Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/438E6DA8C39011EFB359DBAD762E951A.roa
File: 438E6DA8C39011EFB359DBAD762E951A.roa (raw, json)
Hash identifier: eX4wxiCWG7XnO9Kk+8olfLS//Bz21CYsRMaapX0+L+E=
Subject key identifier: D6:B6:BC:A5:C7:6A:D7:14:F6:92:56:90:58:71:AE:F8:17:D1:AD:21
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECE1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/438E6DA8C39011EFB359DBAD762E951A.roa
Signing time: Thu 26 Dec 2024 13:49:45 +0000
ROA not before: Thu 26 Dec 2024 13:49:41 +0000
ROA not after: Sun 12 Dec 2027 13:49:41 +0000
asID: 17561
IP address blocks: 45.196.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60641 (0xece1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 13:49:41 2024 GMT
Not After : Dec 12 13:49:41 2027 GMT
Subject: CN=676d5ef9-964c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d7:29:46:11:46:92:59:62:ad:6e:b1:c0:f9:
97:86:2e:e0:d4:cd:05:2e:85:d7:3d:45:3f:90:40:
4e:66:dc:9e:76:c6:24:e3:19:ec:56:d3:d0:81:bc:
40:15:29:28:b2:35:e4:05:e1:7e:17:4a:e4:be:e8:
aa:e0:05:4e:49:1d:31:77:60:a8:99:10:f0:ea:13:
c7:97:b7:69:da:81:c8:9a:a0:a8:d8:a2:6e:d5:21:
1f:6b:cf:4c:e2:0f:32:71:ff:2e:69:30:12:d5:4a:
21:52:3e:cd:a6:05:ca:65:48:42:b2:75:98:f6:6e:
41:e6:ce:ac:e7:25:bd:10:35:ff:36:e0:f9:de:99:
b2:e4:4e:ef:fb:91:e1:d4:04:e9:1e:54:ff:b9:2a:
d8:d2:12:bf:aa:d7:c9:b8:99:35:70:45:4c:0b:5a:
95:29:bf:c2:ed:f4:ed:1d:fe:d1:35:88:01:59:81:
ce:7f:7e:6d:d5:db:9c:aa:5b:57:d7:3c:2f:59:27:
e5:ce:bd:98:93:d0:32:6b:53:0e:48:a4:b3:e6:8a:
46:78:28:0b:f5:b7:59:53:6f:f8:e9:8e:db:a6:2d:
f1:db:3b:9e:42:34:f0:a9:9e:53:78:f0:9e:68:8d:
46:b8:f6:71:d6:00:99:fc:ed:b6:ea:41:49:45:73:
e7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B6:BC:A5:C7:6A:D7:14:F6:92:56:90:58:71:AE:F8:17:D1:AD:21
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/438E6DA8C39011EFB359DBAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.226.0/24
Signature Algorithm: sha256WithRSAEncryption
91:1e:6f:90:73:a7:94:9a:6e:45:b9:02:16:8d:3c:ae:9c:5f:
af:68:03:4d:39:a6:39:6d:b2:c8:8e:db:ff:b3:25:f0:15:ca:
f6:9a:06:7d:33:f3:d0:bb:45:26:db:6f:78:df:d9:78:81:da:
57:53:cd:7f:fa:49:a7:a3:e8:49:7f:cf:91:d0:f3:d6:4e:76:
1b:26:fd:4a:56:d8:88:1e:b5:7c:fa:06:1b:1f:5e:5b:be:4b:
dd:6e:43:6b:5b:7f:d6:6a:e4:6a:2c:a7:86:e0:97:5f:86:b9:
90:b7:8e:9b:77:a6:7f:f9:21:6c:61:db:06:56:8b:53:98:fc:
1b:b6:bb:a9:af:6c:2a:d8:44:87:5a:64:ae:8d:2a:a5:8e:a8:
8d:af:ca:43:d0:f3:90:8d:09:71:f8:b0:d2:64:54:4f:ba:96:
d9:ba:1f:23:22:1b:bb:c8:c7:00:5b:25:9b:1a:94:ee:70:77:
07:5f:b9:82:9a:35:4f:a6:94:24:c9:ef:11:1c:96:73:8f:1c:
c7:0d:1c:98:1d:11:52:7f:9b:30:38:9c:66:03:61:6c:37:5f:
63:2f:12:c4:cb:af:b3:f3:df:7d:a1:a0:e8:ca:bf:73:38:d8:
aa:74:88:21:91:78:85:9d:b8:59:c3:24:a2:ec:56:b6:79:08:
d5:6e:db:04
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOzhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTM0OTQxWhcNMjcxMjEyMTM0OTQxWjAYMRYw
FAYDVQQDEw02NzZkNWVmOS05NjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2tcpRhFGkllirW6xwPmXhi7g1M0FLoXXPUU/kEBOZtyedsYk4xnsVtPQ
gbxAFSkosjXkBeF+F0rkvuiq4AVOSR0xd2ComRDw6hPHl7dp2oHImqCo2KJu1SEf
a89M4g8ycf8uaTAS1UohUj7NpgXKZUhCsnWY9m5B5s6s5yW9EDX/NuD53pmy5E7v
+5Hh1ATpHlT/uSrY0hK/qtfJuJk1cEVMC1qVKb/C7fTtHf7RNYgBWYHOf35t1duc
qltX1zwvWSflzr2Yk9Aya1MOSKSz5opGeCgL9bdZU2/46Y7bpi3x2zueQjTwqZ5T
ePCeaI1GuPZx1gCZ/O226kFJRXPnUQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNa2
vKXHatcU9pJWkFhxrvgX0a0hMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MzhFNkRBOEMzOTAxMUVGQjM1OURCQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTiMA0GCSqGSIb3DQEBCwUA
A4IBAQCRHm+Qc6eUmm5FuQIWjTyunF+vaANNOaY5bbLIjtv/syXwFcr2mgZ9M/PQ
u0Um229439l4gdpXU81/+kmno+hJf8+R0PPWTnYbJv1KVtiIHrV8+gYbH15bvkvd
bkNrW3/WauRqLKeG4JdfhrmQt46bd6Z/+SFsYdsGVotTmPwbtrupr2wq2ESHWmSu
jSqljqiNr8pD0POQjQlx+LDSZFRPupbZuh8jIhu7yMcAWyWbGpTucHcHX7mCmjVP
ppQkye8RHJZzjxzHDRyYHRFSf5swOJxmA2FsN19jLxLEy6+z8999oaDoyr9zONiq
dIghkXiFnbhZwySi7Fa2eQjVbtsE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:51 2025 by rpki-client