Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7AA537E2C3F711EF87AC3E43762E951A.roa
File: 7AA537E2C3F711EF87AC3E43762E951A.roa (raw, json)
Hash identifier: PDEYn/Gs6WFIRVAQ2mAADRzwGd9YtbEgk6a56hiBRyg=
Subject key identifier: A8:B6:CF:97:2E:18:54:F4:37:79:83:5B:5E:98:CE:EB:D1:AE:C2:07
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF7C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7AA537E2C3F711EF87AC3E43762E951A.roa
Signing time: Fri 27 Dec 2024 02:08:35 +0000
ROA not before: Fri 27 Dec 2024 02:08:31 +0000
ROA not after: Sun 12 Dec 2027 02:08:31 +0000
asID: 17561
IP address blocks: 45.194.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61308 (0xef7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 02:08:31 2024 GMT
Not After : Dec 12 02:08:31 2027 GMT
Subject: CN=676e0c23-5f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:de:f7:20:30:d1:7d:fe:fd:a4:64:c7:eb:65:
53:37:d1:8d:f4:44:e5:62:ff:76:04:28:aa:a4:57:
45:5c:22:72:d2:e9:f2:be:eb:4e:3a:b7:f0:f3:f3:
34:14:ed:99:8a:50:1b:34:e2:06:52:42:82:3d:93:
6e:73:6d:69:98:77:5e:3b:7e:a0:91:bd:e5:cf:25:
2a:e5:e2:da:70:90:49:bb:bf:87:6f:3b:de:b3:75:
7e:94:9c:23:02:6b:42:8e:08:13:b9:98:f6:30:18:
2e:b1:7c:43:d3:74:27:56:85:67:36:76:38:bc:f6:
d4:85:2b:3e:f9:00:d2:30:63:d8:2c:c0:55:11:4b:
64:42:6a:41:b9:cb:e3:61:34:71:5b:63:d4:68:16:
0e:18:85:7f:da:0d:95:b5:a0:b5:b7:58:e4:99:43:
31:74:7f:36:f7:91:c1:2f:e6:9a:e8:58:fc:3f:ef:
f7:94:09:e0:20:1e:80:28:a1:2b:1b:f3:84:72:e6:
58:50:b2:c4:82:35:ac:28:cc:1b:24:1d:72:ee:89:
58:89:9c:f0:4f:67:14:16:84:0d:73:e9:37:25:4a:
52:24:83:36:c2:d7:e2:2e:13:24:ae:c3:f0:1a:b8:
77:4f:ea:1f:3b:34:3d:df:e4:51:50:1d:78:8a:f7:
0d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B6:CF:97:2E:18:54:F4:37:79:83:5B:5E:98:CE:EB:D1:AE:C2:07
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7AA537E2C3F711EF87AC3E43762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.26.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:db:c8:3a:51:13:f1:e0:fe:2b:48:03:74:f0:ff:2c:73:c1:
10:bc:62:d3:7d:12:76:ae:a9:57:3c:71:81:57:27:3f:78:23:
95:71:78:0e:a1:ab:db:67:13:51:7f:2a:c2:c8:51:75:f3:7b:
e8:3f:ca:2a:d1:38:b4:64:da:cc:a1:dc:6d:c5:bb:27:72:86:
30:73:d0:39:d9:81:34:24:14:da:f6:25:cb:05:df:8d:77:a7:
6a:a0:a5:b7:6b:37:0c:fd:05:32:00:f2:cb:21:39:74:46:2f:
b0:84:cc:49:e1:af:ec:fe:8c:96:19:36:c1:83:bb:21:b7:6c:
7f:7a:6a:18:0d:0b:f9:ea:5f:a9:e4:a9:3f:a0:4d:f6:fe:7b:
c5:15:81:b6:67:47:c8:9b:3a:de:5b:96:dd:59:40:9d:3b:e4:
8b:92:33:3f:75:c0:69:d7:4c:3e:fd:53:4d:fd:44:0b:77:fb:
61:5b:00:cf:bd:af:62:74:56:d3:f1:11:ec:21:d3:63:ce:d5:
1e:d7:5d:2d:7f:46:3e:4e:eb:f8:05:67:0c:a5:1f:7a:5c:7a:
94:d4:50:c0:fb:0c:57:e3:f1:15:25:7a:5b:4b:62:fa:52:c1:
02:db:12:94:32:ae:a5:15:84:aa:e4:e5:3c:fc:4b:60:50:e2:
b8:1f:9b:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO98MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDIwODMxWhcNMjcxMjEyMDIwODMxWjAYMRYw
FAYDVQQDEw02NzZlMGMyMy01ZjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2t73IDDRff79pGTH62VTN9GN9ETlYv92BCiqpFdFXCJy0unyvutOOrfw
8/M0FO2ZilAbNOIGUkKCPZNuc21pmHdeO36gkb3lzyUq5eLacJBJu7+Hbzves3V+
lJwjAmtCjggTuZj2MBgusXxD03QnVoVnNnY4vPbUhSs++QDSMGPYLMBVEUtkQmpB
ucvjYTRxW2PUaBYOGIV/2g2VtaC1t1jkmUMxdH8295HBL+aa6Fj8P+/3lAngIB6A
KKErG/OEcuZYULLEgjWsKMwbJB1y7olYiZzwT2cUFoQNc+k3JUpSJIM2wtfiLhMk
rsPwGrh3T+ofOzQ93+RRUB14ivcNqQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKi2
z5cuGFT0N3mDW16YzuvRrsIHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QUE1MzdFMkMzRjcxMUVGODdBQzNFNDM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcIaMA0GCSqGSIb3DQEBCwUA
A4IBAQCc28g6URPx4P4rSAN08P8sc8EQvGLTfRJ2rqlXPHGBVyc/eCOVcXgOoavb
ZxNRfyrCyFF183voP8oq0Ti0ZNrModxtxbsncoYwc9A52YE0JBTa9iXLBd+Nd6dq
oKW3azcM/QUyAPLLITl0Ri+whMxJ4a/s/oyWGTbBg7sht2x/emoYDQv56l+p5Kk/
oE32/nvFFYG2Z0fImzreW5bdWUCdO+SLkjM/dcBp10w+/VNN/UQLd/thWwDPva9i
dFbT8RHsIdNjztUe110tf0Y+Tuv4BWcMpR96XHqU1FDA+wxX4/EVJXpbS2L6UsEC
2xKUMq6lFYSq5OU8/EtgUOK4H5u6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:53 2025 by rpki-client