Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0366E324C38911EF9A14357F762E951A.roa
File: 0366E324C38911EF9A14357F762E951A.roa (raw, json)
Hash identifier: h+1kOVlgAnZn1BKsoqDjFZK2ZPaftCl99Bf+4UpPgGE=
Subject key identifier: F5:1E:5F:8B:4D:3F:1E:71:6D:AB:11:72:C0:41:53:5C:0A:7D:19:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC93
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0366E324C38911EF9A14357F762E951A.roa
Signing time: Thu 26 Dec 2024 12:57:51 +0000
ROA not before: Thu 26 Dec 2024 12:57:47 +0000
ROA not after: Sun 12 Dec 2027 12:57:47 +0000
asID: 17561
IP address blocks: 45.196.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60563 (0xec93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 12:57:47 2024 GMT
Not After : Dec 12 12:57:47 2027 GMT
Subject: CN=676d52cf-3c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7c:de:94:da:5f:c0:e6:1b:f2:72:87:82:91:
34:a8:eb:98:80:b8:c6:04:10:b1:8a:bb:29:9b:ad:
41:9d:c2:99:09:41:5a:65:2d:47:d6:8e:7f:33:e2:
29:17:b4:d4:79:9f:b6:e1:40:92:50:ac:81:93:f6:
a6:ae:0d:21:d9:0e:45:de:a1:a8:f6:14:b3:b8:1a:
ca:66:11:78:93:88:81:b5:9b:5e:5e:db:ce:94:13:
70:0a:84:21:4f:b8:f5:89:6d:be:ab:b3:a0:c3:26:
48:d6:ad:ca:7b:2d:53:f3:a2:01:b2:5c:67:de:1d:
e4:d1:27:77:4c:13:02:f5:b2:07:f0:3c:ce:1d:1d:
b6:5a:05:23:87:f4:09:05:fe:88:47:8e:c8:23:11:
e2:24:01:52:32:2e:41:7e:2a:99:39:24:e0:0d:70:
69:15:36:7b:e6:22:5e:ec:7d:5c:60:53:c4:ae:a6:
85:88:99:3a:ad:d4:10:13:51:c2:a5:17:5c:67:e4:
1d:cc:00:ba:05:f2:d2:e0:80:1c:31:86:1f:b2:26:
ec:4f:50:f4:91:1e:80:a0:56:1f:c1:af:c0:d0:eb:
ae:4e:a4:44:f1:71:dc:8f:0e:34:14:d4:4a:cf:a4:
05:df:ad:4d:f8:c3:71:53:9a:1f:ec:17:f8:fa:40:
07:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1E:5F:8B:4D:3F:1E:71:6D:AB:11:72:C0:41:53:5C:0A:7D:19:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0366E324C38911EF9A14357F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.155.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:b1:61:9d:06:7d:b7:16:be:55:06:8a:ac:f2:ac:4e:71:3e:
ff:f6:d8:3c:48:d5:f9:ba:6f:e0:0a:bc:04:c1:19:3f:67:3c:
31:6e:98:ef:c8:e6:c1:81:a4:69:03:e1:89:dc:62:9c:8f:e2:
36:08:c1:45:b3:3b:1e:a4:11:4c:19:13:7e:a8:68:83:76:2a:
63:e6:15:d8:32:f3:62:1e:89:fd:7d:55:c4:48:68:ce:dd:db:
bd:ba:e3:dd:b1:93:12:63:cd:6b:3f:0f:37:46:74:7a:ff:c6:
72:72:8f:71:68:c3:e7:bb:66:80:a9:ec:07:db:da:1e:d9:0b:
5d:95:e6:f2:71:7d:a4:56:75:ab:17:91:a6:65:4a:0d:19:a7:
a0:07:02:6c:22:24:61:57:7e:41:ab:65:e6:01:4b:36:2c:74:
2f:42:98:b5:36:80:82:0e:27:e5:f1:01:8c:39:27:07:4e:c0:
c7:2a:76:c7:82:8b:7b:ab:a0:e6:be:54:f0:5a:61:21:a7:7a:
f8:f1:90:0e:6c:d0:bd:80:9b:0f:c8:04:46:21:9e:d3:d7:29:
b3:8c:75:98:23:bf:a6:bc:5e:b6:69:0f:5b:aa:b5:45:21:ba:
bc:29:27:25:7b:64:94:09:6c:5f:94:ce:2a:07:07:e1:94:65:
c3:9c:b9:75
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOyTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTI1NzQ3WhcNMjcxMjEyMTI1NzQ3WjAYMRYw
FAYDVQQDEw02NzZkNTJjZi0zYzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnHzelNpfwOYb8nKHgpE0qOuYgLjGBBCxirspm61BncKZCUFaZS1H1o5/
M+IpF7TUeZ+24UCSUKyBk/amrg0h2Q5F3qGo9hSzuBrKZhF4k4iBtZteXtvOlBNw
CoQhT7j1iW2+q7OgwyZI1q3Key1T86IBslxn3h3k0Sd3TBMC9bIH8DzOHR22WgUj
h/QJBf6IR47IIxHiJAFSMi5BfiqZOSTgDXBpFTZ75iJe7H1cYFPErqaFiJk6rdQQ
E1HCpRdcZ+QdzAC6BfLS4IAcMYYfsibsT1D0kR6AoFYfwa/A0OuuTqRE8XHcjw40
FNRKz6QF361N+MNxU5of7Bf4+kAH+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPUe
X4tNPx5xbasRcsBBU1wKfRnTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMzY2RTMyNEMzODkxMUVGOUExNDM1N0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcSbMA0GCSqGSIb3DQEBCwUA
A4IBAQCasWGdBn23Fr5VBoqs8qxOcT7/9tg8SNX5um/gCrwEwRk/ZzwxbpjvyObB
gaRpA+GJ3GKcj+I2CMFFszsepBFMGRN+qGiDdipj5hXYMvNiHon9fVXESGjO3du9
uuPdsZMSY81rPw83RnR6/8Zyco9xaMPnu2aAqewH29oe2QtdlebycX2kVnWrF5Gm
ZUoNGaegBwJsIiRhV35Bq2XmAUs2LHQvQpi1NoCCDifl8QGMOScHTsDHKnbHgot7
q6DmvlTwWmEhp3r48ZAObNC9gJsPyARGIZ7T1ymzjHWYI7+mvF62aQ9bqrVFIbq8
KScle2SUCWxflM4qBwfhlGXDnLl1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:55 2025 by rpki-client