Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B25CB8B4C39711EF8AC4465C762E951A.roa
File: B25CB8B4C39711EF8AC4465C762E951A.roa (raw, json)
Hash identifier: s+udkTz7F1bsxJVIu1YlkwvxPIxfe4dfJzbKiLDo3x4=
Subject key identifier: 26:10:10:05:16:A5:D1:94:6A:AE:4A:7C:C4:FB:D7:E1:10:D6:DD:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ED33
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B25CB8B4C39711EF8AC4465C762E951A.roa
Signing time: Thu 26 Dec 2024 14:42:57 +0000
ROA not before: Thu 26 Dec 2024 14:42:54 +0000
ROA not after: Fri 12 Dec 2025 14:42:54 +0000
asID: 984
IP address blocks: 45.197.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60723 (0xed33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 14:42:54 2024 GMT
Not After : Dec 12 14:42:54 2025 GMT
Subject: CN=676d6b71-f9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ba:7e:1b:68:7b:b7:5c:07:fd:52:80:93:88:
f1:5f:0c:8a:39:1f:ce:09:4a:75:8a:75:bd:62:1c:
ce:22:c6:2f:3f:25:7c:a7:d5:88:60:f9:6d:e9:c3:
75:7e:69:51:a0:36:8b:8b:10:70:78:3e:79:00:24:
10:c8:ec:7f:d6:3a:30:7c:c7:ca:01:52:49:9e:33:
57:b3:2e:ed:35:ec:42:0f:9f:ab:94:f6:42:c8:69:
63:99:72:7c:80:a2:24:ed:92:ed:ff:ae:de:5d:dd:
7e:2f:f3:18:f5:3c:6a:fc:15:cb:b0:2e:f3:ab:29:
8a:1f:16:0c:e6:63:de:2e:0b:85:44:9d:dd:13:4a:
f9:31:8e:47:94:8c:2b:7b:56:01:6d:f3:8b:6d:10:
51:60:af:37:9e:85:1e:6f:12:e0:2b:4f:c3:a5:b6:
16:5e:57:68:3f:f7:fe:0f:34:b0:90:f9:2f:29:b9:
bf:86:7e:d3:1e:97:4e:c3:9d:04:26:dc:d0:f3:6c:
55:5a:98:2f:55:99:be:05:12:0f:48:8b:03:ca:c3:
b6:0c:d8:f1:48:68:54:b4:1c:10:a8:97:a6:6e:59:
b0:03:6e:fa:86:89:e7:fa:25:76:55:28:e5:0c:3e:
60:a9:4e:5a:d7:6d:77:74:a0:91:f9:bc:44:ee:95:
85:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:10:10:05:16:A5:D1:94:6A:AE:4A:7C:C4:FB:D7:E1:10:D6:DD:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B25CB8B4C39711EF8AC4465C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.128.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:12:12:b2:7e:19:d2:0c:50:98:9d:19:f6:f3:b2:de:1c:96:
1f:f9:e7:a2:13:d0:f9:fb:19:11:98:02:95:7a:04:01:35:9c:
33:f7:25:19:e8:ff:9f:74:ef:44:bb:12:f0:bc:4f:6f:a5:03:
8e:11:9a:d2:e3:6d:28:4b:ac:7b:cc:9e:fd:d7:40:e1:59:ec:
6a:1d:ca:e3:6f:7a:be:3e:3f:c9:d8:8b:ea:0c:44:f9:68:ab:
5f:d5:8a:2a:60:27:f5:97:29:4f:7e:1a:9d:92:8a:23:79:fb:
87:5f:86:18:9d:a8:77:e7:be:10:76:82:a1:2c:bf:1e:26:36:
1f:17:f0:c0:00:c8:d5:3a:52:15:7d:02:b0:37:7c:41:11:b5:
05:c3:93:e6:b3:7f:51:fa:1e:96:57:95:ba:2b:5b:7a:b7:c4:
6f:20:da:b0:e3:26:92:1e:fc:1d:3d:c6:0d:2e:11:45:f6:ab:
57:1d:36:c6:49:60:60:f8:56:b7:e3:90:9a:27:13:62:78:e7:
6b:47:17:b1:32:ec:2f:9e:cf:47:85:2a:d6:2a:30:1e:5b:61:
1a:9d:79:0e:da:1d:cd:04:09:7f:e1:02:09:c9:b7:1d:60:f3:
ee:73:6a:02:f8:fb:3a:db:96:51:54:ca:4d:5b:18:13:52:c0:
dc:cd:2e:27
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO0zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTQ0MjU0WhcNMjUxMjEyMTQ0MjU0WjAYMRYw
FAYDVQQDEw02NzZkNmI3MS1mOWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwrp+G2h7t1wH/VKAk4jxXwyKOR/OCUp1inW9YhzOIsYvPyV8p9WIYPlt
6cN1fmlRoDaLixBweD55ACQQyOx/1jowfMfKAVJJnjNXsy7tNexCD5+rlPZCyGlj
mXJ8gKIk7ZLt/67eXd1+L/MY9Txq/BXLsC7zqymKHxYM5mPeLguFRJ3dE0r5MY5H
lIwre1YBbfOLbRBRYK83noUebxLgK0/DpbYWXldoP/f+DzSwkPkvKbm/hn7THpdO
w50EJtzQ82xVWpgvVZm+BRIPSIsDysO2DNjxSGhUtBwQqJemblmwA276honn+iV2
VSjlDD5gqU5a1213dKCR+bxE7pWFswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCYQ
EAUWpdGUaq5KfMT71+EQ1t30MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMjVDQjhCNEMzOTcxMUVGOEFDNDQ2NUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcWAMA0GCSqGSIb3DQEBCwUA
A4IBAQBdEhKyfhnSDFCYnRn287LeHJYf+eeiE9D5+xkRmAKVegQBNZwz9yUZ6P+f
dO9EuxLwvE9vpQOOEZrS420oS6x7zJ7910DhWexqHcrjb3q+Pj/J2IvqDET5aKtf
1YoqYCf1lylPfhqdkoojefuHX4YYnah3574QdoKhLL8eJjYfF/DAAMjVOlIVfQKw
N3xBEbUFw5Pms39R+h6WV5W6K1t6t8RvINqw4yaSHvwdPcYNLhFF9qtXHTbGSWBg
+Fa345CaJxNieOdrRxexMuwvns9HhSrWKjAeW2EanXkO2h3NBAl/4QIJybcdYPPu
c2oC+Ps625ZRVMpNWxgTUsDczS4n
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:48 2025 by rpki-client