Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7456E292AD5811EF822FECA5762E951A.roa
File: 7456E292AD5811EF822FECA5762E951A.roa (raw, json)
Hash identifier: Ks92uzB+f4/KBBS/LTx5BjaTwB2hcH2V7b5mnITf8+Q=
Subject key identifier: 74:F6:38:74:83:76:8D:7E:87:B2:BA:06:A0:E6:C5:B2:0D:B5:08:79
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DC35
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7456E292AD5811EF822FECA5762E951A.roa
Signing time: Thu 28 Nov 2024 07:14:49 +0000
ROA not before: Thu 28 Nov 2024 07:14:46 +0000
ROA not after: Tue 11 Feb 2025 07:14:46 +0000
asID: 5650
IP address blocks: 45.196.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56373 (0xdc35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 28 07:14:46 2024 GMT
Not After : Feb 11 07:14:46 2025 GMT
Subject: CN=67481869-514a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b4:7b:60:30:ef:fa:f4:cc:25:78:47:31:3a:
eb:e3:66:36:4e:9b:fb:6b:65:f2:3f:30:1a:4e:4f:
d4:aa:70:5a:ef:fa:47:1a:70:d2:ab:4f:94:29:21:
e5:42:53:ff:3c:df:ea:7c:d6:bb:4c:0f:9c:da:cb:
3d:d9:0d:78:96:00:07:af:b9:3f:4f:ff:4d:ca:ad:
8e:e4:ce:32:65:42:c9:44:90:12:36:65:15:5e:20:
34:a6:d8:8d:bb:0c:9c:05:d5:69:a3:1d:15:d2:0a:
f7:92:8c:1a:f1:18:b9:f7:de:1e:6e:03:92:38:b8:
42:ed:3a:85:71:53:88:11:b4:db:5e:12:e1:6f:38:
83:e2:9c:21:49:57:4e:ec:1f:3f:70:c5:e6:cc:21:
0b:a2:e6:26:f2:6a:d0:71:dc:06:14:42:68:20:47:
2b:ac:21:b7:de:7e:91:c6:c4:7f:31:47:0a:6d:8f:
96:de:85:0a:7b:c0:10:d3:ad:2c:6c:3d:d9:87:10:
e9:de:63:6b:ba:c6:38:64:25:a6:0a:d6:97:4d:2d:
20:11:75:b2:bc:f9:47:0e:b5:b6:74:3e:0c:8b:d7:
6e:d2:95:67:e9:83:53:d7:8b:27:c6:8b:a1:62:db:
25:37:ad:88:a8:da:c0:8f:e1:7e:d5:77:0e:d2:4b:
08:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F6:38:74:83:76:8D:7E:87:B2:BA:06:A0:E6:C5:B2:0D:B5:08:79
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7456E292AD5811EF822FECA5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.36.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:19:07:9b:d1:15:14:44:61:54:91:0f:b4:f1:b2:7a:10:f6:
7e:32:e1:58:a0:8f:71:e5:3a:43:69:d8:65:19:11:05:d7:98:
90:47:ae:ad:a9:e1:2c:9e:82:68:52:d8:fd:88:ef:3d:83:96:
a3:3d:ff:f7:a4:b8:cc:16:76:cc:0c:f2:7d:88:e2:04:88:af:
e1:82:47:98:34:7e:77:e4:d7:2c:43:cd:b8:bc:96:01:9a:84:
b9:c2:bd:4e:cd:4b:c6:24:13:15:54:9d:d9:bf:86:28:ee:10:
6d:a4:33:00:64:a0:2e:b5:47:a2:05:1e:20:d7:90:60:6a:29:
6e:0e:a9:0d:fc:3c:a2:37:7b:8d:16:d3:cd:1f:81:d9:2c:09:
70:74:0b:9a:b3:19:98:27:5d:ff:ae:6b:61:5d:12:34:d4:23:
f6:32:73:f3:92:6a:cb:90:98:5e:9d:08:e0:36:a5:29:c4:d8:
f8:0f:6c:20:24:05:5d:5a:f6:31:db:4b:84:13:58:4f:9f:c8:
57:8a:87:cd:ba:f0:52:c6:de:6d:b1:3b:be:7f:fd:be:fb:27:
a9:c4:cb:43:6c:a2:6d:75:c5:5f:93:79:96:5e:1b:8a:7b:18:
95:c8:88:84:d2:c1:f2:f8:80:00:38:34:dd:4b:a8:cf:74:81:
49:33:8a:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANw1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI4MDcxNDQ2WhcNMjUwMjExMDcxNDQ2WjAYMRYw
FAYDVQQDEw02NzQ4MTg2OS01MTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApLR7YDDv+vTMJXhHMTrr42Y2Tpv7a2XyPzAaTk/UqnBa7/pHGnDSq0+U
KSHlQlP/PN/qfNa7TA+c2ss92Q14lgAHr7k/T/9Nyq2O5M4yZULJRJASNmUVXiA0
ptiNuwycBdVpox0V0gr3kowa8Ri5994ebgOSOLhC7TqFcVOIEbTbXhLhbziD4pwh
SVdO7B8/cMXmzCELouYm8mrQcdwGFEJoIEcrrCG33n6RxsR/MUcKbY+W3oUKe8AQ
060sbD3ZhxDp3mNrusY4ZCWmCtaXTS0gEXWyvPlHDrW2dD4Mi9du0pVn6YNT14sn
xouhYtslN62IqNrAj+F+1XcO0ksI2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHT2
OHSDdo1+h7K6BqDmxbINtQh5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NDU2RTI5MkFENTgxMUVGODIyRkVDQTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcQkMA0GCSqGSIb3DQEBCwUA
A4IBAQA6GQeb0RUURGFUkQ+08bJ6EPZ+MuFYoI9x5TpDadhlGREF15iQR66tqeEs
noJoUtj9iO89g5ajPf/3pLjMFnbMDPJ9iOIEiK/hgkeYNH535NcsQ824vJYBmoS5
wr1OzUvGJBMVVJ3Zv4Yo7hBtpDMAZKAutUeiBR4g15BgailuDqkN/DyiN3uNFtPN
H4HZLAlwdAuasxmYJ13/rmthXRI01CP2MnPzkmrLkJhenQjgNqUpxNj4D2wgJAVd
WvYx20uEE1hPn8hXiofNuvBSxt5tsTu+f/2++yepxMtDbKJtdcVfk3mWXhuKexiV
yIiE0sHy+IAAODTdS6jPdIFJM4oi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:54 2025 by rpki-client