Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74AA98E0C3BC11EFAC4BCB44762E951A.roa
File: 74AA98E0C3BC11EFAC4BCB44762E951A.roa (raw, json)
Hash identifier: zJ+KLgpIedTK9o2EVELvP9lyoxnoeC+8PMUz8whvIpc=
Subject key identifier: 41:AD:74:88:57:74:9B:E5:0F:A7:3F:7D:B4:3D:00:36:1C:B9:53:33
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EEB7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74AA98E0C3BC11EFAC4BCB44762E951A.roa
Signing time: Thu 26 Dec 2024 19:06:05 +0000
ROA not before: Thu 26 Dec 2024 19:06:01 +0000
ROA not after: Sun 12 Dec 2027 19:06:01 +0000
asID: 17561
IP address blocks: 45.207.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61111 (0xeeb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 19:06:01 2024 GMT
Not After : Dec 12 19:06:01 2027 GMT
Subject: CN=676da91d-72fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:4e:6d:f9:78:9d:d8:4a:36:c5:00:92:f7:72:
84:99:5c:0c:9e:c4:30:9a:06:d3:1f:1a:bc:54:16:
98:7e:1d:34:59:4d:94:67:84:8f:8d:9a:2a:05:1c:
4e:bd:1c:e3:92:c9:d3:8c:df:7d:c8:1a:e6:98:82:
82:88:43:74:62:53:2f:72:a0:59:d3:a2:1c:13:16:
5f:e1:da:83:93:0a:d6:1e:b5:86:d2:f7:1d:58:7e:
90:4a:3e:a3:54:5b:a3:21:66:23:b9:77:0b:cb:67:
a0:0b:4a:3b:d3:a1:f5:b7:5e:df:19:44:55:05:7b:
6c:38:35:df:73:2e:5a:3b:69:ec:20:83:83:e0:06:
3f:b5:cb:3c:ed:93:68:96:84:44:2c:32:fd:09:51:
3e:c3:d5:90:54:1f:38:05:97:bd:99:4e:1a:7b:14:
47:c6:e4:d6:ea:b8:0d:ae:89:15:77:11:a9:ae:4b:
c2:54:3e:e5:be:a2:8f:d0:d8:a1:a0:8f:ab:39:6e:
e4:f5:ac:dc:b3:3a:df:c5:03:6d:3d:50:c1:16:27:
5b:56:d4:bb:d7:b0:00:2c:be:f9:37:a2:2e:da:60:
6d:c6:64:03:5c:69:20:c5:f0:79:6b:c5:26:11:21:
93:75:ff:99:27:2e:c2:85:90:ef:d6:a0:37:03:d3:
07:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AD:74:88:57:74:9B:E5:0F:A7:3F:7D:B4:3D:00:36:1C:B9:53:33
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74AA98E0C3BC11EFAC4BCB44762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.156.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:2c:1f:02:66:96:61:24:a2:9a:80:5c:68:2d:f6:91:7a:b6:
26:23:ff:29:0c:6c:92:c5:7f:ce:ef:db:ea:de:9c:b1:ed:64:
7b:93:60:be:39:6e:cf:cd:05:e6:70:12:fc:36:09:11:20:86:
de:db:1a:8f:6b:4f:d1:08:b3:12:9d:6f:1b:15:7c:fc:38:8e:
7e:1e:cf:1b:5c:06:2e:7a:f0:04:f5:9e:ec:72:32:2c:78:ef:
40:33:e8:91:50:a5:09:8a:ce:e7:1b:30:57:16:da:47:60:64:
fb:cb:57:f5:e4:b8:5f:1d:d4:01:55:83:f2:bc:ea:ae:aa:0f:
31:2d:1a:cc:88:54:21:2e:a2:18:0d:c1:51:e9:88:1e:5e:4c:
82:25:62:77:62:47:ea:a9:ee:9b:03:c2:ac:1a:28:fb:be:76:
a0:9f:db:39:a6:43:33:70:7d:63:2e:30:6b:5d:59:67:15:ce:
06:d0:ba:9e:34:4c:91:e5:55:14:9f:1e:71:11:b6:ff:d3:3b:
59:eb:56:92:77:08:ed:5e:b8:d7:52:0a:65:8c:8b:89:56:27:
8b:54:87:7b:fd:61:16:01:11:63:e1:08:8e:1e:d1:5d:56:ad:
81:7a:92:68:16:76:fb:d4:9a:69:c2:86:1d:f8:4a:c6:35:d6:
8d:de:04:36
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO63MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTkwNjAxWhcNMjcxMjEyMTkwNjAxWjAYMRYw
FAYDVQQDEw02NzZkYTkxZC03MmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4k5t+Xid2Eo2xQCS93KEmVwMnsQwmgbTHxq8VBaYfh00WU2UZ4SPjZoq
BRxOvRzjksnTjN99yBrmmIKCiEN0YlMvcqBZ06IcExZf4dqDkwrWHrWG0vcdWH6Q
Sj6jVFujIWYjuXcLy2egC0o706H1t17fGURVBXtsODXfcy5aO2nsIIOD4AY/tcs8
7ZNoloRELDL9CVE+w9WQVB84BZe9mU4aexRHxuTW6rgNrokVdxGprkvCVD7lvqKP
0NihoI+rOW7k9azcszrfxQNtPVDBFidbVtS717AALL75N6Iu2mBtxmQDXGkgxfB5
a8UmESGTdf+ZJy7ChZDv1qA3A9MHZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEGt
dIhXdJvlD6c/fbQ9ADYcuVMzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NEFBOThFMEMzQkMxMUVGQUM0QkNCNDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+cMA0GCSqGSIb3DQEBCwUA
A4IBAQCKLB8CZpZhJKKagFxoLfaRerYmI/8pDGySxX/O79vq3pyx7WR7k2C+OW7P
zQXmcBL8NgkRIIbe2xqPa0/RCLMSnW8bFXz8OI5+Hs8bXAYuevAE9Z7scjIseO9A
M+iRUKUJis7nGzBXFtpHYGT7y1f15LhfHdQBVYPyvOquqg8xLRrMiFQhLqIYDcFR
6YgeXkyCJWJ3Ykfqqe6bA8KsGij7vnagn9s5pkMzcH1jLjBrXVlnFc4G0LqeNEyR
5VUUnx5xEbb/0ztZ61aSdwjtXrjXUgpljIuJVieLVId7/WEWARFj4QiOHtFdVq2B
epJoFnb71JppwoYd+ErGNdaN3gQ2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:44 2025 by rpki-client