Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C6945AAC38D11EF897EB49A762E951A.roa
File: 3C6945AAC38D11EF897EB49A762E951A.roa (raw, json)
Hash identifier: aE92MyvGY6At26qVFectRDSbkLtC5MsxAiwUyas19uc=
Subject key identifier: BE:9F:91:DC:73:CA:F6:B2:CB:A2:1E:58:E7:B3:5B:95:15:D7:DD:AF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECC1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C6945AAC38D11EF897EB49A762E951A.roa
Signing time: Thu 26 Dec 2024 13:28:04 +0000
ROA not before: Thu 26 Dec 2024 13:28:01 +0000
ROA not after: Sun 12 Dec 2027 13:28:01 +0000
asID: 17561
IP address blocks: 45.196.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60609 (0xecc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 13:28:01 2024 GMT
Not After : Dec 12 13:28:01 2027 GMT
Subject: CN=676d59e4-002e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:69:d7:bf:e6:eb:80:8f:cd:69:70:6a:c1:f2:
d6:58:65:06:82:69:70:32:c9:18:e5:20:ce:62:a8:
5a:14:a3:da:05:56:95:80:93:9e:a0:db:72:6b:64:
ae:91:89:ee:69:19:3d:b8:b0:75:23:75:e7:60:d2:
dd:7d:79:62:14:68:c2:73:27:d3:90:ba:25:0f:ab:
83:de:02:f2:07:66:0d:68:87:d8:7a:56:75:c5:a5:
b3:71:28:45:e8:c1:04:6a:11:cc:7d:73:25:75:c1:
8e:f0:5a:d2:4a:30:7a:d2:05:c3:d7:5d:cb:cb:5d:
03:5c:18:be:87:fb:91:6a:1e:23:e3:27:b3:5e:ad:
55:f0:a8:39:50:91:c4:e1:2a:80:55:2a:d4:c4:d3:
03:39:76:73:df:78:91:93:33:4f:6f:60:77:93:22:
57:70:20:7f:89:ff:91:58:87:8b:66:9a:9e:52:9f:
5f:f8:79:84:13:9a:1e:87:a7:f2:f9:ce:f9:82:90:
19:e5:6c:8a:fd:1a:df:08:42:dd:c0:a9:b3:1b:b8:
6e:b2:e6:fc:a6:d5:1f:b2:82:90:44:d3:8c:92:ae:
f7:c8:fc:42:fd:6a:7e:74:75:86:5b:16:a4:ea:4f:
e1:6c:a5:dc:1f:29:d4:e0:66:f6:d9:69:82:99:3a:
c9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:9F:91:DC:73:CA:F6:B2:CB:A2:1E:58:E7:B3:5B:95:15:D7:DD:AF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C6945AAC38D11EF897EB49A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.210.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:bb:8d:a5:53:d0:4c:0f:b8:85:4a:aa:94:09:fd:2f:db:79:
2d:b9:06:b5:23:3d:65:e9:5f:f4:89:b7:79:04:45:0e:3e:10:
68:93:23:2b:85:16:b9:9b:51:85:1e:f3:1c:6d:6e:90:28:08:
ab:c5:4a:8e:20:4c:9f:f0:24:74:1d:78:25:6b:fb:60:fb:80:
cd:d5:93:cb:fb:5f:9d:5f:1c:50:87:6f:90:9e:b5:c1:82:36:
05:dc:28:da:83:40:67:0a:ba:89:74:3d:66:c5:02:8c:db:d3:
19:2d:c7:d8:7a:55:a7:28:18:48:70:d3:c3:27:78:50:8f:12:
c5:c0:23:05:80:e5:cd:e9:74:f3:06:06:a8:c3:7f:c4:b5:28:
34:4b:cc:4e:de:54:fb:62:6a:84:53:9c:7a:20:1d:1f:ad:18:
48:16:97:ec:23:0c:94:e2:1b:dd:a3:dd:f0:72:33:6b:62:82:
c0:e0:c6:5e:29:ce:48:3b:de:2d:8b:f4:d4:0e:03:d7:ed:5f:
12:16:4a:eb:71:ab:fb:65:9c:e0:24:0b:2d:ed:44:30:94:fa:
df:1c:a3:4e:b0:83:13:ff:16:11:2c:8f:45:36:87:2f:46:da:
9a:95:3b:17:e6:59:a0:9f:57:df:55:82:2b:67:7b:ca:71:53:
70:d3:7b:5a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOzBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTMyODAxWhcNMjcxMjEyMTMyODAxWjAYMRYw
FAYDVQQDEw02NzZkNTllNC0wMDJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzWnXv+brgI/NaXBqwfLWWGUGgmlwMskY5SDOYqhaFKPaBVaVgJOeoNty
a2SukYnuaRk9uLB1I3XnYNLdfXliFGjCcyfTkLolD6uD3gLyB2YNaIfYelZ1xaWz
cShF6MEEahHMfXMldcGO8FrSSjB60gXD113Ly10DXBi+h/uRah4j4yezXq1V8Kg5
UJHE4SqAVSrUxNMDOXZz33iRkzNPb2B3kyJXcCB/if+RWIeLZpqeUp9f+HmEE5oe
h6fy+c75gpAZ5WyK/RrfCELdwKmzG7husub8ptUfsoKQRNOMkq73yPxC/Wp+dHWG
Wxak6k/hbKXcHynU4Gb22WmCmTrJRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL6f
kdxzyvayy6IeWOezW5UV192vMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQzY5NDVBQUMzOEQxMUVGODk3RUI0OUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTSMA0GCSqGSIb3DQEBCwUA
A4IBAQA8u42lU9BMD7iFSqqUCf0v23ktuQa1Iz1l6V/0ibd5BEUOPhBokyMrhRa5
m1GFHvMcbW6QKAirxUqOIEyf8CR0HXgla/tg+4DN1ZPL+1+dXxxQh2+QnrXBgjYF
3Cjag0BnCrqJdD1mxQKM29MZLcfYelWnKBhIcNPDJ3hQjxLFwCMFgOXN6XTzBgao
w3/EtSg0S8xO3lT7YmqEU5x6IB0frRhIFpfsIwyU4hvdo93wcjNrYoLA4MZeKc5I
O94ti/TUDgPX7V8SFkrrcav7ZZzgJAst7UQwlPrfHKNOsIMT/xYRLI9FNocvRtqa
lTsX5lmgn1ffVYIrZ3vKcVNw03ta
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:41 2025 by rpki-client