Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0205B462C39B11EF9CF28671762E951A.roa
File: 0205B462C39B11EF9CF28671762E951A.roa (raw, json)
Hash identifier: 7gWOUS1kVhK6oi9Aa4WPIvLCJAB0qXtLJ9NDx+z8r+I=
Subject key identifier: 45:7B:89:42:AE:07:FE:D0:7F:90:41:66:D0:81:CA:4B:71:95:A7:93
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ED57
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0205B462C39B11EF9CF28671762E951A.roa
Signing time: Thu 26 Dec 2024 15:06:39 +0000
ROA not before: Thu 26 Dec 2024 15:06:36 +0000
ROA not after: Sun 12 Dec 2027 15:06:36 +0000
asID: 17561
IP address blocks: 45.197.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60759 (0xed57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 15:06:36 2024 GMT
Not After : Dec 12 15:06:36 2027 GMT
Subject: CN=676d70ff-2518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:10:a3:41:48:9d:3c:ff:ef:b3:38:12:2e:08:
bd:4f:78:82:c6:66:d7:0b:cc:75:97:6a:4c:85:0b:
18:21:c0:d7:45:53:55:0d:33:10:5f:19:bd:2b:7a:
da:00:77:da:da:b8:68:98:1a:01:1a:a3:b5:24:a5:
9b:64:ca:bc:ca:90:4c:2c:51:03:bd:a5:f8:51:87:
98:2c:bd:e7:33:ac:04:e1:77:56:fa:80:9f:00:40:
a5:c4:3b:12:31:5e:55:97:9c:a7:e3:c6:4a:c6:a7:
83:85:96:6d:44:b1:15:c1:95:59:7f:fd:47:24:59:
18:ec:39:f4:6a:57:9f:b0:4a:5c:d0:b5:3e:9a:f6:
21:4a:a2:17:9c:66:c8:20:79:44:26:77:27:be:2a:
4b:77:23:76:10:fc:a0:de:de:78:e1:ec:2c:c9:e3:
b1:d3:c6:ba:3b:37:01:ab:81:10:8e:88:0d:82:0a:
ec:09:09:72:56:d7:3f:aa:88:fa:e1:14:a6:ed:7f:
dd:28:7d:ba:93:46:b6:69:70:46:69:b0:83:d5:a6:
e3:a3:60:c1:d4:cf:d4:a1:2a:8d:bd:a8:3c:41:aa:
ef:81:39:b3:c6:6d:db:1d:f7:70:d2:09:d1:0f:8b:
f8:d6:13:dd:f5:10:22:81:51:53:4a:57:91:ea:12:
aa:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:7B:89:42:AE:07:FE:D0:7F:90:41:66:D0:81:CA:4B:71:95:A7:93
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0205B462C39B11EF9CF28671762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.156.0/24
Signature Algorithm: sha256WithRSAEncryption
60:23:2f:74:10:7b:f1:f4:7c:67:6d:9c:8c:6e:7e:c9:38:b7:
69:bf:cd:38:16:39:98:d8:65:23:6d:cc:dc:5d:b0:f2:1b:37:
25:48:ca:79:ad:32:8e:ef:35:ed:22:3f:9c:85:0b:59:55:a4:
20:a3:56:5f:a3:bc:c9:54:9a:bb:13:88:19:29:8e:48:fe:a5:
ee:b4:45:e3:07:27:5c:f5:7f:e3:62:ce:00:67:2c:27:6c:af:
a3:78:0c:43:38:66:5f:5d:b8:56:6d:47:60:1d:f1:c8:79:d7:
e6:85:22:a5:ec:cf:65:02:fc:1e:bb:2f:ff:13:37:97:ba:5a:
af:4d:8d:88:fb:cb:ee:6e:a7:f7:16:f7:85:f2:33:94:62:0a:
39:0a:ea:2a:51:a8:f2:0a:87:42:4e:2c:61:0a:02:fd:8c:cf:
b2:39:a1:d5:d4:fc:b7:83:ee:ad:38:3e:53:0c:ac:17:99:f5:
be:d0:a2:f4:49:a6:b6:20:c4:dd:8c:94:b2:73:2a:db:f2:a9:
f3:fc:2d:38:4a:aa:0a:dd:04:49:f9:ea:01:a3:2f:5c:31:b6:
b4:da:3b:5c:28:c1:57:0c:51:31:03:55:7c:bd:f9:5a:cd:5e:
e0:27:74:bd:d3:0a:23:9d:83:31:c8:09:9c:44:63:75:15:bf:
e8:18:6b:bb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO1XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTUwNjM2WhcNMjcxMjEyMTUwNjM2WjAYMRYw
FAYDVQQDEw02NzZkNzBmZi0yNTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwxCjQUidPP/vszgSLgi9T3iCxmbXC8x1l2pMhQsYIcDXRVNVDTMQXxm9
K3raAHfa2rhomBoBGqO1JKWbZMq8ypBMLFEDvaX4UYeYLL3nM6wE4XdW+oCfAECl
xDsSMV5Vl5yn48ZKxqeDhZZtRLEVwZVZf/1HJFkY7Dn0alefsEpc0LU+mvYhSqIX
nGbIIHlEJncnvipLdyN2EPyg3t544ewsyeOx08a6OzcBq4EQjogNggrsCQlyVtc/
qoj64RSm7X/dKH26k0a2aXBGabCD1abjo2DB1M/UoSqNvag8QarvgTmzxm3bHfdw
0gnRD4v41hPd9RAigVFTSleR6hKqpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEV7
iUKuB/7Qf5BBZtCByktxlaeTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMjA1QjQ2MkMzOUIxMUVGOUNGMjg2NzE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcWcMA0GCSqGSIb3DQEBCwUA
A4IBAQBgIy90EHvx9HxnbZyMbn7JOLdpv804FjmY2GUjbczcXbDyGzclSMp5rTKO
7zXtIj+chQtZVaQgo1Zfo7zJVJq7E4gZKY5I/qXutEXjBydc9X/jYs4AZywnbK+j
eAxDOGZfXbhWbUdgHfHIedfmhSKl7M9lAvweuy//EzeXulqvTY2I+8vubqf3FveF
8jOUYgo5CuoqUajyCodCTixhCgL9jM+yOaHV1Py3g+6tOD5TDKwXmfW+0KL0Saa2
IMTdjJSycyrb8qnz/C04SqoK3QRJ+eoBoy9cMba02jtcKMFXDFExA1V8vflazV7g
J3S90wojnYMxyAmcRGN1Fb/oGGu7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:09 2025 by rpki-client