Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/945EAE22C47711EF9CF6686F762E951A.roa
File: 945EAE22C47711EF9CF6686F762E951A.roa (raw, json)
Hash identifier: 9u2iirTXpsfRiQpP2Q61VDgF8Vm/LgIHgXZKwnIZL2Q=
Subject key identifier: 1C:D3:8F:33:CE:D6:70:4B:AB:81:30:05:CD:68:CF:A0:3B:DF:37:77
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F0EA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/945EAE22C47711EF9CF6686F762E951A.roa
Signing time: Fri 27 Dec 2024 17:25:34 +0000
ROA not before: Fri 27 Dec 2024 17:25:31 +0000
ROA not after: Mon 21 Apr 2025 17:25:31 +0000
asID: 140925
IP address blocks: 45.195.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61674 (0xf0ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 17:25:31 2024 GMT
Not After : Apr 21 17:25:31 2025 GMT
Subject: CN=676ee30e-993e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ba:c2:66:81:d7:47:62:ea:81:d0:62:47:25:
13:4e:01:d3:d5:40:f0:de:25:6a:5d:44:0c:0f:ac:
c4:88:71:db:1b:95:29:21:61:d9:ee:c1:ea:61:30:
0e:03:83:96:bd:75:40:5e:b3:ce:ee:12:1b:ad:6c:
ed:e4:49:9e:ee:4f:2c:7a:a7:97:f5:9b:e7:b6:40:
75:fc:38:02:9a:f3:03:ab:de:aa:4a:37:db:2c:7b:
2f:6a:05:05:fc:8d:57:a7:ee:7f:34:d2:e9:ba:43:
b2:c6:0f:95:f4:f4:02:66:95:2f:9e:b5:28:89:ef:
49:36:67:ca:3b:57:53:58:3c:5d:64:d3:8a:23:99:
dc:21:3b:20:4a:fe:8d:40:80:54:13:49:5b:de:64:
74:ed:20:57:b8:7d:34:94:16:94:4e:94:8c:77:c1:
81:ba:ce:8b:3b:ed:6d:9f:20:27:45:70:c9:02:d5:
69:6a:a2:81:b3:06:16:53:b9:c3:c3:0f:55:b7:23:
4e:32:62:16:b7:69:40:59:6c:61:2e:69:99:b7:4c:
49:16:7b:bc:f6:63:c6:c2:c8:b3:1b:d1:77:fc:e5:
98:c2:14:d4:3b:cf:52:e2:97:74:23:29:33:85:a5:
d4:5f:5e:ad:2e:54:2d:9b:12:02:f1:d7:c4:38:16:
ae:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D3:8F:33:CE:D6:70:4B:AB:81:30:05:CD:68:CF:A0:3B:DF:37:77
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/945EAE22C47711EF9CF6686F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.151.0/24
Signature Algorithm: sha256WithRSAEncryption
31:20:e1:1d:7c:5c:3b:a8:00:24:d9:07:40:6a:de:86:93:e4:
0c:fc:c6:9b:cb:c1:69:f8:75:f9:ec:e1:6a:23:b6:d8:96:80:
05:fd:2d:cf:2b:b6:5e:66:c9:ea:11:c5:86:06:02:e5:f5:1a:
86:f2:9d:ab:7f:9e:ae:8e:3f:18:61:33:14:a7:ca:ed:0c:18:
1d:ed:13:cc:74:35:83:bf:9b:5e:cb:83:55:cd:70:b7:50:a9:
ad:a1:a1:2f:64:8b:dc:32:d2:22:d8:42:47:f5:55:2e:97:23:
b2:32:88:41:a8:21:5e:58:cc:84:ea:1e:6e:f9:31:48:9e:b8:
bf:fd:95:7b:c4:6a:f3:49:ee:28:4a:4c:3f:b3:11:fc:d5:98:
7b:80:da:dc:3a:fa:ee:01:ef:fd:b5:33:4e:5d:3f:5a:c9:66:
63:ce:08:5a:48:6f:96:98:0d:88:b4:33:2e:f1:7b:cc:32:6d:
80:96:e4:8c:09:69:9a:07:61:88:83:40:8c:b7:b4:d7:d0:ae:
f9:74:d9:6a:61:a6:1b:e7:de:15:aa:9a:29:61:ab:71:df:9c:
12:fb:b2:05:c6:5a:e0:de:0c:1e:ea:44:d2:3b:33:5a:a9:76:
b8:22:b0:57:0c:19:bd:9a:eb:99:23:0d:e3:35:23:0a:55:52:
23:73:91:fb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPDqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MTcyNTMxWhcNMjUwNDIxMTcyNTMxWjAYMRYw
FAYDVQQDEw02NzZlZTMwZS05OTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA07rCZoHXR2LqgdBiRyUTTgHT1UDw3iVqXUQMD6zEiHHbG5UpIWHZ7sHq
YTAOA4OWvXVAXrPO7hIbrWzt5Eme7k8seqeX9ZvntkB1/DgCmvMDq96qSjfbLHsv
agUF/I1Xp+5/NNLpukOyxg+V9PQCZpUvnrUoie9JNmfKO1dTWDxdZNOKI5ncITsg
Sv6NQIBUE0lb3mR07SBXuH00lBaUTpSMd8GBus6LO+1tnyAnRXDJAtVpaqKBswYW
U7nDww9VtyNOMmIWt2lAWWxhLmmZt0xJFnu89mPGwsizG9F3/OWYwhTUO89S4pd0
IykzhaXUX16tLlQtmxIC8dfEOBaumQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBzT
jzPO1nBLq4EwBc1oz6A73zd3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NDVFQUUyMkM0NzcxMUVGOUNGNjY4NkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcOXMA0GCSqGSIb3DQEBCwUA
A4IBAQAxIOEdfFw7qAAk2QdAat6Gk+QM/Maby8Fp+HX57OFqI7bYloAF/S3PK7Ze
ZsnqEcWGBgLl9RqG8p2rf56ujj8YYTMUp8rtDBgd7RPMdDWDv5tey4NVzXC3UKmt
oaEvZIvcMtIi2EJH9VUulyOyMohBqCFeWMyE6h5u+TFInri//ZV7xGrzSe4oSkw/
sxH81Zh7gNrcOvruAe/9tTNOXT9ayWZjzghaSG+WmA2ItDMu8XvMMm2AluSMCWma
B2GIg0CMt7TX0K75dNlqYaYb594VqpopYatx35wS+7IFxlrg3gwe6kTSOzNaqXa4
IrBXDBm9muuZIw3jNSMKVVIjc5H7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:40 2025 by rpki-client