Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/450B313AD32011EF87FA2495762E951A.roa
File: 450B313AD32011EF87FA2495762E951A.roa (raw, json)
Hash identifier: wA0N3LYlRs+ibP37ptKU9mUyRkpZDmcIczCOyokq0Ww=
Subject key identifier: A0:92:4A:93:43:33:15:06:11:4C:D8:C5:FA:A5:C7:55:93:F7:FE:60
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01088B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/450B313AD32011EF87FA2495762E951A.roa
Signing time: Wed 15 Jan 2025 09:08:22 +0000
ROA not before: Wed 15 Jan 2025 09:08:18 +0000
ROA not after: Mon 03 Jan 2028 09:08:18 +0000
asID: 17561
IP address blocks: 156.254.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67723 (0x1088b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 09:08:18 2025 GMT
Not After : Jan 3 09:08:18 2028 GMT
Subject: CN=67877b06-6cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a5:37:5a:45:04:85:6e:ad:24:13:26:b7:bc:
64:5b:9d:e4:2c:67:3e:73:fa:36:a1:8c:49:a1:6c:
f3:a7:92:fd:4c:14:11:54:85:cd:f4:2d:91:e1:86:
3c:95:37:03:40:b8:ce:e1:f1:59:f7:b3:36:e8:4a:
32:37:ed:fa:f0:b8:67:b1:d9:ad:98:8a:d8:6b:64:
4b:0b:1b:2f:b3:67:7a:9e:99:01:56:8a:a2:39:17:
80:0f:29:64:94:9d:fe:f6:ff:fb:b1:41:88:5d:bd:
2b:eb:72:19:6d:bb:e7:f1:42:1b:b4:22:d8:81:25:
82:e7:a6:8b:7f:36:9b:a9:05:ec:d1:c4:cc:c2:27:
44:53:f6:0e:e6:bc:40:97:cf:ae:e5:5c:b0:98:a7:
8f:0c:e0:c1:b9:fc:c8:4a:5c:36:e7:db:9d:d2:10:
5e:b1:a2:85:bd:d0:24:43:3e:88:fc:85:2e:9c:e9:
62:36:ef:83:d7:8f:b1:a6:3e:b0:e1:42:bf:4c:b2:
54:46:fc:ca:85:cc:64:a7:38:3e:76:e0:9c:b9:e4:
c5:5d:eb:a1:31:26:a6:c4:6b:36:dd:de:ff:14:e4:
92:a2:f4:70:4c:8b:ac:f7:31:60:9a:da:45:24:09:
1d:82:ac:06:72:38:2e:29:b2:d0:ee:2a:bc:f4:ed:
83:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:92:4A:93:43:33:15:06:11:4C:D8:C5:FA:A5:C7:55:93:F7:FE:60
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/450B313AD32011EF87FA2495762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.91.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:e7:ea:b0:42:1d:45:b1:dd:c3:3f:a6:75:9f:6d:a0:6a:28:
bd:e9:7c:d3:dd:68:b9:e1:87:96:ec:77:ba:96:98:66:50:1b:
a3:d4:75:47:6f:3f:6f:36:bb:61:7b:ba:74:65:90:b4:27:75:
c9:1e:c8:f8:08:76:95:4b:50:30:55:b4:e4:bd:f0:79:d4:01:
63:0e:d4:d3:21:77:04:0e:ba:7a:8b:cb:53:29:86:8a:6a:5e:
ec:e8:80:b8:18:45:5a:2c:d5:6b:95:82:81:88:9c:18:e1:c8:
08:b7:f4:06:51:27:70:2f:5b:f4:47:01:7f:9a:9a:f5:2b:59:
1e:d4:f8:43:7a:81:14:63:8b:55:4d:78:c5:e9:7e:df:b5:5e:
64:f1:43:a1:af:f1:83:98:2f:99:da:41:2b:6f:ce:85:37:af:
88:b0:96:c1:8d:1f:4d:bc:f0:93:a8:1a:64:e6:4a:8b:72:90:
fa:31:4e:56:a0:72:18:ad:fb:f6:b0:63:4b:74:74:8c:0c:df:
16:24:ef:99:63:d6:fa:56:6e:30:f0:1f:08:8a:f4:bc:2a:95:
d7:d9:66:8a:e6:70:39:f3:db:11:cb:4d:5b:12:6e:54:77:55:
2a:98:f6:24:43:63:da:ed:1d:28:01:8e:62:90:17:e1:31:f5:
b7:0e:4f:46
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQiLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDkwODE4WhcNMjgwMTAzMDkwODE4WjAYMRYw
FAYDVQQDEw02Nzg3N2IwNi02Y2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtqU3WkUEhW6tJBMmt7xkW53kLGc+c/o2oYxJoWzzp5L9TBQRVIXN9C2R
4YY8lTcDQLjO4fFZ97M26EoyN+368LhnsdmtmIrYa2RLCxsvs2d6npkBVoqiOReA
DylklJ3+9v/7sUGIXb0r63IZbbvn8UIbtCLYgSWC56aLfzabqQXs0cTMwidEU/YO
5rxAl8+u5VywmKePDODBufzISlw259ud0hBesaKFvdAkQz6I/IUunOliNu+D14+x
pj6w4UK/TLJURvzKhcxkpzg+duCcueTFXeuhMSamxGs23d7/FOSSovRwTIus9zFg
mtpFJAkdgqwGcjguKbLQ7iq89O2DxQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKCS
SpNDMxUGEUzYxfqlx1WT9/5gMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NTBCMzEzQUQzMjAxMUVGODdGQTI0OTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5bMA0GCSqGSIb3DQEBCwUA
A4IBAQCz5+qwQh1Fsd3DP6Z1n22gaii96XzT3Wi54YeW7He6lphmUBuj1HVHbz9v
Nrthe7p0ZZC0J3XJHsj4CHaVS1AwVbTkvfB51AFjDtTTIXcEDrp6i8tTKYaKal7s
6IC4GEVaLNVrlYKBiJwY4cgIt/QGUSdwL1v0RwF/mpr1K1ke1PhDeoEUY4tVTXjF
6X7ftV5k8UOhr/GDmC+Z2kErb86FN6+IsJbBjR9NvPCTqBpk5kqLcpD6MU5WoHIY
rfv2sGNLdHSMDN8WJO+ZY9b6Vm4w8B8IivS8KpXX2WaK5nA589sRy01bEm5Ud1Uq
mPYkQ2Pa7R0oAY5ikBfhMfW3Dk9G
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:00 2025 by rpki-client