Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3718CE54C8F111EFBDEC2563762E951A.roa
File: 3718CE54C8F111EFBDEC2563762E951A.roa (raw, json)
Hash identifier: 6pC47NhCyoTfNBYhmJ/NdnrHQgq7U2+OgyKy76Z0ABU=
Subject key identifier: 98:69:80:F8:DB:72:47:C3:F8:3A:E1:67:7D:0C:C6:4B:B3:95:42:02
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F338
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3718CE54C8F111EFBDEC2563762E951A.roa
Signing time: Thu 02 Jan 2025 10:06:21 +0000
ROA not before: Thu 02 Jan 2025 10:06:17 +0000
ROA not after: Fri 07 Feb 2025 10:06:17 +0000
asID: 6079
IP address blocks: 45.202.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62264 (0xf338)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 10:06:17 2025 GMT
Not After : Feb 7 10:06:17 2025 GMT
Subject: CN=6776651d-87b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:32:b7:d6:65:32:40:43:4f:dc:30:a4:5f:b4:
aa:2a:cd:10:61:bf:56:93:5f:1f:01:30:62:70:2d:
bb:6e:0f:57:fa:9c:8f:67:f4:3a:80:4b:92:be:e0:
21:14:81:24:f0:cc:fc:2b:8a:cd:96:74:75:c4:a9:
8f:1b:89:e3:78:ef:05:48:7a:ca:f0:42:56:d8:cd:
af:d2:aa:64:8c:7e:bc:3d:fb:9d:49:df:dd:cb:20:
02:b6:32:c2:e3:82:4e:19:13:0f:67:9f:46:f9:8b:
3b:68:67:13:98:e6:ed:c9:6d:b2:96:6a:37:dc:4e:
d2:27:ce:71:b5:e4:be:02:2a:8f:d6:36:57:0d:48:
93:9a:c5:36:e3:ca:06:95:f3:74:33:3f:6b:10:3a:
40:4f:b5:4b:3b:18:61:f9:b4:f2:dc:b3:2c:aa:5d:
b8:a5:de:6f:93:4c:44:a6:a2:aa:22:f9:66:64:6e:
00:be:d8:28:ee:6e:47:0a:f8:1f:f3:6e:6c:e5:e1:
1b:a6:7b:8b:7a:fc:ab:ef:bc:35:42:00:93:3d:4c:
db:b3:6e:7f:1a:75:e3:8c:40:c2:03:b1:b2:25:87:
60:78:56:3a:27:60:72:df:9b:39:db:be:8c:cd:b1:
52:1a:d8:4a:5b:f3:55:c1:4a:f5:aa:73:37:d6:c0:
3b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:69:80:F8:DB:72:47:C3:F8:3A:E1:67:7D:0C:C6:4B:B3:95:42:02
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3718CE54C8F111EFBDEC2563762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.114.0/24
Signature Algorithm: sha256WithRSAEncryption
05:9e:22:bf:1c:91:a5:36:bf:80:a8:2e:6f:60:12:d1:5c:8d:
e1:31:c6:c2:43:0b:9f:8c:86:09:a6:88:40:45:0b:9e:66:72:
e2:5c:bd:b5:05:ae:f2:69:c4:70:18:ce:b4:e1:23:97:79:18:
bb:46:81:43:99:bf:ee:32:ec:7c:38:9f:ab:cc:65:94:a6:89:
17:a8:e6:70:da:ca:fe:ef:bd:8a:fc:04:8e:76:fa:b7:27:77:
e0:13:15:29:d3:5c:0e:9b:23:b7:e8:c5:fe:ae:4b:a7:4c:2f:
bb:a7:fe:84:ee:aa:2e:33:23:80:77:90:9a:d6:8d:4b:53:90:
84:c3:24:fe:9c:a5:b9:c2:4d:0e:4a:de:10:7e:47:62:8e:3d:
f1:1f:15:97:5b:5f:34:ae:1a:55:29:82:8f:81:6d:d9:2c:ed:
8a:8b:7c:15:f7:30:8b:4f:66:67:ac:d7:9d:47:28:9c:85:0c:
ef:fb:69:9c:8c:e9:71:ef:e7:65:7a:d7:89:7b:2b:e6:c1:3d:
5b:38:1a:1d:32:7b:b7:5c:09:3e:a4:7c:7e:b8:58:a3:fa:8b:
07:b6:1e:a8:24:e9:c4:ed:f1:be:fa:69:80:28:d1:9f:d7:1e:
17:6d:64:21:ec:25:95:2d:6f:17:e0:ed:0c:0c:5c:b5:9c:bc:
85:c2:ac:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPM4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMTAwNjE3WhcNMjUwMjA3MTAwNjE3WjAYMRYw
FAYDVQQDEw02Nzc2NjUxZC04N2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAozK31mUyQENP3DCkX7SqKs0QYb9Wk18fATBicC27bg9X+pyPZ/Q6gEuS
vuAhFIEk8Mz8K4rNlnR1xKmPG4njeO8FSHrK8EJW2M2v0qpkjH68PfudSd/dyyAC
tjLC44JOGRMPZ59G+Ys7aGcTmObtyW2ylmo33E7SJ85xteS+AiqP1jZXDUiTmsU2
48oGlfN0Mz9rEDpAT7VLOxhh+bTy3LMsql24pd5vk0xEpqKqIvlmZG4Avtgo7m5H
Cvgf825s5eEbpnuLevyr77w1QgCTPUzbs25/GnXjjEDCA7GyJYdgeFY6J2By35s5
276MzbFSGthKW/NVwUr1qnM31sA7KwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJhp
gPjbckfD+DrhZ30MxkuzlUICMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNzE4Q0U1NEM4RjExMUVGQkRFQzI1NjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcpyMA0GCSqGSIb3DQEBCwUA
A4IBAQAFniK/HJGlNr+AqC5vYBLRXI3hMcbCQwufjIYJpohARQueZnLiXL21Ba7y
acRwGM604SOXeRi7RoFDmb/uMux8OJ+rzGWUpokXqOZw2sr+772K/ASOdvq3J3fg
ExUp01wOmyO36MX+rkunTC+7p/6E7qouMyOAd5Ca1o1LU5CEwyT+nKW5wk0OSt4Q
fkdijj3xHxWXW180rhpVKYKPgW3ZLO2Ki3wV9zCLT2ZnrNedRyichQzv+2mcjOlx
7+dleteJeyvmwT1bOBodMnu3XAk+pHx+uFij+osHth6oJOnE7fG++mmAKNGf1x4X
bWQh7CWVLW8X4O0MDFy1nLyFwqyP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:15 2025 by rpki-client