Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3325E3E4B5FB11EFBBE6E08F762E951A.roa
File: 3325E3E4B5FB11EFBBE6E08F762E951A.roa (raw, json)
Hash identifier: emE9SijaDVwn0H4voIz2NjwpZ9FBVvnYakI2WHY2A3M=
Subject key identifier: D5:73:C7:85:D1:F3:9B:FD:1B:95:65:34:8C:8A:B0:99:3D:1F:66:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E14C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3325E3E4B5FB11EFBBE6E08F762E951A.roa
Signing time: Mon 09 Dec 2024 06:59:57 +0000
ROA not before: Mon 09 Dec 2024 06:59:54 +0000
ROA not after: Thu 06 Feb 2025 06:59:54 +0000
asID: 149014
IP address blocks: 45.192.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 06:59:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57676 (0xe14c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 9 06:59:54 2024 GMT
Not After : Feb 6 06:59:54 2025 GMT
Subject: CN=6756956d-9767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2b:a7:20:d2:37:87:a7:61:20:41:fe:b7:57:
47:5c:78:3f:2c:48:4a:dd:3d:54:89:31:ed:0b:83:
14:a2:23:f3:68:f4:41:41:bc:9d:96:f2:8a:1e:85:
4f:74:e0:29:a3:64:14:66:c1:2c:cd:ce:93:a1:6b:
6c:af:a7:06:5a:a4:6c:ec:e1:10:ae:97:52:ac:d5:
c6:6c:bc:02:01:0e:8a:b2:7a:63:93:d7:43:e8:46:
7b:e1:ab:38:92:81:49:1f:89:51:97:5b:16:3f:8b:
6e:9c:5e:d9:38:21:4f:b7:e0:6f:d1:87:32:13:51:
e1:8b:ef:f5:af:ef:da:7d:de:64:79:2a:15:f7:ac:
28:86:95:fd:58:f4:05:5c:f0:9b:69:49:81:30:27:
84:df:cc:eb:b6:2c:47:5d:a8:92:30:af:45:0e:a8:
95:fa:3b:07:47:a8:2b:68:d7:58:19:5a:d4:8a:23:
f5:cd:2e:46:21:2a:74:4e:a8:52:56:bc:55:f0:8e:
1b:a0:47:ce:54:a9:e9:ae:46:6d:a3:b4:31:d5:79:
c2:83:43:b8:52:b4:27:e9:cd:ab:ac:a8:e6:43:b7:
13:fc:f9:9b:25:21:9e:41:a7:59:8f:6b:93:a5:82:
f5:19:6c:ba:64:ca:52:df:a0:dd:bc:57:d5:f6:5e:
29:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:73:C7:85:D1:F3:9B:FD:1B:95:65:34:8C:8A:B0:99:3D:1F:66:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3325E3E4B5FB11EFBBE6E08F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.188.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:2a:1a:48:d1:70:23:71:6c:04:42:3f:eb:b8:e5:8e:38:17:
ad:21:10:e4:3f:43:59:8e:66:86:82:da:93:36:25:70:9b:ca:
d1:ce:c6:9f:93:e1:91:fc:1c:e1:3b:bc:3d:d8:67:e6:95:4a:
90:a3:c0:81:dc:7d:48:3d:4b:b3:23:42:fd:21:54:da:cf:26:
03:b3:bf:79:d3:07:38:7a:d2:2c:02:93:7f:12:b6:72:f5:21:
7b:2a:81:5b:37:75:c4:97:48:94:5a:13:6a:5d:4c:c6:8d:12:
7c:fb:c3:4a:6d:9c:21:ae:57:13:bd:d6:43:bf:1d:f3:ab:84:
79:da:74:0e:ef:81:dc:60:8f:d2:18:96:22:87:8e:4b:22:c4:
22:7a:32:44:68:5c:52:a5:8a:40:9a:fb:60:79:c1:05:cc:2a:
dc:58:ab:51:40:2d:51:4a:29:2e:48:ca:5e:44:84:07:20:1e:
9e:74:bd:31:fd:1e:9b:f5:a0:f6:74:c3:3c:c3:63:4f:eb:6a:
d2:1c:05:5c:f0:5e:42:46:da:4b:46:f6:f2:25:3d:15:d1:49:
1c:8a:8a:19:02:f4:a1:6a:f8:bd:47:b1:bd:b9:6c:02:8d:e5:
ae:72:1d:e4:aa:01:71:f4:7f:ae:0a:de:cc:6c:f2:d1:38:45:
f7:91:da:f9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOFMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDY1OTU0WhcNMjUwMjA2MDY1OTU0WjAYMRYw
FAYDVQQDEw02NzU2OTU2ZC05NzY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApCunINI3h6dhIEH+t1dHXHg/LEhK3T1UiTHtC4MUoiPzaPRBQbydlvKK
HoVPdOApo2QUZsEszc6ToWtsr6cGWqRs7OEQrpdSrNXGbLwCAQ6Ksnpjk9dD6EZ7
4as4koFJH4lRl1sWP4tunF7ZOCFPt+Bv0YcyE1Hhi+/1r+/afd5keSoV96wohpX9
WPQFXPCbaUmBMCeE38zrtixHXaiSMK9FDqiV+jsHR6graNdYGVrUiiP1zS5GISp0
TqhSVrxV8I4boEfOVKnprkZto7Qx1XnCg0O4UrQn6c2rrKjmQ7cT/PmbJSGeQadZ
j2uTpYL1GWy6ZMpS36DdvFfV9l4ptQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNVz
x4XR85v9G5VlNIyKsJk9H2a8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMzI1RTNFNEI1RkIxMUVGQkJFNkUwOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcC8MA0GCSqGSIb3DQEBCwUA
A4IBAQA7KhpI0XAjcWwEQj/ruOWOOBetIRDkP0NZjmaGgtqTNiVwm8rRzsafk+GR
/BzhO7w92GfmlUqQo8CB3H1IPUuzI0L9IVTazyYDs7950wc4etIsApN/ErZy9SF7
KoFbN3XEl0iUWhNqXUzGjRJ8+8NKbZwhrlcTvdZDvx3zq4R52nQO74HcYI/SGJYi
h45LIsQiejJEaFxSpYpAmvtgecEFzCrcWKtRQC1RSikuSMpeRIQHIB6edL0x/R6b
9aD2dMM8w2NP62rSHAVc8F5CRtpLRvbyJT0V0UkciooZAvShavi9R7G9uWwCjeWu
ch3kqgFx9H+uCt7MbPLROEX3kdr5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:23 2025 by rpki-client