Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/45365556C94B11EF8E0C8B95762E951A.roa
File: 45365556C94B11EF8E0C8B95762E951A.roa (raw, json)
Hash identifier: /ZvwlBzJoLZ5IvD4W8lCFar0sgbj+LImOZAh9RWKZbE=
Subject key identifier: B7:97:7B:A8:0C:5C:2A:61:F4:81:5D:AA:2F:E0:5E:65:5A:F3:2E:00
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F390
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/45365556C94B11EF8E0C8B95762E951A.roa
Signing time: Thu 02 Jan 2025 20:50:59 +0000
ROA not before: Thu 02 Jan 2025 20:50:56 +0000
ROA not after: Mon 13 Dec 2027 20:50:56 +0000
asID: 17561
IP address blocks: 156.225.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62352 (0xf390)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:50:56 2025 GMT
Not After : Dec 13 20:50:56 2027 GMT
Subject: CN=6776fc33-2329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0c:81:3c:ef:20:ee:c7:ed:15:a5:4d:40:d1:
63:94:b6:0c:f0:7b:49:fa:a9:23:49:62:a7:43:46:
46:0c:21:e0:64:fc:e2:2a:7f:09:74:c1:17:7f:e6:
b7:ff:c9:35:ee:0e:b7:9c:14:1f:3d:01:a7:6f:c4:
47:17:8c:27:ae:8a:f3:b3:0c:a3:aa:3b:3b:39:8b:
02:c4:7a:3c:1a:1c:e9:63:01:9c:7f:b4:80:aa:9d:
cf:1b:ec:ad:59:a5:b2:f2:0c:a0:24:4d:0e:f1:48:
7b:fd:4a:cd:9a:91:6e:40:17:f3:29:4a:2e:47:25:
39:c4:28:97:cb:24:f3:b6:85:ab:80:da:b3:a0:ea:
82:e2:f9:9d:68:f4:f7:b7:d2:6e:89:3f:cc:ed:42:
70:5f:6e:94:f4:ac:1c:6e:72:77:aa:77:4f:73:05:
c3:1c:51:6b:ab:cb:f8:a3:90:11:8d:d9:1c:d6:da:
82:2d:c2:d6:60:81:c8:21:32:c1:cf:c9:aa:1e:29:
98:60:55:c8:45:01:61:94:5e:10:a9:23:1c:d2:ae:
89:63:e3:98:40:bd:cd:a8:0b:0c:fb:0b:de:4e:78:
6f:0c:71:32:ec:61:d7:a8:a2:34:70:03:d5:ca:82:
d0:40:2f:ef:f5:9c:32:71:b3:e3:b9:4a:48:f5:25:
cd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:97:7B:A8:0C:5C:2A:61:F4:81:5D:AA:2F:E0:5E:65:5A:F3:2E:00
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/45365556C94B11EF8E0C8B95762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.131.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:5a:26:5d:69:1b:9c:aa:2e:b9:56:01:91:54:04:86:e3:16:
c0:7e:fb:31:69:fc:f5:4c:99:4a:7a:64:03:3e:b6:46:df:43:
b8:db:9b:62:47:e9:b0:a9:ff:13:ab:5f:c6:7b:6a:d2:00:ff:
05:f3:95:35:12:f9:5b:37:28:b4:55:f1:a3:e3:87:d8:f0:65:
1d:44:cb:2a:87:14:de:b9:79:03:fa:50:7d:a7:89:10:33:95:
b4:95:07:95:21:7d:d6:8e:42:0e:8d:da:63:8f:43:ca:12:c3:
93:61:68:e4:b0:62:1a:b2:7c:83:a3:01:cc:f7:2d:35:f6:ba:
25:ab:1c:8b:c2:16:79:d6:04:60:78:7f:f7:8d:7a:8c:84:d3:
73:fc:2e:b2:24:ed:b5:11:0e:36:0c:d2:a5:cc:b9:9c:ab:5a:
db:a2:8d:15:79:07:8d:7b:7a:78:07:f8:ee:12:f3:48:7a:b7:
98:c1:71:e4:75:09:a9:9d:fb:a8:9a:77:d7:66:b3:8b:9f:af:
51:3e:4e:a2:ae:bb:e2:22:00:b4:f7:9d:be:11:fe:e4:be:9d:
52:5d:f6:26:ef:2b:8a:7e:d0:ca:7e:80:92:40:54:8b:92:61:
74:7e:e2:17:62:1e:03:52:bf:4c:f7:db:a2:d5:74:5a:c5:f5:
12:02:7c:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPOQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjA1MDU2WhcNMjcxMjEzMjA1MDU2WjAYMRYw
FAYDVQQDEw02Nzc2ZmMzMy0yMzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4gyBPO8g7sftFaVNQNFjlLYM8HtJ+qkjSWKnQ0ZGDCHgZPziKn8JdMEX
f+a3/8k17g63nBQfPQGnb8RHF4wnrorzswyjqjs7OYsCxHo8GhzpYwGcf7SAqp3P
G+ytWaWy8gygJE0O8Uh7/UrNmpFuQBfzKUouRyU5xCiXyyTztoWrgNqzoOqC4vmd
aPT3t9JuiT/M7UJwX26U9KwcbnJ3qndPcwXDHFFrq8v4o5ARjdkc1tqCLcLWYIHI
ITLBz8mqHimYYFXIRQFhlF4QqSMc0q6JY+OYQL3NqAsM+wveTnhvDHEy7GHXqKI0
cAPVyoLQQC/v9ZwycbPjuUpI9SXNYQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLeX
e6gMXCph9IFdqi/gXmVa8y4AMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NTM2NTU1NkM5NEIxMUVGOEUwQzhCOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOGDMA0GCSqGSIb3DQEBCwUA
A4IBAQA9WiZdaRucqi65VgGRVASG4xbAfvsxafz1TJlKemQDPrZG30O425tiR+mw
qf8Tq1/Ge2rSAP8F85U1EvlbNyi0VfGj44fY8GUdRMsqhxTeuXkD+lB9p4kQM5W0
lQeVIX3WjkIOjdpjj0PKEsOTYWjksGIasnyDowHM9y019rolqxyLwhZ51gRgeH/3
jXqMhNNz/C6yJO21EQ42DNKlzLmcq1rboo0VeQeNe3p4B/juEvNIereYwXHkdQmp
nfuomnfXZrOLn69RPk6irrviIgC0952+Ef7kvp1SXfYm7yuKftDKfoCSQFSLkmF0
fuIXYh4DUr9M99ui1XRaxfUSAny6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:12 2025 by rpki-client