Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66FAAAE0C38B11EFA36CBD8F762E951A.roa
File: 66FAAAE0C38B11EFA36CBD8F762E951A.roa (raw, json)
Hash identifier: IzJziwzipei0peLoF+4o3c4sjURmi5Kl3blAYhPMNHk=
Subject key identifier: 76:05:EB:D7:38:24:72:DD:F8:06:87:EE:3B:87:F5:1A:43:E9:84:8A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECAD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66FAAAE0C38B11EFA36CBD8F762E951A.roa
Signing time: Thu 26 Dec 2024 13:14:57 +0000
ROA not before: Thu 26 Dec 2024 13:14:53 +0000
ROA not after: Sun 12 Dec 2027 13:14:53 +0000
asID: 17561
IP address blocks: 45.196.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60589 (0xecad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 13:14:53 2024 GMT
Not After : Dec 12 13:14:53 2027 GMT
Subject: CN=676d56d1-a90e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:44:01:1a:b9:f2:63:c5:d5:92:8b:3b:5b:30:
5d:f7:da:38:03:63:4e:ab:b0:52:96:84:13:62:ea:
44:40:59:a0:06:62:b2:76:9e:f4:0e:da:17:8e:e4:
b7:e1:14:f9:99:8d:77:56:3f:3d:33:64:40:05:ac:
61:e6:63:e9:bb:3a:d8:9f:8a:b6:73:fb:4f:53:90:
f1:20:d5:0d:cb:69:e7:4d:c8:9f:c6:80:38:15:e1:
76:cd:05:1a:fc:91:fd:4a:6d:0f:e3:07:df:06:43:
24:3d:3b:75:98:33:d4:37:97:d4:66:a2:2b:42:c2:
55:68:d6:a1:bb:fc:9f:31:2d:29:84:30:9c:94:ac:
f6:1d:2f:a8:5b:f0:b3:16:3a:68:b6:df:50:6e:4c:
02:e0:b1:49:cf:8c:a3:b3:8d:86:61:37:5e:b6:17:
62:48:d8:fb:f7:36:9d:4a:dc:5b:5c:42:1c:1b:99:
d6:35:a5:06:5c:da:9f:79:b2:9a:63:7f:c6:47:2c:
dc:99:8b:96:ff:c0:2a:14:1b:61:3b:e2:6a:15:9e:
44:a9:ef:07:63:f3:96:66:e2:bb:f3:50:c7:d4:d5:
27:f7:0b:8b:93:8e:a2:44:66:c1:de:65:4e:57:71:
3a:40:46:3a:df:52:09:8f:3d:bd:1e:f9:73:b9:2e:
13:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:05:EB:D7:38:24:72:DD:F8:06:87:EE:3B:87:F5:1A:43:E9:84:8A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66FAAAE0C38B11EFA36CBD8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.200.0/24
Signature Algorithm: sha256WithRSAEncryption
28:aa:25:b6:40:e0:20:d2:fb:38:74:6b:ad:48:94:40:a3:b8:
c9:85:d8:7d:60:73:9d:64:6e:ce:09:7b:ef:56:76:8a:bd:8e:
b0:35:24:ac:30:68:5c:ed:f6:9d:d8:40:4c:29:09:4f:63:d4:
d9:bc:1f:fb:6a:ce:fe:83:15:e1:25:eb:1e:a9:01:77:6a:1a:
ab:a0:43:78:cd:ea:ce:e2:2c:f1:8e:0b:de:ae:52:03:f6:3e:
fd:96:e9:45:5d:07:b6:ca:da:7e:f2:71:b9:8a:46:e7:41:41:
d6:07:a4:a1:d0:22:28:1e:5a:c1:2f:97:73:f8:eb:2a:12:37:
37:47:d2:a9:07:e6:d5:e8:d5:94:3a:58:ba:4a:00:b1:f1:1f:
82:e7:bc:49:f9:a5:91:af:47:eb:df:53:22:fa:09:66:bf:a7:
34:6e:69:ee:60:4d:cb:db:ca:f4:69:7f:19:4b:04:95:81:51:
e0:53:a2:a4:8d:eb:db:8e:f5:a4:d2:99:02:d2:79:ad:f9:0e:
f1:08:6f:a7:2f:d5:c4:79:58:d8:9c:62:53:9d:91:09:53:7b:
db:8c:22:f9:fe:24:21:7b:27:e8:da:fc:27:fe:25:5e:36:3d:
13:e2:5e:35:9a:dc:42:2a:1d:fa:e5:20:58:25:10:0f:af:54:
f9:c8:47:11
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOytMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTMxNDUzWhcNMjcxMjEyMTMxNDUzWjAYMRYw
FAYDVQQDEw02NzZkNTZkMS1hOTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1UQBGrnyY8XVkos7WzBd99o4A2NOq7BSloQTYupEQFmgBmKydp70DtoX
juS34RT5mY13Vj89M2RABaxh5mPpuzrYn4q2c/tPU5DxINUNy2nnTcifxoA4FeF2
zQUa/JH9Sm0P4wffBkMkPTt1mDPUN5fUZqIrQsJVaNahu/yfMS0phDCclKz2HS+o
W/CzFjpott9QbkwC4LFJz4yjs42GYTdethdiSNj79zadStxbXEIcG5nWNaUGXNqf
ebKaY3/GRyzcmYuW/8AqFBthO+JqFZ5Eqe8HY/OWZuK781DH1NUn9wuLk46iRGbB
3mVOV3E6QEY631IJjz29HvlzuS4TnwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHYF
69c4JHLd+AaH7juH9RpD6YSKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NkZBQUFFMEMzOEIxMUVGQTM2Q0JEOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTIMA0GCSqGSIb3DQEBCwUA
A4IBAQAoqiW2QOAg0vs4dGutSJRAo7jJhdh9YHOdZG7OCXvvVnaKvY6wNSSsMGhc
7fad2EBMKQlPY9TZvB/7as7+gxXhJeseqQF3ahqroEN4zerO4izxjgverlID9j79
lulFXQe2ytp+8nG5ikbnQUHWB6Sh0CIoHlrBL5dz+OsqEjc3R9KpB+bV6NWUOli6
SgCx8R+C57xJ+aWRr0fr31Mi+glmv6c0bmnuYE3L28r0aX8ZSwSVgVHgU6Kkjevb
jvWk0pkC0nmt+Q7xCG+nL9XEeVjYnGJTnZEJU3vbjCL5/iQheyfo2vwn/iVeNj0T
4l41mtxCKh365SBYJRAPr1T5yEcR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:27 2025 by rpki-client