Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C45B5E6C2A411EFB1C94959762E951A.roa
File: 5C45B5E6C2A411EFB1C94959762E951A.roa (raw, json)
Hash identifier: aWK9wixHFVSyO59qzT3/ANqccfs5VLIB4tVDoU8YKY4=
Subject key identifier: 76:51:87:87:3D:D4:1F:86:8E:D2:A2:AF:EB:C0:98:38:C3:D9:46:EB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E9F5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C45B5E6C2A411EFB1C94959762E951A.roa
Signing time: Wed 25 Dec 2024 09:41:05 +0000
ROA not before: Wed 25 Dec 2024 09:41:01 +0000
ROA not after: Sat 15 Feb 2025 09:41:01 +0000
asID: 138915
IP address blocks: 156.244.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59893 (0xe9f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 09:41:01 2024 GMT
Not After : Feb 15 09:41:01 2025 GMT
Subject: CN=676bd331-9614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f9:ab:ff:f7:6f:87:e2:8d:5d:bc:db:ca:6b:
67:0d:52:d0:8d:58:12:30:d2:e8:ae:bf:a4:d4:2f:
ae:05:cf:25:ad:7f:7e:65:8e:b0:fd:de:9e:bf:c7:
f0:aa:f5:e5:b0:94:b1:4d:6b:c2:95:cf:22:e5:2d:
f6:1c:8a:74:37:06:d4:d5:05:f8:a8:71:2b:e0:f0:
eb:61:b8:22:ae:e8:57:0d:24:83:d1:61:53:77:e2:
64:f9:23:6c:53:ae:32:21:27:c5:78:7f:69:63:fa:
28:5c:c3:e6:6d:00:0f:0e:ca:84:65:c8:db:9b:3e:
64:f7:63:5e:cb:75:6e:f4:bf:54:8c:fc:02:5c:e2:
58:89:64:c3:31:2a:50:f4:fb:98:81:17:a9:40:33:
e3:d0:1e:1e:2b:89:da:71:bf:1f:0f:87:cf:de:33:
b8:e0:89:a4:d3:44:9d:43:23:85:e7:a1:10:cd:2b:
4c:bd:1d:40:14:b4:f9:7b:10:8f:b7:e2:8b:26:19:
e6:e7:d3:77:7f:94:08:bc:bc:6c:59:aa:fa:ef:f6:
72:75:7a:a0:da:6c:9b:85:c4:be:1d:7c:9e:eb:fc:
ca:4a:de:c1:1e:0d:64:1d:7f:20:ab:c2:f9:41:d9:
2a:ab:64:9e:f6:ce:46:20:97:29:ec:2d:24:2c:ce:
c6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:51:87:87:3D:D4:1F:86:8E:D2:A2:AF:EB:C0:98:38:C3:D9:46:EB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C45B5E6C2A411EFB1C94959762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1b:20:2f:8d:db:ea:82:d2:14:da:5d:a1:0f:dc:bf:1a:fd:c0:
54:71:8c:9b:20:39:ae:b7:0a:62:82:ed:5f:c5:72:fb:47:af:
f5:33:5e:0a:44:39:4a:ed:63:94:a9:a3:71:87:bd:20:d5:64:
fb:28:e1:29:27:77:50:e8:36:a2:e2:d0:63:15:de:17:2c:e2:
fd:36:54:8a:2f:df:fc:17:c8:f4:77:1d:d4:f5:8a:ee:53:4d:
8a:8a:ea:d4:29:1c:3c:ec:e7:71:10:99:de:d1:71:fd:5e:38:
fc:b6:6a:e5:8c:bb:db:60:af:55:81:0b:89:d1:99:bb:99:cf:
8b:ad:ce:ba:1b:73:9d:35:db:cf:33:53:47:12:c0:1d:c0:35:
aa:2d:e9:fa:15:99:23:71:39:ec:73:15:d5:74:c8:9e:4f:41:
cc:ce:b3:80:2a:3f:ce:b9:53:07:1d:6b:d2:75:5d:24:8c:25:
0f:3f:e3:7e:6f:4d:50:b6:04:89:e2:16:77:f5:00:90:ad:b0:
0c:47:c6:7c:c6:78:a7:26:0f:3b:84:0f:a1:36:e9:f9:b3:ec:
b5:c3:ce:b0:03:f6:d8:52:20:02:38:bb:cc:54:ac:af:fc:e6:
ac:c6:86:91:ae:e2:70:27:78:01:bb:20:9f:91:13:9a:0b:ff:
74:54:d8:24
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOn1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDk0MTAxWhcNMjUwMjE1MDk0MTAxWjAYMRYw
FAYDVQQDEw02NzZiZDMzMS05NjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnvmr//dvh+KNXbzbymtnDVLQjVgSMNLorr+k1C+uBc8lrX9+ZY6w/d6e
v8fwqvXlsJSxTWvClc8i5S32HIp0NwbU1QX4qHEr4PDrYbgiruhXDSSD0WFTd+Jk
+SNsU64yISfFeH9pY/ooXMPmbQAPDsqEZcjbmz5k92Ney3Vu9L9UjPwCXOJYiWTD
MSpQ9PuYgRepQDPj0B4eK4nacb8fD4fP3jO44Imk00SdQyOF56EQzStMvR1AFLT5
exCPt+KLJhnm59N3f5QIvLxsWar67/ZydXqg2mybhcS+HXye6/zKSt7BHg1kHX8g
q8L5Qdkqq2Se9s5GIJcp7C0kLM7G4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHZR
h4c91B+GjtKir+vAmDjD2UbrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QzQ1QjVFNkMyQTQxMUVGQjFDOTQ5NTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnPQAMA0GCSqGSIb3DQEBCwUA
A4IBAQAbIC+N2+qC0hTaXaEP3L8a/cBUcYybIDmutwpigu1fxXL7R6/1M14KRDlK
7WOUqaNxh70g1WT7KOEpJ3dQ6Dai4tBjFd4XLOL9NlSKL9/8F8j0dx3U9YruU02K
iurUKRw87OdxEJne0XH9Xjj8tmrljLvbYK9VgQuJ0Zm7mc+Lrc66G3OdNdvPM1NH
EsAdwDWqLen6FZkjcTnscxXVdMieT0HMzrOAKj/OuVMHHWvSdV0kjCUPP+N+b01Q
tgSJ4hZ39QCQrbAMR8Z8xninJg87hA+hNun5s+y1w86wA/bYUiACOLvMVKyv/Oas
xoaRruJwJ3gBuyCfkROaC/90VNgk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:40 2025 by rpki-client