Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/45D42C8AAD5911EF87A076AC762E951A.roa
File: 45D42C8AAD5911EF87A076AC762E951A.roa (raw, json)
Hash identifier: AQgxDVQHZpOIdTJGgJ3tUOF3ynn2aHwWwlLzu51lo8I=
Subject key identifier: AD:D9:37:7A:EB:AC:E0:AA:8D:3B:D2:11:C3:75:33:8D:10:0C:6E:87
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DC3F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/45D42C8AAD5911EF87A076AC762E951A.roa
Signing time: Thu 28 Nov 2024 07:20:41 +0000
ROA not before: Thu 28 Nov 2024 07:20:37 +0000
ROA not after: Tue 11 Feb 2025 07:20:37 +0000
asID: 5650
IP address blocks: 45.196.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56383 (0xdc3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 28 07:20:37 2024 GMT
Not After : Feb 11 07:20:37 2025 GMT
Subject: CN=674819c9-2a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e8:0a:d0:bf:ad:53:2f:14:35:4c:50:c9:20:
f4:ee:4e:88:b9:8c:a7:13:0f:12:66:a9:59:58:35:
51:51:cc:e8:c4:6d:e7:cd:74:1f:db:0a:b4:0b:e9:
0a:08:bd:05:e9:cb:86:6b:59:30:fe:9c:05:8b:69:
ea:7e:dd:2a:89:f0:b3:72:09:17:e5:3c:93:d2:9b:
05:96:db:ea:7c:bd:08:69:2c:05:e8:41:96:a9:68:
d9:f3:92:3b:95:2a:54:38:26:ab:dc:fb:1d:dd:a2:
aa:c0:89:70:fe:00:f1:95:37:26:1e:5f:4b:9c:3d:
5c:bd:d6:96:ac:54:71:0c:92:38:6f:6c:bd:75:58:
38:34:4b:cf:3b:6c:8e:ad:4d:ed:19:72:11:0b:dd:
70:a0:61:9e:4e:24:7e:d5:4a:28:d6:c6:f4:70:05:
6f:0b:46:51:37:36:59:7f:3b:9b:d0:9c:2c:38:b9:
6b:83:c7:00:a5:a7:5f:a0:b8:79:3a:28:0f:a6:22:
3d:0a:e3:6d:06:62:53:e0:68:22:25:b1:aa:48:21:
18:23:1e:9d:d2:e1:9a:12:71:45:e2:87:7c:19:05:
b7:8d:25:50:c2:c6:f2:18:42:22:0a:b3:76:8a:3c:
8f:fc:2e:26:11:e5:a4:65:5f:7c:2a:28:ec:87:90:
4b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D9:37:7A:EB:AC:E0:AA:8D:3B:D2:11:C3:75:33:8D:10:0C:6E:87
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/45D42C8AAD5911EF87A076AC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.56.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:a7:7b:6d:2d:e4:db:c7:51:98:78:61:19:a7:ea:0e:ad:f4:
38:94:38:94:8d:4c:04:81:c1:90:b4:13:61:b0:fd:00:23:2d:
8c:ff:0a:d9:b5:61:81:4e:20:f8:18:ce:72:2d:cc:4a:da:11:
01:1e:4c:6a:61:e3:d5:2a:c7:f9:82:5c:3d:41:7c:23:c2:4c:
ac:e0:ab:28:5c:d6:4f:1d:c8:18:6f:6c:83:a2:24:8f:29:56:
20:6d:76:58:2a:d9:81:eb:3a:c8:1f:02:61:03:2e:48:21:28:
8d:56:d3:8f:b9:9c:34:24:e3:40:89:9a:8e:68:04:6c:9f:f8:
86:03:d4:35:a2:08:4a:97:c9:fa:a8:d8:04:08:2d:da:24:7b:
99:77:e0:47:64:df:48:97:16:cb:3b:23:4c:0c:94:07:e3:ab:
05:42:cd:e2:d8:ba:1d:3f:5e:d1:04:8b:5c:ef:6b:56:67:32:
25:24:0d:9f:25:a0:cb:95:6a:7d:d8:03:78:95:79:a1:4c:0e:
00:87:c1:f4:e2:eb:6a:88:61:f0:48:0c:74:b9:5d:45:4c:52:
29:8e:d4:b4:f4:27:a7:a6:14:40:72:ea:c1:c3:13:f6:43:d8:
8e:ed:4c:74:a7:fb:1f:24:3f:64:e9:4a:b5:68:d5:54:59:35:
b3:a7:e2:ff
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANw/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI4MDcyMDM3WhcNMjUwMjExMDcyMDM3WjAYMRYw
FAYDVQQDEw02NzQ4MTljOS0yYTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4OgK0L+tUy8UNUxQySD07k6IuYynEw8SZqlZWDVRUczoxG3nzXQf2wq0
C+kKCL0F6cuGa1kw/pwFi2nqft0qifCzcgkX5TyT0psFltvqfL0IaSwF6EGWqWjZ
85I7lSpUOCar3Psd3aKqwIlw/gDxlTcmHl9LnD1cvdaWrFRxDJI4b2y9dVg4NEvP
O2yOrU3tGXIRC91woGGeTiR+1Uoo1sb0cAVvC0ZRNzZZfzub0JwsOLlrg8cApadf
oLh5OigPpiI9CuNtBmJT4GgiJbGqSCEYIx6d0uGaEnFF4od8GQW3jSVQwsbyGEIi
CrN2ijyP/C4mEeWkZV98Kijsh5BLBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK3Z
N3rrrOCqjTvSEcN1M40QDG6HMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NUQ0MkM4QUFENTkxMUVGODdBMDc2QUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcQ4MA0GCSqGSIb3DQEBCwUA
A4IBAQCNp3ttLeTbx1GYeGEZp+oOrfQ4lDiUjUwEgcGQtBNhsP0AIy2M/wrZtWGB
TiD4GM5yLcxK2hEBHkxqYePVKsf5glw9QXwjwkys4KsoXNZPHcgYb2yDoiSPKVYg
bXZYKtmB6zrIHwJhAy5IISiNVtOPuZw0JONAiZqOaARsn/iGA9Q1oghKl8n6qNgE
CC3aJHuZd+BHZN9IlxbLOyNMDJQH46sFQs3i2LodP17RBItc72tWZzIlJA2fJaDL
lWp92AN4lXmhTA4Ah8H04utqiGHwSAx0uV1FTFIpjtS09CenphRAcurBwxP2Q9iO
7Ux0p/sfJD9k6Uq1aNVUWTWzp+L/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:31 2025 by rpki-client