Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C85E824B60711EF8D94715C762E951A.roa
File: 3C85E824B60711EF8D94715C762E951A.roa (raw, json)
Hash identifier: BjLfr2EjjxPbLPqxc+8UICQiuRxiLFZH5yD21YBv/Zo=
Subject key identifier: D9:55:21:7F:3A:40:84:BE:FE:24:87:DF:66:7E:5D:67:FE:FC:2E:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E18E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C85E824B60711EF8D94715C762E951A.roa
Signing time: Mon 09 Dec 2024 08:26:07 +0000
ROA not before: Mon 09 Dec 2024 08:25:58 +0000
ROA not after: Thu 06 Feb 2025 08:25:58 +0000
asID: 150706
IP address blocks: 45.192.178.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 08:25:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57742 (0xe18e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 9 08:25:58 2024 GMT
Not After : Feb 6 08:25:58 2025 GMT
Subject: CN=6756a99f-787c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0f:fc:50:cb:a5:f4:a3:59:45:53:e1:b2:89:
f7:f4:4d:68:ee:37:c1:f0:c7:75:e2:c7:92:ce:cd:
49:c7:2b:b9:ab:c0:42:77:e4:35:f0:c3:17:00:7a:
18:ed:7f:5b:bc:fb:8e:d3:c4:8a:39:cb:37:33:f8:
0c:8d:d6:de:26:c0:90:59:5d:7c:33:f1:24:0a:e2:
7f:a0:2b:aa:ab:cd:1b:8e:83:0d:dd:30:68:3f:8f:
dc:68:1a:8e:e5:36:14:a7:19:d6:09:3c:b7:a2:c9:
e1:4d:f3:8c:f4:35:ee:70:5c:59:e1:a0:cb:38:e2:
01:4b:44:02:38:4b:23:18:2b:ed:09:d9:ac:d7:80:
29:49:2b:18:a9:99:4f:92:8c:29:29:03:5e:bb:85:
55:14:76:a6:57:20:40:96:a0:7d:21:70:59:8d:9c:
aa:f7:52:2a:81:d2:08:7c:ed:ca:65:7b:14:20:67:
b1:90:0e:28:c1:66:41:d5:11:9a:23:c5:23:61:dd:
66:2c:84:bd:56:9f:70:b6:1f:55:60:7a:b1:5c:15:
4b:a5:91:1d:a6:15:b8:f4:c2:9e:93:2b:fd:db:63:
aa:6b:ea:3a:97:79:2c:f1:9f:63:3b:99:79:66:c7:
5a:16:73:64:be:a8:30:11:10:2f:60:17:fa:0a:17:
5c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:55:21:7F:3A:40:84:BE:FE:24:87:DF:66:7E:5D:67:FE:FC:2E:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C85E824B60711EF8D94715C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.178.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:18:ee:3c:7c:ff:d9:fd:17:e4:bd:e2:b2:ae:37:da:3b:81:
0b:93:10:c1:6b:6a:e8:81:6e:01:bd:9d:0f:ca:9c:5c:e3:77:
f8:56:6d:50:43:53:c0:91:37:22:fe:17:6d:f9:24:a7:b5:0a:
69:61:7c:6c:a7:c4:33:e7:88:79:61:d5:49:63:0b:b5:aa:da:
b4:ab:4b:7a:f8:8e:fa:cd:c7:ca:da:d9:b4:9c:74:7c:d2:9d:
73:7e:0e:02:79:38:4e:05:a9:44:94:b9:4a:ba:1b:d8:fc:8c:
c4:88:a1:67:b7:f0:b1:2d:f1:53:2b:b9:0b:2d:d2:69:80:6c:
2f:0a:68:ef:40:59:96:38:b7:04:78:23:06:d5:85:23:28:fc:
dc:ac:e7:0d:90:1f:d0:80:98:eb:3d:c5:76:dc:d6:a2:bd:e3:
e6:95:16:10:f5:95:04:08:e8:42:98:eb:0a:ec:5c:0f:25:0c:
db:ea:c0:58:93:40:3e:ba:4d:a9:45:e3:d5:8e:a4:af:96:98:
a7:5a:c2:59:b3:c6:b1:67:71:3d:21:a9:fc:2d:2b:3a:b6:ec:
9e:ad:59:bd:a8:c5:b7:94:21:61:17:29:0b:97:56:5a:20:65:
ef:2a:c2:96:46:e6:47:51:15:fb:eb:a5:88:0d:17:75:48:76:
e5:16:a6:84
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOGOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDgyNTU4WhcNMjUwMjA2MDgyNTU4WjAYMRYw
FAYDVQQDEw02NzU2YTk5Zi03ODdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1A/8UMul9KNZRVPhson39E1o7jfB8Md14seSzs1Jxyu5q8BCd+Q18MMX
AHoY7X9bvPuO08SKOcs3M/gMjdbeJsCQWV18M/EkCuJ/oCuqq80bjoMN3TBoP4/c
aBqO5TYUpxnWCTy3osnhTfOM9DXucFxZ4aDLOOIBS0QCOEsjGCvtCdms14ApSSsY
qZlPkowpKQNeu4VVFHamVyBAlqB9IXBZjZyq91IqgdIIfO3KZXsUIGexkA4owWZB
1RGaI8UjYd1mLIS9Vp9wth9VYHqxXBVLpZEdphW49MKekyv922Oqa+o6l3ks8Z9j
O5l5ZsdaFnNkvqgwERAvYBf6ChdcHwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNlV
IX86QIS+/iSH32Z+XWf+/C7yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQzg1RTgyNEI2MDcxMUVGOEQ5NDcxNUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcCyMA0GCSqGSIb3DQEBCwUA
A4IBAQANGO48fP/Z/RfkveKyrjfaO4ELkxDBa2rogW4BvZ0Pypxc43f4Vm1QQ1PA
kTci/hdt+SSntQppYXxsp8Qz54h5YdVJYwu1qtq0q0t6+I76zcfK2tm0nHR80p1z
fg4CeThOBalElLlKuhvY/IzEiKFnt/CxLfFTK7kLLdJpgGwvCmjvQFmWOLcEeCMG
1YUjKPzcrOcNkB/QgJjrPcV23NaivePmlRYQ9ZUECOhCmOsK7FwPJQzb6sBYk0A+
uk2pRePVjqSvlpinWsJZs8axZ3E9Ian8LSs6tuyerVm9qMW3lCFhFykLl1ZaIGXv
KsKWRuZHURX766WIDRd1SHblFqaE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:58 2025 by rpki-client