Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D354732C38811EF8EF2C37C762E951A.roa
File: 7D354732C38811EF8EF2C37C762E951A.roa (raw, json)
Hash identifier: 64h5pDE6jjtf72DViVBv9vuGXzb+z6vr0+LLbovM7mI=
Subject key identifier: 62:11:CF:D7:47:02:1D:20:A2:CC:B5:87:C7:61:2E:69:AF:FB:3A:1E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC8D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D354732C38811EF8EF2C37C762E951A.roa
Signing time: Thu 26 Dec 2024 12:54:06 +0000
ROA not before: Thu 26 Dec 2024 12:54:02 +0000
ROA not after: Sun 12 Dec 2027 12:54:02 +0000
asID: 17561
IP address blocks: 45.196.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60557 (0xec8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 12:54:02 2024 GMT
Not After : Dec 12 12:54:02 2027 GMT
Subject: CN=676d51ed-e432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:0d:ad:54:46:36:00:41:8e:3a:39:57:31:79:
d4:1a:ec:a3:9f:aa:c3:b2:23:c7:8d:18:a3:5b:d9:
e4:3c:fc:78:96:e7:9b:7a:05:54:b0:50:97:e4:dd:
20:63:f4:bd:7b:f0:79:83:52:a0:05:46:89:ef:81:
9a:ef:96:f5:64:2d:d8:87:cf:24:54:fd:63:80:60:
0c:bf:1d:a0:47:40:c7:5f:ef:72:8d:39:16:92:b8:
19:38:71:83:29:38:06:a5:3c:16:e0:be:47:43:ca:
5d:bd:f8:29:cb:9e:d4:05:76:61:5d:c9:a2:13:9a:
02:6b:08:e1:ff:f5:ef:d9:eb:ab:13:ce:65:6b:e7:
47:40:86:cf:99:d1:4c:08:69:ec:fa:0b:02:58:a0:
2e:85:7e:de:91:ab:4e:90:e3:f5:f9:8d:f0:60:e5:
b4:c8:11:54:94:7e:20:cb:5e:a7:fb:32:cd:b4:a8:
47:1e:1a:00:6a:22:73:28:71:10:dc:bc:87:b9:44:
fd:b8:c7:d2:04:86:4b:34:6d:a2:78:6f:ae:31:62:
c1:0f:6a:ce:d7:aa:93:45:a5:b3:e4:8c:fa:0b:d5:
b9:a1:1a:22:19:d0:d7:d4:ca:ff:43:07:d6:ab:da:
1c:56:21:3b:20:2e:29:d4:c6:7a:16:d4:4f:20:9b:
db:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:11:CF:D7:47:02:1D:20:A2:CC:B5:87:C7:61:2E:69:AF:FB:3A:1E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D354732C38811EF8EF2C37C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.152.0/24
Signature Algorithm: sha256WithRSAEncryption
01:f0:ed:1e:35:75:bb:c0:91:4c:dc:17:c3:c3:f9:5f:bf:b2:
aa:a7:eb:cb:48:0b:0b:57:a3:c9:04:51:cc:2a:e5:74:60:66:
10:84:c5:08:91:7d:55:8a:b3:25:19:c3:67:eb:48:31:ac:aa:
c4:e3:1f:bf:f2:67:fb:22:5b:7a:ad:7f:7f:82:1d:44:69:94:
d1:f7:8b:73:09:73:a9:40:64:04:01:bb:ac:26:ce:c9:49:5d:
b7:a2:75:5b:b8:29:8b:50:25:34:05:50:15:5c:36:07:4c:4a:
0d:c7:ac:c0:c8:40:dc:66:c4:12:ed:5c:c3:c0:24:d0:ea:ec:
20:b1:5c:d8:aa:c4:ca:f2:79:35:2e:13:34:9d:82:05:cc:92:
ab:7b:44:65:e8:04:14:fa:b8:89:c8:d2:0b:73:6e:d7:24:ec:
6b:b6:9e:ae:67:e1:cd:33:5a:6e:dd:c6:09:18:f5:85:be:41:
81:47:aa:d8:b0:bc:28:56:c8:80:ed:ed:dc:fa:09:6d:be:3a:
2d:74:11:24:e0:c0:a1:18:e7:db:10:f0:8d:ab:30:fb:dd:8a:
e2:a5:6f:e7:89:23:51:bf:7f:14:7b:a6:1b:32:d0:ca:26:85:
2b:49:d8:fb:37:49:09:ce:65:4b:55:40:c2:c6:99:0b:be:b2:
e1:1c:11:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOyNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTI1NDAyWhcNMjcxMjEyMTI1NDAyWjAYMRYw
FAYDVQQDEw02NzZkNTFlZC1lNDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4w2tVEY2AEGOOjlXMXnUGuyjn6rDsiPHjRijW9nkPPx4luebegVUsFCX
5N0gY/S9e/B5g1KgBUaJ74Ga75b1ZC3Yh88kVP1jgGAMvx2gR0DHX+9yjTkWkrgZ
OHGDKTgGpTwW4L5HQ8pdvfgpy57UBXZhXcmiE5oCawjh//Xv2eurE85la+dHQIbP
mdFMCGns+gsCWKAuhX7ekatOkOP1+Y3wYOW0yBFUlH4gy16n+zLNtKhHHhoAaiJz
KHEQ3LyHuUT9uMfSBIZLNG2ieG+uMWLBD2rO16qTRaWz5Iz6C9W5oRoiGdDX1Mr/
QwfWq9ocViE7IC4p1MZ6FtRPIJvbzwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGIR
z9dHAh0gosy1h8dhLmmv+zoeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RDM1NDczMkMzODgxMUVGOEVGMkMzN0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcSYMA0GCSqGSIb3DQEBCwUA
A4IBAQAB8O0eNXW7wJFM3BfDw/lfv7Kqp+vLSAsLV6PJBFHMKuV0YGYQhMUIkX1V
irMlGcNn60gxrKrE4x+/8mf7Ilt6rX9/gh1EaZTR94tzCXOpQGQEAbusJs7JSV23
onVbuCmLUCU0BVAVXDYHTEoNx6zAyEDcZsQS7VzDwCTQ6uwgsVzYqsTK8nk1LhM0
nYIFzJKre0Rl6AQU+riJyNILc27XJOxrtp6uZ+HNM1pu3cYJGPWFvkGBR6rYsLwo
VsiA7e3c+gltvjotdBEk4MChGOfbEPCNqzD73YripW/niSNRv38Ue6YbMtDKJoUr
Sdj7N0kJzmVLVUDCxpkLvrLhHBHK
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:11 2025 by rpki-client