Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/147F3C3EC3B011EF927F3475762E951A.roa
File: 147F3C3EC3B011EF927F3475762E951A.roa (raw, json)
Hash identifier: L6iNJoGNh2OceXbale5ds5BbifINq6/tQQL3nkAxyXQ=
Subject key identifier: B9:67:7C:F6:09:81:56:EE:FA:80:B6:E6:81:59:80:E7:30:56:E1:71
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE37
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/147F3C3EC3B011EF927F3475762E951A.roa
Signing time: Thu 26 Dec 2024 17:37:30 +0000
ROA not before: Thu 26 Dec 2024 17:37:26 +0000
ROA not after: Fri 12 Dec 2025 17:37:26 +0000
asID: 984
IP address blocks: 45.202.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60983 (0xee37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 17:37:26 2024 GMT
Not After : Dec 12 17:37:26 2025 GMT
Subject: CN=676d945a-d2a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:14:76:55:cf:f1:b8:62:48:5b:c5:e9:9e:f2:
c1:31:c2:c4:f2:37:a4:50:41:c0:9a:4a:48:54:2f:
82:e1:bc:24:28:e0:e0:ff:c0:c3:b0:20:26:cd:0b:
9f:d3:98:93:eb:e8:7c:cc:5c:21:c8:04:83:e1:bd:
02:ea:33:3b:25:c5:9c:a6:34:7b:00:47:94:fc:ea:
82:4e:f5:30:f4:45:7f:87:44:a3:5e:38:91:da:eb:
b8:27:0c:66:68:60:d0:1a:9f:83:89:27:a2:c6:11:
74:57:d7:90:7a:62:b4:64:67:00:ea:e8:62:77:98:
d4:33:9a:cb:3c:90:d1:ff:0f:96:47:f8:e3:25:35:
fb:2d:eb:36:88:4f:8c:af:00:9a:92:9a:00:cf:d2:
f3:b8:ae:d3:25:d3:38:ee:03:ba:10:2a:27:b7:3c:
34:9a:26:23:42:29:ed:7c:ae:a5:cf:40:f9:66:4b:
e9:3b:af:fe:10:31:d9:c8:d1:d7:01:c5:e0:48:13:
6b:41:78:2a:86:7c:60:9a:8c:9a:23:2f:d9:fb:2b:
bf:eb:3b:82:87:ff:0e:c1:37:f4:ac:be:7f:de:89:
ca:55:10:cd:b1:f2:71:2b:28:b0:4a:64:d0:fd:57:
cb:7e:bf:cb:6a:d7:08:20:69:71:4c:63:c4:80:bd:
22:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:67:7C:F6:09:81:56:EE:FA:80:B6:E6:81:59:80:E7:30:56:E1:71
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/147F3C3EC3B011EF927F3475762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.14.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:ec:11:6c:ec:6a:3c:af:01:81:92:d0:ed:7a:1a:57:48:58:
52:c4:2e:03:81:c5:7d:65:21:83:d8:17:7a:9f:33:1d:e6:dc:
a2:ba:97:6e:e9:1a:c4:06:02:f7:7a:67:23:cf:73:ce:08:1d:
7f:82:e0:12:6d:11:f5:90:a5:0b:73:59:05:fb:b6:09:d7:30:
e3:9f:5e:d6:8d:f3:63:51:95:bc:41:25:5f:64:e8:e3:bb:38:
9e:e0:fc:82:fe:3b:1c:ff:9e:6b:1e:77:c8:a9:49:a0:b5:d9:
a5:af:e5:bb:15:2d:de:b6:3a:a3:85:53:ea:3c:50:f6:ac:0b:
bf:db:d1:16:4b:4d:57:e8:98:de:dc:ca:f8:cf:91:bc:9c:a3:
0d:98:6a:ee:b2:84:90:07:46:9a:a4:3d:d6:48:0a:1a:13:56:
ea:da:34:9e:c6:ce:90:59:fc:b6:43:f6:96:d1:38:dd:21:c5:
56:ff:33:88:60:db:5d:9e:41:c1:fa:83:8a:a8:4b:6e:91:cc:
fd:13:32:d0:b5:b6:d6:d3:ad:f8:a5:05:ed:74:bc:ae:0b:9b:
d1:cc:4f:25:03:60:d8:7d:96:55:ae:02:61:dd:e1:a5:8b:ef:
29:e1:c2:39:62:c1:8a:e2:1d:35:d8:b1:c1:77:ec:33:06:8c:
f8:ff:89:88
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO43MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTczNzI2WhcNMjUxMjEyMTczNzI2WjAYMRYw
FAYDVQQDEw02NzZkOTQ1YS1kMmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwhR2Vc/xuGJIW8XpnvLBMcLE8jekUEHAmkpIVC+C4bwkKODg/8DDsCAm
zQuf05iT6+h8zFwhyASD4b0C6jM7JcWcpjR7AEeU/OqCTvUw9EV/h0SjXjiR2uu4
JwxmaGDQGp+DiSeixhF0V9eQemK0ZGcA6uhid5jUM5rLPJDR/w+WR/jjJTX7Les2
iE+MrwCakpoAz9LzuK7TJdM47gO6EContzw0miYjQintfK6lz0D5ZkvpO6/+EDHZ
yNHXAcXgSBNrQXgqhnxgmoyaIy/Z+yu/6zuCh/8OwTf0rL5/3onKVRDNsfJxKyiw
SmTQ/VfLfr/LatcIIGlxTGPEgL0ieQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLln
fPYJgVbu+oC25oFZgOcwVuFxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNDdGM0MzRUMzQjAxMUVGOTI3RjM0NzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcoOMA0GCSqGSIb3DQEBCwUA
A4IBAQCj7BFs7Go8rwGBktDtehpXSFhSxC4DgcV9ZSGD2Bd6nzMd5tyiupdu6RrE
BgL3emcjz3POCB1/guASbRH1kKULc1kF+7YJ1zDjn17WjfNjUZW8QSVfZOjjuzie
4PyC/jsc/55rHnfIqUmgtdmlr+W7FS3etjqjhVPqPFD2rAu/29EWS01X6Jje3Mr4
z5G8nKMNmGrusoSQB0aapD3WSAoaE1bq2jSexs6QWfy2Q/aW0TjdIcVW/zOIYNtd
nkHB+oOKqEtukcz9EzLQtbbW0634pQXtdLyuC5vRzE8lA2DYfZZVrgJh3eGli+8p
4cI5YsGK4h012LHBd+wzBoz4/4mI
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:39 2025 by rpki-client