Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3789366C3F811EF9A839E4B762E951A.roa
File: A3789366C3F811EF9A839E4B762E951A.roa (raw, json)
Hash identifier: 2Q5yaU02KoZyvfOaQO7yZHEP/p0CGMpuDMBqTkOc3rQ=
Subject key identifier: 25:50:63:E1:25:A8:DE:9D:F8:8F:55:86:01:17:A2:A1:D5:9F:CE:C9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF88
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3789366C3F811EF9A839E4B762E951A.roa
Signing time: Fri 27 Dec 2024 02:16:53 +0000
ROA not before: Fri 27 Dec 2024 02:16:49 +0000
ROA not after: Sun 12 Dec 2027 02:16:49 +0000
asID: 17561
IP address blocks: 45.194.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61320 (0xef88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 02:16:49 2024 GMT
Not After : Dec 12 02:16:49 2027 GMT
Subject: CN=676e0e15-4190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:33:f2:9c:4e:ea:59:08:58:14:0a:4f:ce:ec:
a0:6c:ac:80:6a:73:06:16:2b:90:77:8c:8c:44:b3:
19:d0:d2:2b:e8:0a:b8:1a:09:60:40:9c:b8:4a:f5:
f3:8f:ef:80:b5:45:20:ed:85:af:dd:9b:1c:f0:15:
ba:68:b5:63:34:34:a1:98:1a:aa:ef:8d:96:66:08:
72:01:90:25:91:0c:2c:2b:66:95:40:b2:d7:95:31:
0a:29:4f:52:21:18:91:61:8c:2d:73:0d:42:8a:7f:
cd:d0:1a:bc:67:73:d7:41:69:eb:5b:db:60:7d:e2:
5d:c9:39:59:e8:cc:a0:7d:a8:c3:28:c7:7a:8c:ac:
36:d7:48:63:5c:a0:bb:fa:2a:20:09:77:1d:c5:25:
81:8d:9b:eb:e2:12:c7:43:b1:ef:87:18:cb:0c:cd:
05:c9:98:b3:ee:20:cd:7c:61:14:0c:31:98:c1:d5:
0d:29:17:37:8d:d0:fc:08:92:35:9f:0b:8c:c7:61:
db:62:85:b9:98:40:1c:e2:b0:50:0e:50:70:5d:26:
7e:07:29:43:f7:b8:01:eb:c1:a1:06:98:9b:b9:e8:
9f:1a:37:8c:a8:19:1e:b1:39:de:e4:35:6f:1a:49:
a9:cb:c6:02:5e:54:01:77:ea:fb:a6:d0:8f:50:b9:
31:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:50:63:E1:25:A8:DE:9D:F8:8F:55:86:01:17:A2:A1:D5:9F:CE:C9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3789366C3F811EF9A839E4B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.85.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:4b:f7:fb:23:f3:4a:e7:39:86:b7:24:e5:39:e9:74:c3:90:
58:97:b1:a4:ef:35:40:5d:26:65:e3:d0:54:be:20:66:f3:77:
34:ec:3f:ac:f0:50:33:95:9d:a4:d8:54:58:6a:96:d6:a0:60:
ba:c5:a5:67:2d:f6:a6:1e:a7:de:db:af:45:94:17:29:06:83:
e2:1b:bf:50:b0:b2:dd:3a:af:91:c1:e7:f6:4e:ad:d6:6a:75:
9c:10:7a:53:b5:3a:ce:1b:60:11:59:18:a5:b8:b8:b5:21:c6:
66:16:1f:3d:ca:92:69:b1:16:fd:e9:96:0f:e2:c9:da:30:fe:
cf:93:8d:5f:2a:8a:df:ac:d8:7a:d3:4a:fd:a7:ab:00:ec:35:
0c:c5:46:14:75:2c:4a:ce:ae:4a:60:ee:3d:a6:0a:1e:2a:a4:
93:62:d4:58:9f:94:70:3a:a9:b0:7d:f6:94:5f:73:4c:42:cf:
74:6d:f8:b1:38:c8:a9:19:8d:21:25:27:fa:7a:2b:0c:e1:cc:
78:f0:f6:59:70:ae:74:c3:c7:2b:24:9e:1d:f4:24:3d:99:d2:
e4:45:e8:4c:09:e9:e3:a4:d7:b9:1e:f7:5a:29:50:a1:17:e2:
a9:6f:11:d3:3e:9d:d5:80:d3:60:d9:b7:7b:c3:67:fa:c9:49:
22:45:ff:8d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO+IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDIxNjQ5WhcNMjcxMjEyMDIxNjQ5WjAYMRYw
FAYDVQQDEw02NzZlMGUxNS00MTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArjPynE7qWQhYFApPzuygbKyAanMGFiuQd4yMRLMZ0NIr6Aq4GglgQJy4
SvXzj++AtUUg7YWv3Zsc8BW6aLVjNDShmBqq742WZghyAZAlkQwsK2aVQLLXlTEK
KU9SIRiRYYwtcw1Cin/N0Bq8Z3PXQWnrW9tgfeJdyTlZ6MygfajDKMd6jKw210hj
XKC7+iogCXcdxSWBjZvr4hLHQ7HvhxjLDM0FyZiz7iDNfGEUDDGYwdUNKRc3jdD8
CJI1nwuMx2HbYoW5mEAc4rBQDlBwXSZ+BylD97gB68GhBpibueifGjeMqBkesTne
5DVvGkmpy8YCXlQBd+r7ptCPULkxUQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCVQ
Y+ElqN6d+I9VhgEXoqHVn87JMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMzc4OTM2NkMzRjgxMUVGOUE4MzlFNEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcJVMA0GCSqGSIb3DQEBCwUA
A4IBAQCsS/f7I/NK5zmGtyTlOel0w5BYl7Gk7zVAXSZl49BUviBm83c07D+s8FAz
lZ2k2FRYapbWoGC6xaVnLfamHqfe269FlBcpBoPiG79QsLLdOq+Rwef2Tq3WanWc
EHpTtTrOG2ARWRiluLi1IcZmFh89ypJpsRb96ZYP4snaMP7Pk41fKorfrNh600r9
p6sA7DUMxUYUdSxKzq5KYO49pgoeKqSTYtRYn5RwOqmwffaUX3NMQs90bfixOMip
GY0hJSf6eisM4cx48PZZcK50w8crJJ4d9CQ9mdLkRehMCenjpNe5HvdaKVChF+Kp
bxHTPp3VgNNg2bd7w2f6yUkiRf+N
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:24 2025 by rpki-client