Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FEC1562B60911EFB3560069762E951A.roa
File: 4FEC1562B60911EFB3560069762E951A.roa (raw, json)
Hash identifier: e0ELhoCbbTOMl2nw+fHUhF6YLOlUHXzIOWhWqLs/+jw=
Subject key identifier: 7C:40:FF:67:66:71:CA:5F:AB:1C:F4:03:50:D1:81:B2:35:3C:DB:97
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E190
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FEC1562B60911EFB3560069762E951A.roa
Signing time: Mon 09 Dec 2024 08:40:58 +0000
ROA not before: Mon 09 Dec 2024 08:40:55 +0000
ROA not after: Thu 06 Feb 2025 08:40:55 +0000
asID: 150706
IP address blocks: 45.192.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 08:40:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57744 (0xe190)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 9 08:40:55 2024 GMT
Not After : Feb 6 08:40:55 2025 GMT
Subject: CN=6756ad1a-dfdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:73:35:66:93:06:65:d4:fa:3f:12:52:a7:da:
32:d1:9a:cf:f2:79:cf:05:88:c3:bf:5b:cc:91:04:
6b:b5:14:18:8d:00:da:4c:ca:f1:35:fc:30:c1:06:
65:37:1f:43:62:8d:94:02:d9:8e:47:ca:87:48:42:
49:68:91:70:03:dd:73:f7:7d:94:ee:93:5a:24:6f:
31:52:06:3f:0e:e9:32:19:4e:b3:e5:ba:b2:b8:5a:
56:2e:a3:b1:a6:38:a6:f8:f1:1f:8d:33:3f:af:d8:
d2:95:22:d2:65:9e:3a:b8:39:4c:2e:1f:da:bb:c7:
89:ce:0a:89:2e:15:2f:ca:09:fe:0c:c5:83:55:bf:
e0:85:ad:49:d9:63:be:65:21:4c:af:6d:59:7d:2b:
66:5d:f8:ec:2e:95:ff:14:67:73:66:65:70:93:64:
10:25:4a:25:ac:5c:03:cb:63:00:38:ce:5a:57:57:
c9:b2:3d:c4:f6:a5:f7:5b:99:1a:0a:0c:b0:d7:b8:
c5:3e:77:d3:16:5a:ae:3c:72:4a:62:83:e3:b1:85:
96:21:dd:17:40:11:c7:10:66:0e:1b:70:ef:60:0e:
e1:fb:a7:1e:17:50:26:21:09:6d:aa:a0:9b:e2:e0:
68:5c:5b:d3:70:9c:9b:83:7b:d6:a1:17:2f:c9:22:
55:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:40:FF:67:66:71:CA:5F:AB:1C:F4:03:50:D1:81:B2:35:3C:DB:97
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FEC1562B60911EFB3560069762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.177.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:4b:50:55:8e:84:db:81:c0:7e:40:b8:2f:aa:26:99:ff:de:
8c:97:1c:b9:9d:77:76:68:b1:60:13:9d:8a:aa:1d:42:7d:6b:
f9:f1:0e:30:d7:7f:32:f1:b8:e0:98:13:d1:5d:bf:8b:6f:90:
2c:ad:4d:2a:cc:eb:0f:cc:78:43:47:08:5a:4e:3d:33:67:29:
51:31:30:12:a3:f4:52:b2:59:da:6b:ae:22:e8:d5:5c:5a:58:
7e:3c:48:85:9b:65:2c:b0:55:08:da:fe:c4:6d:25:e6:c7:94:
3d:e2:f9:56:62:84:51:d2:4f:a8:0c:21:32:97:f6:e7:26:d5:
25:49:4a:9e:0e:db:b9:6a:9a:41:c4:be:33:9e:41:80:c1:5a:
d0:55:7e:e9:79:a8:e8:c7:a2:ca:62:d9:8e:1c:a6:f6:78:e2:
94:03:7d:e6:81:c9:18:f1:34:80:4c:c6:0a:55:40:05:bc:a4:
a8:c6:2c:71:d9:36:34:b0:bf:44:71:1e:18:e9:ef:fa:63:01:
b4:c8:ac:20:00:8a:2b:33:af:2c:fd:f2:1f:58:d4:f4:0e:89:
f2:a4:7a:38:31:cd:04:d9:d5:04:10:b0:94:2e:f8:c3:7f:c5:
5a:aa:f9:ae:b9:9f:da:81:75:9c:67:96:aa:dc:ba:e8:be:e9:
02:f0:ba:e6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOGQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDg0MDU1WhcNMjUwMjA2MDg0MDU1WjAYMRYw
FAYDVQQDEw02NzU2YWQxYS1kZmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2nM1ZpMGZdT6PxJSp9oy0ZrP8nnPBYjDv1vMkQRrtRQYjQDaTMrxNfww
wQZlNx9DYo2UAtmOR8qHSEJJaJFwA91z932U7pNaJG8xUgY/DukyGU6z5bqyuFpW
LqOxpjim+PEfjTM/r9jSlSLSZZ46uDlMLh/au8eJzgqJLhUvygn+DMWDVb/gha1J
2WO+ZSFMr21ZfStmXfjsLpX/FGdzZmVwk2QQJUolrFwDy2MAOM5aV1fJsj3E9qX3
W5kaCgyw17jFPnfTFlquPHJKYoPjsYWWId0XQBHHEGYOG3DvYA7h+6ceF1AmIQlt
qqCb4uBoXFvTcJybg3vWoRcvySJV3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHxA
/2dmccpfqxz0A1DRgbI1PNuXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RkVDMTU2MkI2MDkxMUVGQjM1NjAwNjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcCxMA0GCSqGSIb3DQEBCwUA
A4IBAQCtS1BVjoTbgcB+QLgvqiaZ/96Mlxy5nXd2aLFgE52Kqh1CfWv58Q4w138y
8bjgmBPRXb+Lb5AsrU0qzOsPzHhDRwhaTj0zZylRMTASo/RSslnaa64i6NVcWlh+
PEiFm2UssFUI2v7EbSXmx5Q94vlWYoRR0k+oDCEyl/bnJtUlSUqeDtu5appBxL4z
nkGAwVrQVX7peajox6LKYtmOHKb2eOKUA33mgckY8TSATMYKVUAFvKSoxixx2TY0
sL9EcR4Y6e/6YwG0yKwgAIorM68s/fIfWNT0DonypHo4Mc0E2dUEELCULvjDf8Va
qvmuuZ/agXWcZ5aq3LrovukC8Lrm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:05 2025 by rpki-client