Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B2E06A0C3F911EF90696250762E951A.roa
File: 3B2E06A0C3F911EF90696250762E951A.roa (raw, json)
Hash identifier: ZPAzL3JzlN9rQKUXHnrjUmXIHJ5cp7LG9H9/QEZoGNA=
Subject key identifier: DF:70:DD:F1:D3:07:74:79:A4:F2:69:03:8A:3E:27:5C:A5:D8:93:60
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF8E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B2E06A0C3F911EF90696250762E951A.roa
Signing time: Fri 27 Dec 2024 02:21:08 +0000
ROA not before: Fri 27 Dec 2024 02:21:04 +0000
ROA not after: Sun 12 Dec 2027 02:21:04 +0000
asID: 17561
IP address blocks: 45.194.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61326 (0xef8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 02:21:04 2024 GMT
Not After : Dec 12 02:21:04 2027 GMT
Subject: CN=676e0f14-45ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d1:3c:7d:a1:8c:ff:82:23:14:e2:dd:57:b4:
35:b9:ea:47:54:ec:1d:7a:19:f6:70:95:d8:f3:67:
9d:b8:f0:1e:0a:42:ff:1a:38:0e:a9:24:a0:9c:2d:
b5:ca:54:ed:a4:05:72:f9:7e:70:7a:11:b6:52:de:
d2:cb:98:a9:0f:66:a9:66:db:e3:57:56:7a:84:2a:
12:92:e1:47:88:b3:94:79:aa:bd:e3:d2:0f:91:38:
78:12:ce:a1:64:fe:f2:2e:24:f6:12:57:e0:29:7e:
16:15:6f:f0:5f:c7:cc:0b:fa:9f:80:cf:53:ea:f4:
f2:ba:0e:b6:f8:f1:f4:55:71:3e:d8:26:f3:3d:0e:
ce:e4:e5:db:da:3c:84:67:81:ef:e3:77:4c:50:e7:
12:46:7e:94:fc:28:af:ee:59:b3:b4:58:a8:62:7c:
5c:68:c7:d8:58:ac:74:2b:d8:9e:86:38:f1:41:f3:
2f:eb:ff:41:f1:4f:d7:59:b9:ee:53:0b:06:d0:ba:
f1:6f:b9:c3:c3:f7:6a:21:f5:66:32:a6:33:fa:6b:
a8:0c:28:24:88:5a:d6:26:45:21:cd:2d:e4:d8:33:
bb:44:86:05:c7:23:1c:fa:09:36:d2:07:d2:3c:94:
3f:cf:60:c6:67:51:31:ec:8b:a1:a9:ff:f4:4b:a2:
2f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:70:DD:F1:D3:07:74:79:A4:F2:69:03:8A:3E:27:5C:A5:D8:93:60
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B2E06A0C3F911EF90696250762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.89.0/24
Signature Algorithm: sha256WithRSAEncryption
53:bb:2d:de:a7:9a:cc:7a:10:e5:4a:17:97:34:36:31:eb:bd:
ae:68:14:4e:55:b5:4a:99:d4:13:6d:82:3f:32:38:b1:61:01:
7c:43:3e:35:01:cf:93:ec:88:50:1a:42:03:18:fb:41:7c:22:
f2:d8:c9:ad:38:ac:8a:d3:22:4b:85:e4:b8:70:d0:4e:06:dd:
84:d8:98:5a:5f:a6:a4:d8:77:eb:12:01:5b:1c:f6:ff:ec:2d:
ca:5a:9c:d0:ec:c9:f2:a1:56:97:0b:8e:5c:7c:66:84:bf:7c:
81:ac:44:80:12:f7:b9:5e:11:80:7f:93:2c:28:2e:eb:04:63:
b4:ac:cc:0b:a9:46:a5:12:dc:f5:b6:ae:a8:40:4d:6d:7a:8d:
4f:f5:9a:47:72:a6:8f:fc:e3:3f:9f:1c:db:d4:fe:7f:17:08:
61:0c:45:d1:17:be:89:6b:7e:28:cd:a2:39:fc:de:c6:69:5b:
4c:e3:2c:5e:f8:39:bd:85:80:5b:af:6f:a0:4c:55:4e:17:9b:
79:c3:8c:74:29:ee:31:7d:92:1f:4f:db:87:7f:40:48:50:8d:
66:5d:4e:dc:42:93:24:f3:8d:67:bb:2b:bb:c6:e8:1b:a0:13:
0a:c9:f9:8f:f0:03:ef:b6:61:2a:31:52:eb:66:fb:cc:21:b5:
e1:8c:4b:f0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO+OMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDIyMTA0WhcNMjcxMjEyMDIyMTA0WjAYMRYw
FAYDVQQDEw02NzZlMGYxNC00NWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuNE8faGM/4IjFOLdV7Q1uepHVOwdehn2cJXY82eduPAeCkL/GjgOqSSg
nC21ylTtpAVy+X5wehG2Ut7Sy5ipD2apZtvjV1Z6hCoSkuFHiLOUeaq949IPkTh4
Es6hZP7yLiT2ElfgKX4WFW/wX8fMC/qfgM9T6vTyug62+PH0VXE+2CbzPQ7O5OXb
2jyEZ4Hv43dMUOcSRn6U/Civ7lmztFioYnxcaMfYWKx0K9iehjjxQfMv6/9B8U/X
WbnuUwsG0Lrxb7nDw/dqIfVmMqYz+muoDCgkiFrWJkUhzS3k2DO7RIYFxyMc+gk2
0gfSPJQ/z2DGZ1Ex7Iuhqf/0S6Iv6wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN9w
3fHTB3R5pPJpA4o+J1yl2JNgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQjJFMDZBMEMzRjkxMUVGOTA2OTYyNTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcJZMA0GCSqGSIb3DQEBCwUA
A4IBAQBTuy3ep5rMehDlSheXNDYx672uaBROVbVKmdQTbYI/MjixYQF8Qz41Ac+T
7IhQGkIDGPtBfCLy2MmtOKyK0yJLheS4cNBOBt2E2JhaX6ak2HfrEgFbHPb/7C3K
WpzQ7MnyoVaXC45cfGaEv3yBrESAEve5XhGAf5MsKC7rBGO0rMwLqUalEtz1tq6o
QE1teo1P9ZpHcqaP/OM/nxzb1P5/FwhhDEXRF76Ja34ozaI5/N7GaVtM4yxe+Dm9
hYBbr2+gTFVOF5t5w4x0Ke4xfZIfT9uHf0BIUI1mXU7cQpMk841nuyu7xugboBMK
yfmP8APvtmEqMVLrZvvMIbXhjEvw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:03 2025 by rpki-client