Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9DDAB394C6C811EFB779579F762E951A.roa
File: 9DDAB394C6C811EFB779579F762E951A.roa (raw, json)
Hash identifier: NEE03cvKexNcu9iw+5hMwxRuj2Q0OUjSzxi20iHMPwo=
Subject key identifier: F3:B1:A4:E3:F9:E6:6F:91:0D:E9:EF:69:F9:07:4F:B0:9C:58:EE:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F265
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9DDAB394C6C811EFB779579F762E951A.roa
Signing time: Mon 30 Dec 2024 16:10:42 +0000
ROA not before: Mon 30 Dec 2024 16:10:38 +0000
ROA not after: Sun 28 Dec 2025 16:10:38 +0000
asID: 140683
IP address blocks: 45.192.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62053 (0xf265)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 30 16:10:38 2024 GMT
Not After : Dec 28 16:10:38 2025 GMT
Subject: CN=6772c601-eb7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f8:64:d1:8b:21:23:28:c1:7b:25:32:af:95:
0d:90:be:43:13:75:88:88:05:41:61:07:a9:cd:6e:
35:98:e2:84:9c:16:b1:14:78:b7:2e:fd:76:3a:d6:
45:9f:a8:ae:58:af:0c:2e:8f:74:f7:fd:a4:60:02:
c4:45:72:64:91:71:83:c0:3c:f4:a7:24:bc:9f:19:
6b:59:87:9f:be:6c:34:85:bf:36:28:62:bb:7c:40:
cb:3a:93:19:84:e3:d5:5b:80:ad:23:1b:f8:65:aa:
8b:82:05:a9:f4:55:04:33:cc:f0:b6:5e:16:39:bc:
af:4d:7c:3a:61:ff:d1:59:a7:60:a9:87:7a:24:71:
15:05:eb:87:f8:22:e2:87:68:76:1e:07:64:3c:ce:
e0:9b:e4:cc:e6:76:ea:16:11:8f:ed:52:35:98:9a:
6e:9d:5c:77:ac:08:7f:62:63:3f:a9:af:b1:30:90:
4c:dd:9d:7a:1b:83:08:7b:c1:f7:72:28:a3:de:9a:
db:24:23:e1:28:b2:54:5d:b3:81:1c:54:b1:02:e0:
1f:2f:40:aa:9d:bf:72:5c:b7:95:3d:aa:5b:97:d6:
7b:40:2a:ef:ea:5a:a8:7a:3f:df:00:8d:f2:87:5e:
3f:99:dd:c4:c6:98:e5:e6:40:46:f9:73:8b:b0:c4:
e1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B1:A4:E3:F9:E6:6F:91:0D:E9:EF:69:F9:07:4F:B0:9C:58:EE:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9DDAB394C6C811EFB779579F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.164.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:1e:6c:57:2d:07:ef:82:0c:e2:dc:63:c8:6e:6b:e8:35:39:
bb:b9:c2:9b:ea:7f:f7:58:55:ff:c1:d1:e9:2a:93:7e:08:43:
cd:26:2e:c3:57:d0:d9:4b:78:05:d2:3a:66:3b:d1:a6:c1:a5:
a9:64:7e:83:98:69:e2:2c:53:39:5f:95:c1:d2:13:c0:95:11:
8d:a3:a4:96:99:5f:99:15:f3:79:94:99:46:5f:e0:11:58:b3:
49:65:3b:22:f3:f9:73:73:d9:73:6e:38:70:f9:18:bd:90:c0:
81:3b:46:5b:2e:e4:34:52:61:f4:8b:9c:21:ff:f4:8c:d8:19:
ef:58:0d:55:9b:84:6a:fc:61:d5:e8:86:aa:f3:4f:41:9d:54:
a2:76:41:18:2d:9f:d6:79:1f:dc:b5:e3:e6:7d:82:aa:72:c6:
7d:87:53:96:21:e2:64:8b:26:8a:90:fc:73:fd:5b:9a:1a:0c:
ab:bc:49:56:66:2f:0c:cd:02:98:cd:d1:9b:80:84:92:08:95:
19:65:22:19:42:86:7c:01:75:00:4e:f5:8a:d5:0b:7e:fd:02:
da:f9:95:e2:25:29:82:e9:28:5f:a1:00:e4:3b:42:80:65:6c:
e6:f1:66:99:83:fa:7b:d8:16:ee:65:09:65:1e:57:4d:22:8f:
0b:e0:e7:ec
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPJlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjMwMTYxMDM4WhcNMjUxMjI4MTYxMDM4WjAYMRYw
FAYDVQQDEw02NzcyYzYwMS1lYjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtvhk0YshIyjBeyUyr5UNkL5DE3WIiAVBYQepzW41mOKEnBaxFHi3Lv12
OtZFn6iuWK8MLo909/2kYALERXJkkXGDwDz0pyS8nxlrWYefvmw0hb82KGK7fEDL
OpMZhOPVW4CtIxv4ZaqLggWp9FUEM8zwtl4WObyvTXw6Yf/RWadgqYd6JHEVBeuH
+CLih2h2HgdkPM7gm+TM5nbqFhGP7VI1mJpunVx3rAh/YmM/qa+xMJBM3Z16G4MI
e8H3ciij3prbJCPhKLJUXbOBHFSxAuAfL0Cqnb9yXLeVPapbl9Z7QCrv6lqoej/f
AI3yh14/md3Expjl5kBG+XOLsMThxQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPOx
pOP55m+RDenvafkHT7CcWO4iMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RERBQjM5NEM2QzgxMUVGQjc3OTU3OUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcCkMA0GCSqGSIb3DQEBCwUA
A4IBAQC6HmxXLQfvggzi3GPIbmvoNTm7ucKb6n/3WFX/wdHpKpN+CEPNJi7DV9DZ
S3gF0jpmO9GmwaWpZH6DmGniLFM5X5XB0hPAlRGNo6SWmV+ZFfN5lJlGX+ARWLNJ
ZTsi8/lzc9lzbjhw+Ri9kMCBO0ZbLuQ0UmH0i5wh//SM2BnvWA1Vm4Rq/GHV6Iaq
809BnVSidkEYLZ/WeR/ctePmfYKqcsZ9h1OWIeJkiyaKkPxz/VuaGgyrvElWZi8M
zQKYzdGbgISSCJUZZSIZQoZ8AXUATvWK1Qt+/QLa+ZXiJSmC6ShfoQDkO0KAZWzm
8WaZg/p72BbuZQllHldNIo8L4Ofs
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:33 2025 by rpki-client