:4f:7e:92:0c:3d:
a1:66:9f:ae:64:d8:92:98:53:fe:61:8b:78:ab:14:da:ad:3b:
ab:5e:fb:bc:e6:81:d7:1d:96:63:39:74:70:61:7b:9b:e2:db:
18:3e:4e:ac:fb:8e:01:ea:f1:b3:6b:9c:6e:ca:b1:61:e1:4d:
58:b3:a5:ec
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO9mMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDEzNzQxWhcNMjUxMjEyMDEzNzQxWjAYMRYw
FAYDVQQDEw02NzZlMDRlYi0yY2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmdNAQuDYCFnDpvF6Hr47rDB96Sdyp4FIvj4IK01WsNKrctwZJ4BTW9b7
ik+akmuP+LPAtorwUdML86EiJpNV0cDD6cP4Jv4SMDiFfe6jrM13C1GLqqTAIV3I
qZOhQmlvSZFS3Whpq/FxZ61HmGceR5ZelMWqO0teb7oGiqpK2oP95oxQEfN13cb+
/kwutruROlMZaUzP5yU/Kil9oCGLMSzuFVqTw3hYx0oT3VZYuSa7xkZehPM4nbmi
1El5w2H0Ns3yeyLAprYNx/yzskI20fY/tpeHGeLOXeGzBfG2E1OiVnCVqEy/ihP1
rRTjhHJSWEInT1ato1lZ+CZ/GzGEVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCcw
59bNMQXqKTpB1ebh8fbRmJM7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQ0QzNDY0OEMzRjMxMUVGODg4OUFGQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcIGMA0GCSqGSIb3DQEBCwUA
A4IBAQCaU//I22TXV2nrK82y8uMAt9fNdkPRDDfKguJxh6F5astKn0zITzJOj/Xr
JqHTMp5N9uSFdUkwQeZp3zVlE11Tw0aBM7/9Uvdag2jH4jUaQLnu5aXXvLQXibk9
kPHwmXLQa+OEIDMLzAjU+82GeCOYb36xWQTSFjQHwaqGqAJdGiExoT/N0WGK+odB
nGtPB3zGC+o2YPkKscl2JLjlkf7buU49JeoZKNBWXzTuHGIRTiB8vRPx+67PNsI4
p+jRTnMUT36SDD2hZp+uZNiSmFP+YYt4qxTarTurXvu85oHXHZZjOXRwYXub4tsY
Pk6s+44B6vGza5xuyrFh4U1Ys6Xs
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:05:52 2025 by rpki-client on console.sobornost.net