Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13D85F28C3FF11EFAA40867A762E951A.roa
File: 13D85F28C3FF11EFAA40867A762E951A.roa (raw, json)
Hash identifier: UCnP9iay0OuVwNF6rStnMddwCY0RU21eEsZxYzy/yPo=
Subject key identifier: 9A:C9:FF:6E:2A:82:71:7D:38:5E:57:31:E3:F1:D1:C0:53:D5:00:01
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EFC2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13D85F28C3FF11EFAA40867A762E951A.roa
Signing time: Fri 27 Dec 2024 03:02:59 +0000
ROA not before: Fri 27 Dec 2024 03:02:55 +0000
ROA not after: Sun 12 Dec 2027 03:02:55 +0000
asID: 17561
IP address blocks: 45.195.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61378 (0xefc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 03:02:55 2024 GMT
Not After : Dec 12 03:02:55 2027 GMT
Subject: CN=676e18e3-392f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0b:41:23:c9:a5:5c:2c:18:cc:8a:f8:3e:c1:
b5:0f:f5:32:e0:cd:74:59:08:be:53:95:34:38:c6:
01:d4:ac:5b:70:d3:fe:d1:bb:1a:d6:ae:07:f6:b0:
bd:34:0f:08:2c:7c:37:b7:b3:67:23:32:29:fd:3a:
2b:6f:37:d5:29:1a:b1:15:63:cb:bf:79:4e:26:65:
b7:17:15:4b:08:5c:f3:2f:81:a1:d5:97:84:b4:23:
35:7b:4b:81:b9:e7:e2:a7:75:8b:71:0e:88:9f:f7:
fd:b3:95:8c:55:bb:13:20:97:f0:76:e2:68:45:58:
6e:df:23:67:22:14:d0:f0:22:23:64:7b:37:95:a8:
fb:44:03:05:33:12:90:97:62:70:79:9f:9a:23:24:
4c:c9:af:86:f4:63:54:8b:e1:75:18:16:a0:16:88:
77:d1:e7:65:ec:4f:8c:e0:48:34:15:82:88:4a:df:
f6:7f:32:f3:01:15:93:c3:01:4c:f3:ea:48:74:1f:
01:76:50:54:75:12:f7:c5:24:19:0b:66:57:fb:e6:
94:5d:d4:01:8b:6a:b1:b6:36:85:4c:4e:b3:e0:4c:
1a:d2:b4:9e:b4:29:b3:7b:a4:79:eb:72:f3:4f:44:
16:b4:4e:d2:13:6b:3c:92:8d:a8:f9:fb:06:c1:4d:
72:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C9:FF:6E:2A:82:71:7D:38:5E:57:31:E3:F1:D1:C0:53:D5:00:01
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13D85F28C3FF11EFAA40867A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.82.0/24
Signature Algorithm: sha256WithRSAEncryption
25:29:cf:7b:78:e8:bc:8c:b6:39:39:a7:a2:86:98:54:3c:4b:
b2:2e:a7:4d:50:20:d1:08:f2:35:42:50:51:3e:5e:d4:1e:89:
03:3c:38:56:50:e7:89:83:59:30:a3:b3:82:67:7d:96:54:fd:
d1:ce:ce:63:94:5c:d5:94:6f:0e:6d:b6:87:0f:19:3c:d0:2a:
ec:16:3f:43:22:39:8f:2b:a8:c4:9c:63:19:46:f4:ed:2b:25:
9d:b5:91:a8:1c:e9:8d:02:7e:16:7e:be:18:26:28:7f:db:86:
93:45:a8:09:cc:9d:20:d2:61:30:cb:96:a8:98:c3:27:88:bc:
e3:d9:fe:84:64:58:79:2a:d2:5b:eb:fa:d4:15:40:71:ef:96:
7f:1f:a3:02:0e:ca:ff:41:15:3c:af:b4:06:c5:30:d4:08:f6:
6e:2b:0e:ea:ab:b3:39:4d:61:48:0d:90:6e:98:91:ea:12:2e:
79:79:c5:90:72:c7:a2:0b:1d:2d:6a:8d:a9:d5:0a:35:7f:1d:
76:02:b6:5b:cf:7b:51:ea:d9:68:9f:7a:11:fe:48:0c:46:92:
b2:0f:c2:d0:69:a6:11:82:27:1e:55:55:f2:a5:26:a0:a6:c8:
a6:53:73:94:84:47:9a:bc:94:9c:e0:c0:a1:46:0f:55:3e:d1:
5d:ab:f7:03
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO/CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDMwMjU1WhcNMjcxMjEyMDMwMjU1WjAYMRYw
FAYDVQQDEw02NzZlMThlMy0zOTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0wtBI8mlXCwYzIr4PsG1D/Uy4M10WQi+U5U0OMYB1KxbcNP+0bsa1q4H
9rC9NA8ILHw3t7NnIzIp/TorbzfVKRqxFWPLv3lOJmW3FxVLCFzzL4Gh1ZeEtCM1
e0uBuefip3WLcQ6In/f9s5WMVbsTIJfwduJoRVhu3yNnIhTQ8CIjZHs3laj7RAMF
MxKQl2JweZ+aIyRMya+G9GNUi+F1GBagFoh30edl7E+M4Eg0FYKISt/2fzLzARWT
wwFM8+pIdB8BdlBUdRL3xSQZC2ZX++aUXdQBi2qxtjaFTE6z4Ewa0rSetCmze6R5
63LzT0QWtE7SE2s8ko2o+fsGwU1ywQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJrJ
/24qgnF9OF5XMePx0cBT1QABMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xM0Q4NUYyOEMzRkYxMUVGQUE0MDg2N0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcNSMA0GCSqGSIb3DQEBCwUA
A4IBAQAlKc97eOi8jLY5OaeihphUPEuyLqdNUCDRCPI1QlBRPl7UHokDPDhWUOeJ
g1kwo7OCZ32WVP3Rzs5jlFzVlG8ObbaHDxk80CrsFj9DIjmPK6jEnGMZRvTtKyWd
tZGoHOmNAn4Wfr4YJih/24aTRagJzJ0g0mEwy5aomMMniLzj2f6EZFh5KtJb6/rU
FUBx75Z/H6MCDsr/QRU8r7QGxTDUCPZuKw7qq7M5TWFIDZBumJHqEi55ecWQcsei
Cx0tao2p1Qo1fx12ArZbz3tR6tlon3oR/kgMRpKyD8LQaaYRgiceVVXypSagpsim
U3OUhEeavJSc4MChRg9VPtFdq/cD
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:03 2025 by rpki-client