Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAC437E2C38A11EFA928B289762E951A.roa
File: AAC437E2C38A11EFA928B289762E951A.roa (raw, json)
Hash identifier: QaTl7hPWhVZMkqfoV6+99fL++sRSBIQpbS6gm/h/HYA=
Subject key identifier: AB:BA:85:15:39:91:2A:24:66:C9:92:72:9A:B2:84:8A:EC:A9:83:B4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECA5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAC437E2C38A11EFA928B289762E951A.roa
Signing time: Thu 26 Dec 2024 13:09:41 +0000
ROA not before: Thu 26 Dec 2024 13:09:37 +0000
ROA not after: Sun 12 Dec 2027 13:09:37 +0000
asID: 17561
IP address blocks: 45.196.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60581 (0xeca5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 13:09:37 2024 GMT
Not After : Dec 12 13:09:37 2027 GMT
Subject: CN=676d5595-d55a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:57:ff:60:96:d9:8b:ec:14:85:e7:8b:8b:86:
52:da:42:f5:ac:20:61:63:18:ef:26:0f:71:22:6b:
20:2c:f5:14:61:5f:6b:78:06:26:7e:a5:3b:35:d4:
f3:fa:3b:2a:55:ac:a5:ad:52:38:8d:d8:2e:8f:53:
14:01:f2:9a:f4:6b:61:8b:dd:7a:bc:0d:f0:07:c3:
44:88:2f:6e:74:e7:60:6d:f9:5e:01:49:56:a6:9a:
5a:e5:4d:22:14:db:92:f5:b8:eb:ff:f0:5d:b9:b3:
95:ec:05:32:ef:22:5d:dd:60:c1:02:39:7e:55:67:
83:ee:e6:c6:27:65:69:75:3a:41:86:6c:f6:aa:06:
b7:f9:c1:a3:d7:47:91:3e:44:62:d1:09:8b:c1:e3:
7f:76:fb:e7:4d:ee:06:ea:9e:72:20:9b:4d:80:5f:
f6:8b:9b:96:76:c9:93:98:94:a1:0e:ab:b5:1c:29:
aa:bb:4d:0c:1a:52:bf:10:55:aa:be:30:b2:68:53:
91:fd:52:b4:4a:b1:34:34:ec:b3:af:4a:82:b0:8f:
90:4b:aa:94:e5:c5:0b:8b:c3:fa:ea:2d:f4:cc:d9:
bd:b0:c5:92:33:e3:ed:02:88:d9:59:19:ad:91:29:
de:b5:63:b9:a1:28:e0:b4:76:e4:f9:ee:91:77:cc:
f1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:BA:85:15:39:91:2A:24:66:C9:92:72:9A:B2:84:8A:EC:A9:83:B4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAC437E2C38A11EFA928B289762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.196.0/24
Signature Algorithm: sha256WithRSAEncryption
68:e1:c4:8c:bc:db:84:c1:7d:3c:df:05:34:16:61:b3:b3:ac:
08:fa:af:ac:f8:81:bd:07:33:ac:38:ce:51:30:72:b8:b4:d6:
1d:35:97:45:53:5c:42:16:54:0f:40:e2:e7:03:cd:3c:7d:85:
d6:26:d5:89:86:e6:6f:04:2c:87:c3:4d:e3:8f:b8:ae:2c:e9:
f6:15:94:2d:94:48:91:47:d0:96:c5:15:6a:76:fb:56:c7:5f:
41:a8:7d:c9:63:8d:14:5d:6c:2c:6a:6b:66:a3:28:f5:02:4b:
89:b2:82:52:d3:40:69:8f:a0:95:49:d5:e9:b1:01:bb:fd:b2:
1a:9a:2b:de:3a:cb:dc:b8:4a:16:bf:ba:d5:66:ed:fe:64:e3:
e2:f6:4d:bb:b5:3c:bb:ff:70:c4:1f:99:ef:0b:cb:a9:f7:fe:
be:e8:a3:3c:30:73:0e:92:7c:0b:04:ed:68:7d:5f:f4:33:51:
e7:4c:d3:f3:ef:b2:8e:9e:3a:d7:9f:7a:ce:1d:cc:0b:d2:74:
7f:b2:a8:34:30:df:fe:15:0d:2d:b8:dc:29:4c:81:93:c3:01:
13:91:84:6c:1e:8a:a5:c8:3c:b4:cc:d4:46:19:8b:88:f9:bf:
89:c8:13:2b:46:3b:9b:b4:3e:ab:89:64:3b:f8:c2:0b:f6:f7:
62:c5:5b:ae
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOylMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTMwOTM3WhcNMjcxMjEyMTMwOTM3WjAYMRYw
FAYDVQQDEw02NzZkNTU5NS1kNTVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn1f/YJbZi+wUheeLi4ZS2kL1rCBhYxjvJg9xImsgLPUUYV9reAYmfqU7
NdTz+jsqVaylrVI4jdguj1MUAfKa9Gthi916vA3wB8NEiC9udOdgbfleAUlWpppa
5U0iFNuS9bjr//BdubOV7AUy7yJd3WDBAjl+VWeD7ubGJ2VpdTpBhmz2qga3+cGj
10eRPkRi0QmLweN/dvvnTe4G6p5yIJtNgF/2i5uWdsmTmJShDqu1HCmqu00MGlK/
EFWqvjCyaFOR/VK0SrE0NOyzr0qCsI+QS6qU5cULi8P66i30zNm9sMWSM+PtAojZ
WRmtkSnetWO5oSjgtHbk+e6Rd8zxBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKu6
hRU5kSokZsmScpqyhIrsqYO0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQUM0MzdFMkMzOEExMUVGQTkyOEIyODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTEMA0GCSqGSIb3DQEBCwUA
A4IBAQBo4cSMvNuEwX083wU0FmGzs6wI+q+s+IG9BzOsOM5RMHK4tNYdNZdFU1xC
FlQPQOLnA808fYXWJtWJhuZvBCyHw03jj7iuLOn2FZQtlEiRR9CWxRVqdvtWx19B
qH3JY40UXWwsamtmoyj1AkuJsoJS00Bpj6CVSdXpsQG7/bIamiveOsvcuEoWv7rV
Zu3+ZOPi9k27tTy7/3DEH5nvC8up9/6+6KM8MHMOknwLBO1ofV/0M1HnTNPz77KO
njrXn3rOHcwL0nR/sqg0MN/+FQ0tuNwpTIGTwwETkYRsHoqlyDy0zNRGGYuI+b+J
yBMrRjubtD6riWQ7+MIL9vdixVuu
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:10 2025 by rpki-client