Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D0704FAD0BE11EF90F3FE70762E951A.roa
File: 3D0704FAD0BE11EF90F3FE70762E951A.roa (raw, json)
Hash identifier: 9fZcuyJhIyLbJJfWnX6QkPN9W7Kt9OqbPNYBswpHblA=
Subject key identifier: 8F:B8:39:39:CB:5B:84:E9:02:EC:89:84:7E:75:28:87:62:BF:22:26
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010627
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D0704FAD0BE11EF90F3FE70762E951A.roa
Signing time: Sun 12 Jan 2025 08:21:36 +0000
ROA not before: Sun 12 Jan 2025 08:21:32 +0000
ROA not after: Fri 14 Feb 2025 08:21:32 +0000
asID: 137899
IP address blocks: 45.192.96.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67111 (0x10627)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 12 08:21:32 2025 GMT
Not After : Feb 14 08:21:32 2025 GMT
Subject: CN=67837b90-0773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b4:db:86:f8:98:a2:6e:9c:2e:58:d4:d4:15:
8d:84:7c:c2:b9:09:5c:7e:db:72:61:e2:30:5a:cc:
9d:7f:34:99:72:f9:2e:94:77:30:5e:42:f9:11:58:
2d:8c:a5:6a:2c:b3:1a:b5:ea:10:17:9e:fc:74:04:
c9:82:c2:71:cd:ea:71:af:af:76:44:12:40:06:62:
ce:af:15:93:1a:1c:ca:9a:7a:de:db:ae:97:f8:f5:
95:4c:0b:fa:58:6b:fb:20:2e:18:3c:8f:1e:13:15:
ae:b6:82:12:02:85:74:58:41:b7:19:af:f1:c3:b0:
81:5d:56:4a:48:c8:e2:15:b9:9e:cb:c8:f8:67:5d:
8b:82:a1:70:43:45:70:cd:92:3a:b8:ac:dc:94:3a:
1d:02:ba:5d:3f:ca:84:7d:00:9e:86:1e:2a:8d:6f:
6b:fb:10:63:d5:13:3c:61:f3:24:ea:30:0c:1a:25:
77:2e:d2:ff:cd:4e:47:7c:3c:c1:dd:5d:d5:0d:d8:
05:d1:e4:16:fd:84:9b:c8:9e:83:f4:bf:80:e0:aa:
2d:ac:e3:1d:39:4a:cd:90:16:84:9f:95:a1:84:db:
7d:dd:10:93:89:bd:0b:18:be:37:cd:25:bc:8e:74:
90:13:b2:d3:ad:26:9e:54:a8:84:ee:72:48:c6:65:
e5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B8:39:39:CB:5B:84:E9:02:EC:89:84:7E:75:28:87:62:BF:22:26
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D0704FAD0BE11EF90F3FE70762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:22:9c:97:4b:b7:48:e8:f8:2d:20:55:a6:9c:44:5b:da:8d:
0b:4e:35:b0:9a:97:a6:f1:3a:81:c4:06:28:ea:de:59:ea:ba:
23:4f:b0:13:9e:3f:16:bb:30:27:76:df:36:fd:d7:7c:1b:43:
7e:53:04:31:be:e0:bb:e0:ce:c3:9a:ba:a4:55:47:68:03:3b:
a5:f9:a1:52:4f:70:94:7a:1a:d6:ea:e3:d3:e8:3a:e2:8b:bb:
c3:c1:5c:1b:f9:68:04:c5:1e:6d:57:33:ea:8b:74:f6:57:3e:
f0:3b:08:7b:e4:d3:72:db:b7:c6:d2:6e:b2:76:a1:9e:24:45:
36:1a:51:a9:da:ce:13:a3:cf:97:a8:b4:17:a4:d2:0e:e2:f7:
60:8a:ae:43:ed:5d:58:7d:91:49:5c:56:52:04:f0:82:55:7a:
ac:c4:46:83:14:29:a9:8b:b9:c2:e5:b8:4d:67:4e:83:74:6c:
39:90:e7:76:bf:a1:9c:d1:00:f9:e9:5d:65:d4:7b:1d:b9:fb:
8d:d6:ab:fd:5c:4f:3d:87:26:71:22:b6:bb:08:6d:31:92:6d:
e2:2e:f0:0e:03:04:7a:52:d2:ea:36:66:37:7e:90:de:54:e7:
1a:5c:31:82:e5:66:fd:11:42:56:bf:c2:aa:ec:bc:46:92:1e:
bd:6f:63:b8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQYnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEyMDgyMTMyWhcNMjUwMjE0MDgyMTMyWjAYMRYw
FAYDVQQDEw02NzgzN2I5MC0wNzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv7TbhviYom6cLljU1BWNhHzCuQlcfttyYeIwWsydfzSZcvkulHcwXkL5
EVgtjKVqLLMateoQF578dATJgsJxzepxr692RBJABmLOrxWTGhzKmnre266X+PWV
TAv6WGv7IC4YPI8eExWutoISAoV0WEG3Ga/xw7CBXVZKSMjiFbmey8j4Z12LgqFw
Q0VwzZI6uKzclDodArpdP8qEfQCehh4qjW9r+xBj1RM8YfMk6jAMGiV3LtL/zU5H
fDzB3V3VDdgF0eQW/YSbyJ6D9L+A4KotrOMdOUrNkBaEn5WhhNt93RCTib0LGL43
zSW8jnSQE7LTrSaeVKiE7nJIxmXl+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI+4
OTnLW4TpAuyJhH51KIdivyImMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRDA3MDRGQUQwQkUxMUVGOTBGM0ZFNzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcBgMA0GCSqGSIb3DQEBCwUA
A4IBAQClIpyXS7dI6PgtIFWmnERb2o0LTjWwmpem8TqBxAYo6t5Z6rojT7ATnj8W
uzAndt82/dd8G0N+UwQxvuC74M7DmrqkVUdoAzul+aFST3CUehrW6uPT6Drii7vD
wVwb+WgExR5tVzPqi3T2Vz7wOwh75NNy27fG0m6ydqGeJEU2GlGp2s4To8+XqLQX
pNIO4vdgiq5D7V1YfZFJXFZSBPCCVXqsxEaDFCmpi7nC5bhNZ06DdGw5kOd2v6Gc
0QD56V1l1HsdufuN1qv9XE89hyZxIra7CG0xkm3iLvAOAwR6UtLqNmY3fpDeVOca
XDGC5Wb9EUJWv8Kq7LxGkh69b2O4
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:46 2025 by rpki-client