Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/792F0E74D30B11EF9C907B93762E951A.roa
File: 792F0E74D30B11EF9C907B93762E951A.roa (raw, json)
Hash identifier: aH1we00fSM1oVlaAiEFaT95Wox6tGdMFvjK/+lSNmus=
Subject key identifier: AF:22:31:12:4C:C6:40:93:18:20:2D:16:58:D5:FD:D0:5D:B1:03:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01082B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/792F0E74D30B11EF9C907B93762E951A.roa
Signing time: Wed 15 Jan 2025 06:39:30 +0000
ROA not before: Wed 15 Jan 2025 06:39:26 +0000
ROA not after: Fri 21 Feb 2025 06:39:26 +0000
asID: 397071
IP address blocks: 45.195.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67627 (0x1082b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 06:39:26 2025 GMT
Not After : Feb 21 06:39:26 2025 GMT
Subject: CN=67875822-3dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8c:30:f2:44:5f:18:aa:8f:2f:59:d2:28:b0:
84:29:a4:e3:51:d4:f3:a1:50:5a:fd:0f:b7:0b:8e:
b6:fe:2e:d7:47:b5:3f:44:d6:74:6e:95:e3:d5:1f:
5f:32:0e:04:48:67:da:f3:a7:1e:68:ca:cd:92:19:
3d:53:fe:0b:b5:fb:c0:74:6c:7a:16:89:8f:b1:b9:
d6:82:b7:13:5f:cd:f9:03:9f:b0:fe:32:6b:99:c3:
52:33:41:13:ec:b5:8e:32:63:22:66:b3:c6:34:93:
48:87:29:78:6b:30:1b:65:65:c9:f5:75:95:ab:dc:
fd:15:c8:13:53:92:c8:9d:5a:ae:5f:36:fc:59:c3:
79:ba:d0:7f:91:57:d6:5e:54:f8:35:13:33:df:a3:
25:12:cf:fd:6a:8a:28:2c:a4:27:33:b3:5b:ac:a9:
ed:44:a0:83:26:58:33:96:b8:6b:67:21:63:a1:cd:
70:25:93:4e:60:6c:1e:a0:95:47:ee:88:43:56:57:
6b:45:00:73:11:c4:d9:bb:0e:0c:95:a5:06:e2:74:
f9:e3:9b:e1:9d:27:ef:0f:6d:b0:ec:be:18:1b:7b:
30:74:07:d8:2c:a1:f5:7f:01:9b:32:08:1e:d3:9e:
00:2e:23:17:9e:eb:d0:53:eb:ae:c2:c4:57:0d:55:
06:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:22:31:12:4C:C6:40:93:18:20:2D:16:58:D5:FD:D0:5D:B1:03:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/792F0E74D30B11EF9C907B93762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.134.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:98:d4:00:25:52:13:d3:1c:40:33:bb:a7:fb:f9:1c:64:68:
bf:0f:83:e0:48:86:0e:d9:f2:29:79:61:62:92:1b:dc:01:4a:
2b:80:7e:4b:9c:32:21:c0:a5:97:f7:ab:99:af:8f:fb:d1:12:
f7:16:f4:c3:7d:ff:17:5f:f0:d8:5f:c9:d4:d2:ca:cc:49:15:
5e:19:d3:5f:2c:1e:cc:57:fd:f5:21:e6:ba:91:13:63:75:04:
7e:6a:c1:00:b5:26:76:91:1b:08:d6:04:68:9a:80:f6:2b:cf:
28:bc:d0:3b:a5:3c:41:aa:a6:d2:c0:52:6a:4d:e1:2a:48:dc:
a8:c0:3d:61:a7:74:22:ba:ac:4f:1b:ef:02:d6:9c:ed:56:60:
5c:f9:d5:63:48:a8:26:79:ef:41:c8:16:a7:7c:46:39:61:32:
7f:0e:d7:92:08:ae:ed:05:4d:a4:fc:0f:3e:a1:a8:f7:15:87:
62:80:2a:b2:39:50:a1:d7:95:b1:9d:f2:fc:27:99:1d:51:b0:
bd:a4:b1:c6:0c:51:0d:8a:29:14:0c:2a:af:e1:5d:a2:72:aa:
ca:a0:0c:db:4b:7f:00:ad:67:d5:74:bc:b3:2d:64:c6:3b:c4:
86:ec:8e:d2:a6:12:de:87:38:0f:13:92:67:6d:95:e8:88:66:
0a:3c:e0:85
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQgrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDYzOTI2WhcNMjUwMjIxMDYzOTI2WjAYMRYw
FAYDVQQDEw02Nzg3NTgyMi0zZGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAooww8kRfGKqPL1nSKLCEKaTjUdTzoVBa/Q+3C462/i7XR7U/RNZ0bpXj
1R9fMg4ESGfa86ceaMrNkhk9U/4LtfvAdGx6FomPsbnWgrcTX835A5+w/jJrmcNS
M0ET7LWOMmMiZrPGNJNIhyl4azAbZWXJ9XWVq9z9FcgTU5LInVquXzb8WcN5utB/
kVfWXlT4NRMz36MlEs/9aoooLKQnM7NbrKntRKCDJlgzlrhrZyFjoc1wJZNOYGwe
oJVH7ohDVldrRQBzEcTZuw4MlaUG4nT545vhnSfvD22w7L4YG3swdAfYLKH1fwGb
Mgge054ALiMXnuvQU+uuwsRXDVUGLQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK8i
MRJMxkCTGCAtFljV/dBdsQM4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OTJGMEU3NEQzMEIxMUVGOUM5MDdCOTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcOGMA0GCSqGSIb3DQEBCwUA
A4IBAQCsmNQAJVIT0xxAM7un+/kcZGi/D4PgSIYO2fIpeWFikhvcAUorgH5LnDIh
wKWX96uZr4/70RL3FvTDff8XX/DYX8nU0srMSRVeGdNfLB7MV/31Iea6kRNjdQR+
asEAtSZ2kRsI1gRomoD2K88ovNA7pTxBqqbSwFJqTeEqSNyowD1hp3QiuqxPG+8C
1pztVmBc+dVjSKgmee9ByBanfEY5YTJ/DteSCK7tBU2k/A8+oaj3FYdigCqyOVCh
15WxnfL8J5kdUbC9pLHGDFENiikUDCqv4V2icqrKoAzbS38ArWfVdLyzLWTGO8SG
7I7SphLehzgPE5JnbZXoiGYKPOCF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:46 2025 by rpki-client