Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9730E158B5FC11EFAD667898762E951A.roa
File: 9730E158B5FC11EFAD667898762E951A.roa (raw, json)
Hash identifier: 7g27S7UYKh/Tb+idSWrpkJ/rCTfXa+2V8+wP+GCmiU0=
Subject key identifier: D1:54:11:F1:FF:E6:99:0B:71:8F:15:AB:0D:AF:10:C3:56:8B:2C:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E15C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9730E158B5FC11EFAD667898762E951A.roa
Signing time: Mon 09 Dec 2024 07:09:54 +0000
ROA not before: Mon 09 Dec 2024 07:09:51 +0000
ROA not after: Thu 06 Feb 2025 07:09:51 +0000
asID: 137443
IP address blocks: 45.192.184.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 07:09:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57692 (0xe15c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 9 07:09:51 2024 GMT
Not After : Feb 6 07:09:51 2025 GMT
Subject: CN=675697c2-e832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d7:a3:89:35:5f:85:f2:7b:71:57:91:10:30:
5d:32:10:51:af:0c:45:14:97:29:ee:77:a0:15:46:
90:0c:80:ab:ba:92:2b:06:fb:68:8a:44:a6:b7:7a:
a5:57:90:d4:5b:b0:dd:3f:99:81:78:fb:cb:8a:38:
ba:58:68:0d:bf:3a:84:fb:ba:72:ef:cd:9b:48:a6:
1b:97:70:ee:7b:06:ee:03:35:9b:60:0d:03:4a:40:
87:10:6e:ee:0b:36:15:a5:8c:7f:01:4a:64:2e:76:
34:62:f8:70:3d:e4:54:d2:9c:2f:b5:fd:b3:bb:02:
20:2d:e7:61:2c:49:ac:1a:7d:78:77:7e:86:46:43:
3e:bc:3c:c0:88:41:b2:5f:e3:52:ba:25:6d:8b:ff:
ae:3d:5c:a4:00:00:bf:1b:1a:c9:79:ae:94:b1:0e:
77:35:37:04:c8:84:a6:a6:4e:bb:7f:8f:0f:17:2d:
d4:bd:48:2c:30:91:31:e6:c9:d2:d1:cb:26:dc:36:
98:a9:2e:8e:b1:4b:3c:53:6e:23:9a:ca:d1:6d:2e:
31:25:ac:50:df:55:f2:5e:5c:55:9b:10:8b:61:33:
10:2b:3a:3d:46:2a:22:77:24:e4:1d:f3:95:ff:6e:
a1:e1:e7:8b:1c:2f:38:08:28:1f:eb:b4:63:17:84:
e8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:54:11:F1:FF:E6:99:0B:71:8F:15:AB:0D:AF:10:C3:56:8B:2C:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9730E158B5FC11EFAD667898762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.184.0/22
Signature Algorithm: sha256WithRSAEncryption
83:4f:34:a7:70:21:70:5f:c4:e9:10:e6:51:dc:48:69:48:b6:
22:26:7d:2f:66:f7:a6:d5:51:e7:e6:5c:6d:f9:63:0e:ba:ca:
d5:20:2c:eb:31:a0:2c:57:60:16:6b:1f:fc:e2:19:23:17:b1:
02:40:64:99:fb:08:f9:c3:c5:fe:c5:23:39:f2:6b:7e:45:c1:
26:e7:5e:73:7e:ed:bc:3b:3f:d4:56:38:8a:47:90:e1:4f:0c:
8d:22:0a:89:fa:51:fb:f6:81:72:7f:31:bc:0a:03:cb:8d:f6:
63:64:2e:d6:70:7d:0d:00:46:ef:99:e3:c6:c4:c3:b1:e8:ce:
27:58:2b:e5:57:a3:7d:49:b5:cb:c8:11:30:32:6a:02:1c:b3:
8a:10:6d:03:4c:e2:5c:84:57:0f:18:91:7a:74:9f:6e:bd:8c:
14:33:1a:20:1e:8c:59:77:e7:38:bc:d0:9b:7e:1d:ce:e7:b5:
99:90:7f:bd:e4:ad:fb:00:8d:24:41:85:9f:d6:e1:8d:41:77:
db:c5:cb:80:7f:97:bc:2c:0b:43:f9:7d:a4:d1:71:b2:8e:6d:
a8:5c:cd:12:2c:f5:a7:a2:ee:67:45:2f:a6:85:de:4a:9f:ab:
0a:a0:d8:dd:91:c9:62:6e:ba:63:b1:f2:2a:b8:78:e0:00:46:
e1:59:b4:b1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOFcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDcwOTUxWhcNMjUwMjA2MDcwOTUxWjAYMRYw
FAYDVQQDEw02NzU2OTdjMi1lODMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArNejiTVfhfJ7cVeREDBdMhBRrwxFFJcp7negFUaQDICrupIrBvtoikSm
t3qlV5DUW7DdP5mBePvLiji6WGgNvzqE+7py782bSKYbl3DuewbuAzWbYA0DSkCH
EG7uCzYVpYx/AUpkLnY0YvhwPeRU0pwvtf2zuwIgLedhLEmsGn14d36GRkM+vDzA
iEGyX+NSuiVti/+uPVykAAC/GxrJea6UsQ53NTcEyISmpk67f48PFy3UvUgsMJEx
5snS0csm3DaYqS6OsUs8U24jmsrRbS4xJaxQ31XyXlxVmxCLYTMQKzo9RioidyTk
HfOV/26h4eeLHC84CCgf67RjF4ToWwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNFU
EfH/5pkLcY8Vqw2vEMNWiyzTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NzMwRTE1OEI1RkMxMUVGQUQ2Njc4OTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcC4MA0GCSqGSIb3DQEBCwUA
A4IBAQCDTzSncCFwX8TpEOZR3EhpSLYiJn0vZvem1VHn5lxt+WMOusrVICzrMaAs
V2AWax/84hkjF7ECQGSZ+wj5w8X+xSM58mt+RcEm515zfu28Oz/UVjiKR5DhTwyN
IgqJ+lH79oFyfzG8CgPLjfZjZC7WcH0NAEbvmePGxMOx6M4nWCvlV6N9SbXLyBEw
MmoCHLOKEG0DTOJchFcPGJF6dJ9uvYwUMxogHoxZd+c4vNCbfh3O57WZkH+95K37
AI0kQYWf1uGNQXfbxcuAf5e8LAtD+X2k0XGyjm2oXM0SLPWnou5nRS+mhd5Kn6sK
oNjdkclibrpjsfIquHjgAEbhWbSx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:12 2025 by rpki-client