Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A8A7D56C3EE11EFA097BE7F762E951A.roa
File: 8A8A7D56C3EE11EFA097BE7F762E951A.roa (raw, json)
Hash identifier: lLlKaeXHT0VHY8wyCEFslyhNHiRuhrkVmuwKs92s7WI=
Subject key identifier: 7D:D4:8F:78:82:3F:98:23:B9:B0:4D:7F:FE:9D:BC:D4:02:04:41:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF36
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A8A7D56C3EE11EFA097BE7F762E951A.roa
Signing time: Fri 27 Dec 2024 01:04:37 +0000
ROA not before: Fri 27 Dec 2024 01:04:33 +0000
ROA not after: Sun 12 Dec 2027 01:04:33 +0000
asID: 17561
IP address blocks: 45.192.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61238 (0xef36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 01:04:33 2024 GMT
Not After : Dec 12 01:04:33 2027 GMT
Subject: CN=676dfd25-662b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e9:d6:e3:d9:fd:34:2f:2c:55:8f:e6:fb:82:
68:84:b0:f7:d5:d2:d5:b0:13:bf:ee:03:62:6b:1e:
3f:44:f6:f8:a7:15:3c:34:b0:bf:1b:89:25:c1:1b:
21:cc:6a:2f:b3:6f:26:04:4a:40:4b:31:35:1f:a4:
2a:fb:fc:86:76:1c:0b:97:b6:d5:c0:dc:a7:e8:0e:
38:aa:3d:17:f3:31:e7:59:ad:41:ca:8e:c3:8e:09:
50:55:ac:f7:21:b1:72:e7:78:c5:a9:77:e3:09:14:
6e:da:9c:b1:6c:5c:e7:a8:92:b5:9a:45:34:95:d5:
bf:6a:65:7b:c1:51:a9:e6:8d:63:c2:4c:7b:81:f7:
9e:df:ee:06:a4:04:01:9b:e1:de:ca:69:71:2d:0f:
aa:f6:d3:08:9f:7c:ad:3d:b3:04:f0:1e:f1:30:1b:
2a:a6:d9:fd:48:1c:13:83:a3:3c:36:2b:75:3a:04:
c4:ec:63:0c:03:ba:c3:7d:2e:11:61:98:76:3f:be:
a3:41:83:d9:0d:c0:96:44:e6:dd:b8:97:cb:63:85:
d5:e3:11:36:95:bd:26:91:7a:4e:ba:4f:b9:79:26:
ba:6b:01:97:12:17:66:81:a2:0a:f1:13:7d:9b:0a:
c0:f5:b9:2b:d6:9e:40:5c:2d:31:7b:6c:51:d7:a8:
ef:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D4:8F:78:82:3F:98:23:B9:B0:4D:7F:FE:9D:BC:D4:02:04:41:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A8A7D56C3EE11EFA097BE7F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.235.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:ae:02:64:42:fb:f1:3b:a4:ac:7d:ed:19:68:9e:de:61:d6:
f5:51:24:0d:87:96:dd:fe:6d:60:c0:1a:c1:67:20:5f:b4:20:
e4:c5:45:ce:77:80:45:ba:b3:61:15:c3:4c:80:ee:4e:cf:8e:
a1:24:3d:1b:77:66:37:f1:22:5b:89:0a:97:83:91:57:46:65:
b4:b1:6d:4e:2f:6a:04:7d:dc:0d:f4:a2:cc:70:f9:f6:19:11:
68:58:a3:d6:58:2b:4f:f7:5c:ef:ba:0e:6d:58:30:38:32:27:
5f:46:e4:a4:ec:6c:25:da:d8:ca:ef:92:08:d4:6f:f2:91:7a:
b2:0d:d6:1d:11:67:da:4a:ee:a5:c3:8e:be:12:32:72:c7:82:
5c:8e:43:ce:78:e9:47:bf:c7:29:b3:38:8c:d8:14:1f:fd:df:
6f:4a:48:12:4d:ab:de:5b:2f:ee:4d:bb:66:53:4e:33:34:4e:
4f:a0:d3:c5:65:f1:29:af:36:a1:47:7f:29:01:8c:93:02:d7:
f7:9a:0a:84:86:a0:e5:9f:1c:9f:72:bc:78:18:8e:4b:7e:98:
39:33:dc:61:b3:d8:d9:d0:89:5a:e6:8b:32:f7:44:25:f4:d9:
7a:a5:87:5f:58:ba:d4:25:32:ae:64:6d:99:9f:cd:45:61:5b:
db:74:6a:44
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO82MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDEwNDMzWhcNMjcxMjEyMDEwNDMzWjAYMRYw
FAYDVQQDEw02NzZkZmQyNS02NjJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1enW49n9NC8sVY/m+4JohLD31dLVsBO/7gNiax4/RPb4pxU8NLC/G4kl
wRshzGovs28mBEpASzE1H6Qq+/yGdhwLl7bVwNyn6A44qj0X8zHnWa1Byo7DjglQ
Vaz3IbFy53jFqXfjCRRu2pyxbFznqJK1mkU0ldW/amV7wVGp5o1jwkx7gfee3+4G
pAQBm+HeymlxLQ+q9tMIn3ytPbME8B7xMBsqptn9SBwTg6M8Nit1OgTE7GMMA7rD
fS4RYZh2P76jQYPZDcCWRObduJfLY4XV4xE2lb0mkXpOuk+5eSa6awGXEhdmgaIK
8RN9mwrA9bkr1p5AXC0xe2xR16jvPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH3U
j3iCP5gjubBNf/6dvNQCBEFyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QThBN0Q1NkMzRUUxMUVGQTA5N0JFN0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcDrMA0GCSqGSIb3DQEBCwUA
A4IBAQClrgJkQvvxO6Ssfe0ZaJ7eYdb1USQNh5bd/m1gwBrBZyBftCDkxUXOd4BF
urNhFcNMgO5Oz46hJD0bd2Y38SJbiQqXg5FXRmW0sW1OL2oEfdwN9KLMcPn2GRFo
WKPWWCtP91zvug5tWDA4MidfRuSk7Gwl2tjK75II1G/ykXqyDdYdEWfaSu6lw46+
EjJyx4JcjkPOeOlHv8cpsziM2BQf/d9vSkgSTaveWy/uTbtmU04zNE5PoNPFZfEp
rzahR38pAYyTAtf3mgqEhqDlnxyfcrx4GI5Lfpg5M9xhs9jZ0Ila5osy90Ql9Nl6
pYdfWLrUJTKuZG2Zn81FYVvbdGpE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:01 2025 by rpki-client