Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/19781E72C39211EFB09EFDB7762E951A.roa
File: 19781E72C39211EFB09EFDB7762E951A.roa (raw, json)
Hash identifier: 2Q68yUcxmIopXdDcO8g2NKa1k8swqBwR/kkJ0ymszXc=
Subject key identifier: FA:0C:5B:A7:6A:61:90:D1:AA:76:F3:F9:74:0C:35:11:00:FF:D1:13
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECF5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/19781E72C39211EFB09EFDB7762E951A.roa
Signing time: Thu 26 Dec 2024 14:02:53 +0000
ROA not before: Thu 26 Dec 2024 14:02:50 +0000
ROA not after: Sun 12 Dec 2027 14:02:50 +0000
asID: 17561
IP address blocks: 45.196.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60661 (0xecf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 14:02:50 2024 GMT
Not After : Dec 12 14:02:50 2027 GMT
Subject: CN=676d620d-770e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:86:ec:3e:6c:45:c0:22:0d:e2:cc:cf:8e:17:
25:66:77:c3:c7:9d:5d:95:da:37:69:89:b0:17:bc:
a4:86:d1:3b:4f:aa:72:34:5f:17:51:c3:58:44:6d:
2b:70:5d:79:54:3c:25:43:eb:af:24:14:0c:5c:18:
53:61:d9:73:cd:1a:12:e0:10:30:82:f7:c6:19:38:
6b:aa:dd:8a:76:a3:86:79:03:ef:39:58:8d:76:70:
82:5d:12:c6:f7:6d:9e:ca:28:01:89:cd:70:4b:48:
ad:a8:a6:16:94:bf:31:38:20:47:ff:82:3d:11:5b:
64:98:0d:26:86:ea:03:d8:e7:58:22:df:3e:0e:1b:
20:33:0e:6a:32:9f:36:45:a4:d2:32:71:fb:92:4a:
a3:f3:a4:46:60:bc:63:14:0c:f7:70:a9:6a:69:04:
c7:5a:dd:ed:55:a7:d9:b9:45:bb:24:a7:c7:fa:f5:
cf:0a:1d:94:60:2e:4f:76:10:11:d2:86:e9:9d:05:
ab:18:b9:aa:d4:22:23:b3:60:49:c8:60:41:99:2a:
9a:32:39:33:fa:3d:b0:95:e3:75:a4:cd:df:5c:4d:
65:02:27:a4:fb:05:c9:67:0a:19:22:fe:d8:d5:8d:
db:16:30:b9:2a:f3:87:73:93:51:d0:f9:07:0c:b9:
24:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0C:5B:A7:6A:61:90:D1:AA:76:F3:F9:74:0C:35:11:00:FF:D1:13
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/19781E72C39211EFB09EFDB7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.236.0/24
Signature Algorithm: sha256WithRSAEncryption
20:ab:ff:b6:6e:64:9c:ab:0c:33:79:b0:2e:57:de:af:87:db:
4b:2a:5c:92:84:1d:34:5d:fb:95:95:74:d7:11:02:fb:d0:e6:
df:6d:c2:2e:8c:a1:47:de:29:69:86:ab:b5:46:26:b5:90:f4:
26:32:a6:ca:e9:81:f2:cc:82:7f:65:ca:a5:7e:09:fe:82:04:
fe:b7:b9:88:57:4e:75:24:4e:06:72:17:e5:5c:30:86:cf:14:
47:60:56:95:0d:f6:7c:8f:64:42:74:d1:04:0b:88:1a:8c:74:
5d:a3:7f:81:94:fe:36:96:ea:8a:6a:b2:ec:19:46:0f:da:6d:
d0:b8:cf:97:46:63:b3:01:70:de:1e:97:e2:63:fb:a4:da:97:
0b:87:19:18:c0:31:a5:84:1e:89:79:48:9c:16:15:6a:6e:c5:
6e:2c:67:a8:1e:13:c6:cd:fa:31:50:d3:7e:a5:16:d6:fa:e3:
c9:b3:b4:b5:ca:d9:e2:c5:30:4d:1b:bd:c7:23:9f:38:1c:f8:
fd:14:9a:f6:02:63:00:42:ef:dc:2d:c8:be:bb:a2:21:d6:67:
cb:82:21:6a:ec:16:aa:9c:e7:9e:0b:d0:3a:cf:c5:e1:2d:da:
61:4e:04:ea:57:70:8c:06:ff:21:f9:02:b4:97:b0:08:39:c5:
c8:1f:62:65
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOz1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTQwMjUwWhcNMjcxMjEyMTQwMjUwWjAYMRYw
FAYDVQQDEw02NzZkNjIwZC03NzBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0obsPmxFwCIN4szPjhclZnfDx51dldo3aYmwF7ykhtE7T6pyNF8XUcNY
RG0rcF15VDwlQ+uvJBQMXBhTYdlzzRoS4BAwgvfGGThrqt2KdqOGeQPvOViNdnCC
XRLG922eyigBic1wS0itqKYWlL8xOCBH/4I9EVtkmA0mhuoD2OdYIt8+DhsgMw5q
Mp82RaTSMnH7kkqj86RGYLxjFAz3cKlqaQTHWt3tVafZuUW7JKfH+vXPCh2UYC5P
dhAR0obpnQWrGLmq1CIjs2BJyGBBmSqaMjkz+j2wleN1pM3fXE1lAiek+wXJZwoZ
Iv7Y1Y3bFjC5KvOHc5NR0PkHDLkk9QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPoM
W6dqYZDRqnbz+XQMNREA/9ETMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xOTc4MUU3MkMzOTIxMUVGQjA5RUZEQjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTsMA0GCSqGSIb3DQEBCwUA
A4IBAQAgq/+2bmScqwwzebAuV96vh9tLKlyShB00XfuVlXTXEQL70ObfbcIujKFH
3ilphqu1Ria1kPQmMqbK6YHyzIJ/Zcqlfgn+ggT+t7mIV051JE4GchflXDCGzxRH
YFaVDfZ8j2RCdNEEC4gajHRdo3+BlP42luqKarLsGUYP2m3QuM+XRmOzAXDeHpfi
Y/uk2pcLhxkYwDGlhB6JeUicFhVqbsVuLGeoHhPGzfoxUNN+pRbW+uPJs7S1ytni
xTBNG73HI584HPj9FJr2AmMAQu/cLci+u6Ih1mfLgiFq7BaqnOeeC9A6z8XhLdph
TgTqV3CMBv8h+QK0l7AIOcXIH2Jl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:09 2025 by rpki-client