Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/342D4508CDCE11EF9493DD53762E951A.roa
File: 342D4508CDCE11EF9493DD53762E951A.roa (raw, json)
Hash identifier: VIabEYCMJPOF1Rm3VZKxnu+XMQ5oTPOTq73rwGOnNYA=
Subject key identifier: 6E:84:D2:83:3E:90:5E:68:9C:22:C5:54:AA:56:EE:33:C9:B1:2C:3D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101F4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/342D4508CDCE11EF9493DD53762E951A.roa
Signing time: Wed 08 Jan 2025 14:38:19 +0000
ROA not before: Wed 08 Jan 2025 14:38:15 +0000
ROA not after: Mon 03 Jan 2028 14:38:15 +0000
asID: 17561
IP address blocks: 45.196.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66036 (0x101f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:38:15 2025 GMT
Not After : Jan 3 14:38:15 2028 GMT
Subject: CN=677e8ddb-31ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:89:cb:9e:32:4f:4c:d7:10:3f:a3:7e:4b:c3:
ba:33:8c:82:d1:03:50:a3:20:7f:7c:c3:61:49:ea:
75:13:c1:27:5b:5f:e4:28:7e:35:e1:23:74:d6:d6:
d1:0f:b5:dd:32:81:6a:de:8a:6c:5a:cb:0e:eb:07:
5b:6d:cd:d2:ca:9b:a1:68:9b:d2:99:e7:34:02:3a:
de:bf:fc:40:ca:f8:07:05:a0:57:bd:19:25:e0:05:
f9:41:6f:79:4a:72:bc:d8:29:7c:69:34:ba:14:1d:
9b:bc:21:66:f0:0a:ad:76:ca:81:ce:6d:6c:57:25:
47:31:7b:51:a9:7d:72:31:85:f9:b1:2c:74:a7:a9:
57:ba:03:85:c7:4c:89:26:d0:15:88:26:fe:58:c9:
10:4e:73:62:9c:77:2b:12:06:09:1a:41:c0:7b:b0:
8c:35:af:b1:f8:9a:20:8d:74:02:44:84:aa:78:a8:
f1:9f:25:0b:fc:14:1d:8a:11:df:87:2c:d3:48:cf:
70:70:fa:54:47:00:cc:84:73:3a:20:b0:6d:cc:2f:
28:02:66:71:54:ba:49:6a:32:a8:69:33:39:83:cc:
85:e1:d1:63:46:21:7e:0f:f1:25:c3:b4:b0:87:e8:
b5:ed:64:1d:ad:ce:5a:9f:b1:28:72:a2:cf:5b:de:
b0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:84:D2:83:3E:90:5E:68:9C:22:C5:54:AA:56:EE:33:C9:B1:2C:3D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/342D4508CDCE11EF9493DD53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.194.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:39:b0:e6:59:7a:fc:38:aa:1d:0f:83:40:a7:c0:70:aa:f3:
d8:20:c1:63:01:43:91:f5:42:c3:20:79:97:97:3f:c4:c4:62:
04:f5:85:f7:f3:59:95:91:07:3f:8a:2f:ba:5b:1d:b2:4c:2e:
84:5c:cd:91:90:be:2e:20:29:ec:88:27:68:ee:ee:5c:17:4d:
0e:89:0a:3a:47:20:9f:8c:2a:60:b1:b7:58:d9:1a:3e:64:f6:
b0:d6:8f:7e:6e:25:75:9e:fb:86:a4:d6:77:8b:c9:7a:7e:af:
cd:d2:09:b2:e1:f3:97:e9:04:ec:c7:a3:18:3b:36:7f:5d:96:
a8:fe:43:e7:af:60:2e:89:8c:90:79:ec:8a:a1:2d:fd:8d:f0:
32:3c:c8:5e:ba:c3:8a:13:6c:85:56:45:3e:36:de:a8:31:29:
87:76:42:3d:df:b7:26:24:7f:5f:c0:6d:3c:eb:17:17:71:ae:
b8:03:0e:8a:d8:52:e5:66:0c:51:aa:89:20:60:9d:8f:18:99:
e3:65:55:82:ae:74:1f:51:19:9f:58:00:b4:b4:1a:2e:f5:75:
4b:d7:87:8b:df:ad:ee:65:83:78:88:f5:98:e5:12:e2:96:17:
4a:b0:a5:3b:26:2f:80:23:16:46:84:83:76:d2:31:54:14:90:
66:45:f9:09
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQH0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQzODE1WhcNMjgwMTAzMTQzODE1WjAYMRYw
FAYDVQQDEw02NzdlOGRkYi0zMWZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs4nLnjJPTNcQP6N+S8O6M4yC0QNQoyB/fMNhSep1E8EnW1/kKH414SN0
1tbRD7XdMoFq3opsWssO6wdbbc3SypuhaJvSmec0Ajrev/xAyvgHBaBXvRkl4AX5
QW95SnK82Cl8aTS6FB2bvCFm8AqtdsqBzm1sVyVHMXtRqX1yMYX5sSx0p6lXugOF
x0yJJtAViCb+WMkQTnNinHcrEgYJGkHAe7CMNa+x+JogjXQCRISqeKjxnyUL/BQd
ihHfhyzTSM9wcPpURwDMhHM6ILBtzC8oAmZxVLpJajKoaTM5g8yF4dFjRiF+D/El
w7Swh+i17WQdrc5an7EocqLPW96wGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG6E
0oM+kF5onCLFVKpW7jPJsSw9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNDJENDUwOENEQ0UxMUVGOTQ5M0RENTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTCMA0GCSqGSIb3DQEBCwUA
A4IBAQCfObDmWXr8OKodD4NAp8BwqvPYIMFjAUOR9ULDIHmXlz/ExGIE9YX381mV
kQc/ii+6Wx2yTC6EXM2RkL4uICnsiCdo7u5cF00OiQo6RyCfjCpgsbdY2Ro+ZPaw
1o9+biV1nvuGpNZ3i8l6fq/N0gmy4fOX6QTsx6MYOzZ/XZao/kPnr2AuiYyQeeyK
oS39jfAyPMheusOKE2yFVkU+Nt6oMSmHdkI937cmJH9fwG086xcXca64Aw6K2FLl
ZgxRqokgYJ2PGJnjZVWCrnQfURmfWAC0tBou9XVL14eL363uZYN4iPWY5RLilhdK
sKU7Ji+AIxZGhIN20jFUFJBmRfkJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:32 2025 by rpki-client