Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/19688830C3A211EF91ED8A9C762E951A.roa
File: 19688830C3A211EF91ED8A9C762E951A.roa (raw, json)
Hash identifier: LQBik20kEpHd4VyjYEkl5/qWaN5PyKLKCuP+GRBWX3g=
Subject key identifier: 95:16:BA:9A:EF:A5:78:5F:72:B3:A5:94:DD:9F:E6:6F:75:50:3A:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDA3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/19688830C3A211EF91ED8A9C762E951A.roa
Signing time: Thu 26 Dec 2024 15:57:25 +0000
ROA not before: Thu 26 Dec 2024 15:57:21 +0000
ROA not after: Sun 12 Dec 2027 15:57:21 +0000
asID: 17561
IP address blocks: 45.200.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60835 (0xeda3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 15:57:21 2024 GMT
Not After : Dec 12 15:57:21 2027 GMT
Subject: CN=676d7ce5-e77d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f3:9c:2c:9b:37:63:1f:aa:30:50:11:69:e6:
40:e8:32:79:25:64:11:78:6f:70:fc:e3:bb:8b:c7:
75:02:1a:63:eb:7f:3a:0c:aa:0d:fc:2b:38:6c:37:
39:0a:4c:4b:3e:57:81:66:79:8b:a0:1a:db:fc:95:
ce:c5:8c:86:0f:b6:85:22:ab:8c:0f:b6:37:7f:b4:
32:0b:87:78:42:1e:50:18:3f:0d:36:54:54:c2:6a:
53:8d:51:26:d1:20:ce:57:09:38:c7:ea:7b:6c:74:
62:09:b7:06:0b:67:95:df:3c:78:ac:d7:7c:0a:9b:
71:dd:8d:6f:9d:4d:f7:fd:3d:ad:9e:3b:68:f2:bb:
33:10:7a:70:14:9f:6e:4d:f3:f0:51:11:b5:db:05:
d6:ea:6f:5f:57:5b:50:a7:9a:ed:e2:13:e1:3e:25:
da:95:7e:1c:82:4a:f0:3b:bd:86:b7:9d:1c:b9:bc:
1e:13:54:f8:0a:4c:f1:7f:9a:a0:9a:21:48:5d:64:
05:5d:a3:82:5b:f8:34:5b:40:db:82:35:36:67:ca:
bd:6f:da:a9:6e:cf:39:53:fb:e9:db:03:28:4f:e8:
ca:9e:07:59:67:8a:ae:53:73:c5:6c:1b:20:46:fe:
c2:27:dc:a7:78:ff:46:5c:52:ed:32:c8:c7:0d:a8:
1b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:16:BA:9A:EF:A5:78:5F:72:B3:A5:94:DD:9F:E6:6F:75:50:3A:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/19688830C3A211EF91ED8A9C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.145.0/24
Signature Algorithm: sha256WithRSAEncryption
41:52:ed:12:7a:34:60:ac:df:ea:21:6e:a8:14:c1:a2:e0:cb:
33:c9:b6:6e:dc:fb:c9:dc:46:fe:41:d6:8c:b9:0c:9f:a7:24:
bf:b4:76:97:07:b7:75:80:50:4c:8e:fd:36:1b:2f:3d:d0:11:
4e:d0:b7:1f:22:99:3a:91:16:68:5c:65:86:e9:3c:2d:d1:2a:
73:d2:76:6b:8d:ac:89:56:41:2d:a5:31:f1:2b:2a:84:d2:7f:
c7:87:aa:36:e2:af:5d:90:91:50:56:38:62:f7:f2:78:3d:75:
4e:3e:d1:ba:e8:41:bd:a5:7b:0f:ff:27:3b:3f:9c:29:37:7e:
d5:dc:eb:d2:79:7f:a5:10:a4:a7:43:27:a8:cf:6a:89:74:85:
c6:23:21:3c:c7:b7:49:2e:27:21:85:90:9d:cf:4b:7f:a4:af:
81:24:32:df:40:6c:e7:0b:f7:d1:94:55:dc:95:14:6d:8f:d2:
3a:8f:2a:fb:01:68:b4:0e:8d:52:27:96:2e:7c:95:f1:06:6c:
d9:de:fe:63:17:20:0b:df:45:cc:17:7f:72:47:5f:6c:51:30:
c0:83:bc:1e:69:02:d5:65:8d:20:31:1d:60:a0:32:75:ea:aa:
e9:40:1e:1d:d9:24:4c:a6:55:b6:e1:d6:72:97:cb:b6:48:d1:
58:42:af:f5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO2jMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTU1NzIxWhcNMjcxMjEyMTU1NzIxWjAYMRYw
FAYDVQQDEw02NzZkN2NlNS1lNzdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt/OcLJs3Yx+qMFARaeZA6DJ5JWQReG9w/OO7i8d1Ahpj6386DKoN/Cs4
bDc5CkxLPleBZnmLoBrb/JXOxYyGD7aFIquMD7Y3f7QyC4d4Qh5QGD8NNlRUwmpT
jVEm0SDOVwk4x+p7bHRiCbcGC2eV3zx4rNd8Cptx3Y1vnU33/T2tnjto8rszEHpw
FJ9uTfPwURG12wXW6m9fV1tQp5rt4hPhPiXalX4cgkrwO72Gt50cubweE1T4Ckzx
f5qgmiFIXWQFXaOCW/g0W0DbgjU2Z8q9b9qpbs85U/vp2wMoT+jKngdZZ4quU3PF
bBsgRv7CJ9yneP9GXFLtMsjHDagbiwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJUW
uprvpXhfcrOllN2f5m91UDrZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xOTY4ODgzMEMzQTIxMUVGOTFFRDhBOUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALciRMA0GCSqGSIb3DQEBCwUA
A4IBAQBBUu0SejRgrN/qIW6oFMGi4MszybZu3PvJ3Eb+QdaMuQyfpyS/tHaXB7d1
gFBMjv02Gy890BFO0LcfIpk6kRZoXGWG6Twt0Spz0nZrjayJVkEtpTHxKyqE0n/H
h6o24q9dkJFQVjhi9/J4PXVOPtG66EG9pXsP/yc7P5wpN37V3OvSeX+lEKSnQyeo
z2qJdIXGIyE8x7dJLichhZCdz0t/pK+BJDLfQGznC/fRlFXclRRtj9I6jyr7AWi0
Do1SJ5YufJXxBmzZ3v5jFyAL30XMF39yR19sUTDAg7weaQLVZY0gMR1goDJ16qrp
QB4d2SRMplW24dZyl8u2SNFYQq/1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:58 2025 by rpki-client