Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A964E82D15811EFB45133BD762E951A.roa
File: 0A964E82D15811EFB45133BD762E951A.roa (raw, json)
Hash identifier: r/IkxLx9WjrKm/ONY0yDlesdO0mpGNUYetqXCr2VWZQ=
Subject key identifier: 14:A6:17:51:D5:65:2F:01:F5:11:42:43:99:29:A9:49:18:99:CE:83
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010654
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A964E82D15811EFB45133BD762E951A.roa
Signing time: Mon 13 Jan 2025 02:42:34 +0000
ROA not before: Mon 13 Jan 2025 02:42:30 +0000
ROA not after: Thu 13 Mar 2025 02:42:30 +0000
asID: 17561
IP address blocks: 45.202.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67156 (0x10654)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 02:42:30 2025 GMT
Not After : Mar 13 02:42:30 2025 GMT
Subject: CN=67847d9a-0603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bf:2c:7d:1e:c0:80:a3:ea:aa:cf:0e:d7:b1:
2a:18:76:11:c6:a9:86:7a:fc:9a:dc:86:69:0e:37:
c9:a6:3a:19:07:bb:30:44:b1:ab:c5:4d:33:bb:70:
09:cc:f4:14:84:45:e3:d9:91:87:67:e2:12:78:d9:
0d:5e:da:1f:43:df:5a:94:b9:2c:0e:cc:51:ab:30:
ab:50:37:6a:bd:0a:98:87:bf:ab:f9:25:02:09:10:
b1:af:67:fd:10:7f:fb:4c:85:c6:d5:c2:64:62:66:
35:e0:15:5c:95:84:d9:23:eb:e6:c1:c2:4b:99:c0:
08:f3:ca:b9:03:3d:c6:2c:16:48:4c:b6:07:e6:a3:
fd:b8:2a:c4:7b:f8:70:32:6f:1e:6a:44:fa:fd:41:
a6:3f:88:19:5c:b8:99:a2:83:1a:53:ff:31:8f:f9:
09:49:66:77:b9:3d:f1:ce:a8:52:46:ef:e9:39:c7:
f3:68:48:ff:17:a1:b9:34:cd:c2:61:5a:58:4a:06:
87:43:e6:76:d3:5d:fd:ea:0f:cc:27:72:de:19:97:
d2:2e:89:a7:c2:9a:37:fd:9b:02:ed:a0:d3:a0:19:
83:a1:07:d0:34:da:a8:38:23:f5:b8:70:ed:fe:53:
46:9b:dd:0d:03:62:46:07:c6:0f:e9:b1:14:8f:41:
d2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A6:17:51:D5:65:2F:01:F5:11:42:43:99:29:A9:49:18:99:CE:83
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A964E82D15811EFB45133BD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.32.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:db:8c:fa:75:06:48:19:4f:92:da:f3:6f:23:76:33:0e:22:
1c:f4:dc:28:cb:1d:c7:af:54:81:36:e2:18:e6:6f:71:e6:d9:
d2:08:2b:5e:6a:23:43:8f:49:fb:99:1f:6a:9d:88:29:ac:11:
6d:fb:2b:4d:f6:35:d8:d3:df:b1:3b:89:e4:20:83:5f:54:ca:
81:70:a7:c3:ff:cc:58:14:5b:76:e1:49:3e:21:28:08:05:84:
36:65:10:19:e2:be:c4:5d:7c:e1:34:50:9f:d5:f2:c9:15:e9:
13:c9:86:d2:3c:2a:b9:86:fc:95:a6:b0:dd:9e:d1:f3:1e:96:
e9:51:11:64:7e:a3:c0:56:d2:c8:8d:c8:5a:70:97:e2:d1:c9:
e4:c5:4e:71:d7:e5:f1:ec:dc:5e:99:31:87:a8:7a:9a:3d:fb:
22:88:15:42:3a:db:09:a4:0a:2d:db:74:b5:32:44:03:d6:5d:
39:29:b8:cd:f3:20:7f:d3:87:f8:e4:5f:51:3a:75:4f:00:6c:
04:18:0b:ca:f2:8a:c2:64:4a:bd:45:52:f5:fd:2b:23:2f:7a:
d0:d4:ad:76:db:16:2b:16:47:cd:48:34:bf:be:8b:78:ba:43:
f7:3f:06:0d:cc:16:02:30:3a:d0:da:be:fa:13:df:49:f1:57:
26:17:d9:b7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQZUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDI0MjMwWhcNMjUwMzEzMDI0MjMwWjAYMRYw
FAYDVQQDEw02Nzg0N2Q5YS0wNjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAk78sfR7AgKPqqs8O17EqGHYRxqmGevya3IZpDjfJpjoZB7swRLGrxU0z
u3AJzPQUhEXj2ZGHZ+ISeNkNXtofQ99alLksDsxRqzCrUDdqvQqYh7+r+SUCCRCx
r2f9EH/7TIXG1cJkYmY14BVclYTZI+vmwcJLmcAI88q5Az3GLBZITLYH5qP9uCrE
e/hwMm8eakT6/UGmP4gZXLiZooMaU/8xj/kJSWZ3uT3xzqhSRu/pOcfzaEj/F6G5
NM3CYVpYSgaHQ+Z201396g/MJ3LeGZfSLomnwpo3/ZsC7aDToBmDoQfQNNqoOCP1
uHDt/lNGm90NA2JGB8YP6bEUj0HSIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBSm
F1HVZS8B9RFCQ5kpqUkYmc6DMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQTk2NEU4MkQxNTgxMUVGQjQ1MTMzQkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcogMA0GCSqGSIb3DQEBCwUA
A4IBAQA924z6dQZIGU+S2vNvI3YzDiIc9Nwoyx3Hr1SBNuIY5m9x5tnSCCteaiND
j0n7mR9qnYgprBFt+ytN9jXY09+xO4nkIINfVMqBcKfD/8xYFFt24Uk+ISgIBYQ2
ZRAZ4r7EXXzhNFCf1fLJFekTyYbSPCq5hvyVprDdntHzHpbpURFkfqPAVtLIjcha
cJfi0cnkxU5x1+Xx7NxemTGHqHqaPfsiiBVCOtsJpAot23S1MkQD1l05KbjN8yB/
04f45F9ROnVPAGwEGAvK8orCZEq9RVL1/SsjL3rQ1K122xYrFkfNSDS/vot4ukP3
PwYNzBYCMDrQ2r76E99J8VcmF9m3
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:17 2025 by rpki-client