Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32B688D2C38911EFA59B1081762E951A.roa
File: 32B688D2C38911EFA59B1081762E951A.roa (raw, json)
Hash identifier: LkQ2jJ6k2XqmINOsD2odkLb1LWicdVr+adm05bxb0Y0=
Subject key identifier: F4:2B:AC:C5:6D:1D:0F:A4:6F:C1:E2:EB:9E:F6:7A:2F:61:33:67:48
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC95
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32B688D2C38911EFA59B1081762E951A.roa
Signing time: Thu 26 Dec 2024 12:59:10 +0000
ROA not before: Thu 26 Dec 2024 12:59:06 +0000
ROA not after: Fri 12 Dec 2025 12:59:06 +0000
asID: 984
IP address blocks: 45.196.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60565 (0xec95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 12:59:06 2024 GMT
Not After : Dec 12 12:59:06 2025 GMT
Subject: CN=676d531e-fd9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:02:21:2b:13:6f:f1:d2:e2:d2:8c:64:2c:a9:
45:18:f3:d2:af:1a:b0:b5:b3:35:91:e5:55:55:ad:
d0:8d:f1:5c:24:64:5c:4a:a4:c0:c8:5d:53:b5:8e:
ef:f7:ff:f5:0e:ef:63:ff:f5:eb:1f:5e:89:24:e5:
3a:81:3b:03:89:1f:22:fb:49:d5:74:f1:65:0e:5f:
da:c6:4c:04:04:00:28:8c:f4:56:9e:73:c3:58:04:
c5:fc:32:8e:3b:c6:4a:c6:18:c0:5b:7e:f8:73:f5:
ec:49:7d:a1:73:9b:72:ca:7c:2d:39:c5:91:2c:2b:
1d:f5:71:d2:7b:36:35:a8:02:1d:30:20:10:c4:19:
aa:98:44:ee:3b:7d:41:7e:af:23:8b:46:9f:13:ae:
b4:be:71:be:8c:c1:5b:54:6a:e3:54:cc:83:1b:03:
0f:ea:17:29:e0:00:73:b3:81:4f:98:2b:56:ca:54:
72:31:72:5a:d7:23:69:1e:4f:9b:55:f0:1f:e3:41:
66:7a:a6:68:86:df:ad:24:51:75:c5:dc:91:be:a0:
52:46:4c:5a:eb:ab:a0:3b:c0:9d:5d:da:c7:06:f7:
6c:3e:1c:0d:d9:8d:b0:13:a0:b3:42:0b:86:fa:d5:
96:47:53:e9:b6:93:cc:38:b2:3a:1f:fd:95:1e:f9:
49:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:2B:AC:C5:6D:1D:0F:A4:6F:C1:E2:EB:9E:F6:7A:2F:61:33:67:48
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32B688D2C38911EFA59B1081762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.156.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:6e:d8:e8:c6:8d:8d:f7:ab:67:61:82:42:12:9e:b3:6b:e0:
76:e9:97:7d:7e:04:97:07:21:26:38:48:26:c8:48:33:91:36:
d0:f0:5d:43:c3:a3:22:b0:28:f9:cf:ca:25:3f:ee:b0:22:4f:
0d:87:ec:da:3a:5e:f3:b2:da:0d:10:45:03:9b:79:55:c6:84:
15:1d:90:03:1f:60:cf:b3:68:d5:78:28:b9:e3:89:52:de:83:
72:ff:d9:94:cc:37:95:93:04:69:99:5e:e4:3d:c0:76:b8:82:
71:24:36:8d:4a:93:8f:cf:e4:e1:79:69:24:f4:ff:c0:b1:dc:
7a:d8:c3:2f:cb:7f:5f:87:0c:72:2e:d1:68:dd:a9:31:8e:4c:
6c:e2:72:54:81:95:47:94:58:b0:af:9e:3a:51:18:12:72:ae:
60:fa:0c:f2:59:b9:0c:eb:ae:0f:c0:96:66:51:84:c9:d6:88:
70:7d:4e:6b:51:70:e0:99:99:70:28:cd:5a:a1:69:ce:fb:df:
28:96:0f:9a:ee:01:70:f3:ee:f4:72:b3:c6:e0:a3:93:2e:f7:
41:68:21:3e:9f:85:27:d4:b1:39:d9:28:e2:19:8f:36:95:94:
13:97:ec:0f:19:11:d6:f4:10:e5:73:1b:03:3d:74:e8:8c:88:
04:6a:dd:a4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOyVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTI1OTA2WhcNMjUxMjEyMTI1OTA2WjAYMRYw
FAYDVQQDEw02NzZkNTMxZS1mZDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3gIhKxNv8dLi0oxkLKlFGPPSrxqwtbM1keVVVa3QjfFcJGRcSqTAyF1T
tY7v9//1Du9j//XrH16JJOU6gTsDiR8i+0nVdPFlDl/axkwEBAAojPRWnnPDWATF
/DKOO8ZKxhjAW374c/XsSX2hc5tyynwtOcWRLCsd9XHSezY1qAIdMCAQxBmqmETu
O31Bfq8ji0afE660vnG+jMFbVGrjVMyDGwMP6hcp4ABzs4FPmCtWylRyMXJa1yNp
Hk+bVfAf40FmeqZoht+tJFF1xdyRvqBSRkxa66ugO8CdXdrHBvdsPhwN2Y2wE6Cz
QguG+tWWR1PptpPMOLI6H/2VHvlJAQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPQr
rMVtHQ+kb8Hi6572ei9hM2dIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMkI2ODhEMkMzODkxMUVGQTU5QjEwODE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcScMA0GCSqGSIb3DQEBCwUA
A4IBAQArbtjoxo2N96tnYYJCEp6za+B26Zd9fgSXByEmOEgmyEgzkTbQ8F1Dw6Mi
sCj5z8olP+6wIk8Nh+zaOl7zstoNEEUDm3lVxoQVHZADH2DPs2jVeCi544lS3oNy
/9mUzDeVkwRpmV7kPcB2uIJxJDaNSpOPz+TheWkk9P/Asdx62MMvy39fhwxyLtFo
3akxjkxs4nJUgZVHlFiwr546URgScq5g+gzyWbkM664PwJZmUYTJ1ohwfU5rUXDg
mZlwKM1aoWnO+98olg+a7gFw8+70crPG4KOTLvdBaCE+n4Un1LE52SjiGY82lZQT
l+wPGRHW9BDlcxsDPXTojIgEat2k
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:26 2025 by rpki-client