Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2F362C8ACA011EF8FFA369D762E951A.roa
File: A2F362C8ACA011EF8FFA369D762E951A.roa (raw, json)
Hash identifier: i4NMXQtPFNamG3QhmN3Xc6S50NSA4SpbWA6ZYH7bBnY=
Subject key identifier: 0F:11:25:93:0E:B7:73:C0:B3:F2:71:0C:D1:9F:89:26:BB:CF:84:B7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DBCE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2F362C8ACA011EF8FFA369D762E951A.roa
Signing time: Wed 27 Nov 2024 09:19:00 +0000
ROA not before: Wed 27 Nov 2024 09:18:56 +0000
ROA not after: Tue 11 Feb 2025 09:18:56 +0000
asID: 399989
IP address blocks: 45.196.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56270 (0xdbce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 27 09:18:56 2024 GMT
Not After : Feb 11 09:18:56 2025 GMT
Subject: CN=6746e404-8062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9e:b1:9c:52:3c:98:4a:e6:f1:f6:bc:11:b0:
48:3b:77:c2:6a:f3:2b:0f:d1:dc:ef:4d:0b:24:f8:
84:e6:08:d2:12:90:2f:bc:cd:36:35:67:fd:01:00:
90:c6:fc:3f:91:52:93:12:08:18:af:db:8c:17:12:
50:15:f4:bb:51:4e:41:4f:3b:98:f1:20:15:19:e6:
de:af:02:7b:b2:ea:72:80:d9:39:71:46:da:c6:72:
9c:af:44:38:89:63:5a:68:a5:00:f8:dd:d3:6b:eb:
19:ba:7e:b6:7d:51:8a:f1:3a:1b:fe:2a:24:2b:6c:
6a:e7:86:84:d8:09:cc:02:67:8e:69:7c:87:41:50:
b8:39:06:fb:9c:fe:db:b3:78:ed:78:bb:c2:fe:84:
75:b2:f3:7e:8d:84:ce:4e:e2:f8:f2:6e:00:ec:44:
9b:f5:ef:18:fd:93:f4:a8:6c:a5:f5:0d:cc:36:9d:
77:1c:b1:6c:19:6c:36:f9:f5:7b:fe:b2:d9:20:94:
9b:9b:65:1c:ad:62:b2:60:a6:f8:3c:3b:92:85:7d:
16:17:60:80:b1:67:b2:43:19:24:a6:40:d4:05:6d:
89:2d:6d:39:20:f3:45:eb:21:9c:65:5f:4c:b9:1a:
70:56:b0:c4:a6:4e:af:f0:49:a7:1d:74:f2:57:4a:
4f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:11:25:93:0E:B7:73:C0:B3:F2:71:0C:D1:9F:89:26:BB:CF:84:B7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2F362C8ACA011EF8FFA369D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.52.0/22
Signature Algorithm: sha256WithRSAEncryption
81:ca:a5:39:c3:e1:5a:9d:59:0e:be:c7:f5:e4:ae:00:b9:b8:
2b:7b:20:37:04:bf:76:31:8c:dd:fe:ac:5a:85:e0:89:83:f8:
1e:34:15:a4:fc:ef:17:b2:58:91:6c:44:7e:4b:06:bc:99:fe:
82:29:e5:10:5c:b8:80:0f:b9:ed:e7:da:d9:1b:65:da:b4:60:
cf:75:8b:b8:de:39:72:e3:8e:f2:69:46:5b:ef:cb:31:5e:a9:
73:b2:2f:5b:83:ea:45:70:ec:b7:ae:0c:c8:ea:cf:31:59:8b:
36:32:16:d4:20:d8:66:1f:53:14:cb:60:28:7e:d3:b6:00:5b:
31:66:26:5c:58:7d:84:7e:fd:74:d1:f6:46:60:8a:d2:a0:dd:
45:b7:bd:9c:14:f4:e9:36:c9:b2:32:86:02:87:f5:33:f5:a1:
2a:27:1e:49:43:28:c0:65:85:be:be:4e:e8:6d:70:7b:35:ce:
e7:92:bd:b2:0f:26:e6:a6:b0:92:ac:b5:c6:e7:2e:7f:1b:5a:
58:d2:c5:4a:4e:7c:97:2a:25:0d:7b:6f:25:31:e1:f2:46:28:
11:44:a9:1b:26:17:94:7c:df:c8:e5:0b:b6:da:7c:d5:30:4b:
28:2d:27:a2:57:3a:37:29:9a:4b:a2:e7:2e:11:4f:e5:88:67:
63:29:0f:28
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANvOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI3MDkxODU2WhcNMjUwMjExMDkxODU2WjAYMRYw
FAYDVQQDEw02NzQ2ZTQwNC04MDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzp6xnFI8mErm8fa8EbBIO3fCavMrD9Hc700LJPiE5gjSEpAvvM02NWf9
AQCQxvw/kVKTEggYr9uMFxJQFfS7UU5BTzuY8SAVGeberwJ7supygNk5cUbaxnKc
r0Q4iWNaaKUA+N3Ta+sZun62fVGK8Tob/iokK2xq54aE2AnMAmeOaXyHQVC4OQb7
nP7bs3jteLvC/oR1svN+jYTOTuL48m4A7ESb9e8Y/ZP0qGyl9Q3MNp13HLFsGWw2
+fV7/rLZIJSbm2UcrWKyYKb4PDuShX0WF2CAsWeyQxkkpkDUBW2JLW05IPNF6yGc
ZV9MuRpwVrDEpk6v8EmnHXTyV0pPowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA8R
JZMOt3PAs/JxDNGfiSa7z4S3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMkYzNjJDOEFDQTAxMUVGOEZGQTM2OUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcQ0MA0GCSqGSIb3DQEBCwUA
A4IBAQCByqU5w+FanVkOvsf15K4AubgreyA3BL92MYzd/qxaheCJg/geNBWk/O8X
sliRbER+Swa8mf6CKeUQXLiAD7nt59rZG2XatGDPdYu43jly447yaUZb78sxXqlz
si9bg+pFcOy3rgzI6s8xWYs2MhbUINhmH1MUy2AoftO2AFsxZiZcWH2Efv100fZG
YIrSoN1Ft72cFPTpNsmyMoYCh/Uz9aEqJx5JQyjAZYW+vk7obXB7Nc7nkr2yDybm
prCSrLXG5y5/G1pY0sVKTnyXKiUNe28lMeHyRigRRKkbJheUfN/I5Qu22nzVMEso
LSeiVzo3KZpLoucuEU/liGdjKQ8o
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:50 2025 by rpki-client