Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3A86100C3F611EFA26D8BBC762E951A.roa
File: B3A86100C3F611EFA26D8BBC762E951A.roa (raw, json)
Hash identifier: YBi32bKBCzdLpGiZjiKYs4nh/4WlVrcQdY/ecjGUz1c=
Subject key identifier: DB:27:9B:A3:AE:AC:43:2C:38:37:C6:A3:86:8D:C2:C2:F0:68:F0:EB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF74
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3A86100C3F611EFA26D8BBC762E951A.roa
Signing time: Fri 27 Dec 2024 02:03:02 +0000
ROA not before: Fri 27 Dec 2024 02:02:57 +0000
ROA not after: Fri 12 Dec 2025 02:02:57 +0000
asID: 984
IP address blocks: 45.194.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61300 (0xef74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 02:02:57 2024 GMT
Not After : Dec 12 02:02:57 2025 GMT
Subject: CN=676e0ad5-4dcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d6:1d:52:6b:d3:25:86:ea:9a:71:cd:2d:cd:
ef:f1:b2:13:32:8c:a9:ee:47:6f:39:bc:7f:10:52:
f0:ba:2f:be:94:64:3a:53:97:ec:6a:4d:89:b2:b4:
9a:5f:86:c5:d8:75:fa:da:ca:a9:3a:73:65:fb:28:
c7:d1:cf:7c:4f:4e:a9:af:cd:a8:bc:4b:80:03:b3:
0a:43:b8:a6:d3:1e:c4:c7:97:06:e2:20:6d:aa:77:
d5:14:12:dd:71:ac:65:99:b7:76:ab:43:0d:ed:a2:
74:ad:80:97:09:40:40:a7:1d:08:40:7f:72:00:30:
1e:15:87:2b:ae:dd:57:3c:2c:8b:90:8f:8a:e6:e6:
f2:9e:8e:aa:e3:7b:b6:93:d0:5f:40:25:4a:40:96:
a6:04:82:4a:fb:e1:d5:9b:f1:a9:58:2d:ad:37:a4:
5c:b7:3e:db:8b:b3:f3:14:2f:49:08:81:c4:ae:b1:
a4:64:23:13:da:1f:20:1c:7d:0a:bb:32:92:0e:b2:
18:2b:c8:38:fa:2e:5a:4d:ba:51:4c:c9:67:4d:13:
8c:ff:93:cf:b5:44:d8:25:9c:41:c6:c5:1a:75:17:
d3:19:df:a6:27:94:0d:4e:1a:16:ec:8a:11:60:6f:
5a:f8:d1:48:12:e9:61:f4:99:5d:6f:66:eb:00:49:
87:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:27:9B:A3:AE:AC:43:2C:38:37:C6:A3:86:8D:C2:C2:F0:68:F0:EB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3A86100C3F611EFA26D8BBC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.13.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:ec:3a:50:1b:54:52:cf:62:53:5d:f6:1f:f5:66:99:ef:64:
b2:12:2c:db:b5:f2:54:36:7a:e6:19:db:98:4d:af:a0:d4:d7:
8b:09:4e:04:a9:47:5f:6f:e6:c6:61:04:a5:99:3f:5a:9d:79:
fc:c5:48:52:6c:ed:15:2e:49:3b:da:19:8b:77:d4:b1:41:dc:
0f:38:87:1a:5a:11:56:70:b2:6d:1f:60:16:57:12:a8:8a:79:
ad:b4:ba:2f:8b:d0:e7:ca:73:9b:21:28:0b:34:29:e1:6f:6b:
91:5a:d9:71:8b:d7:85:08:84:26:e0:94:6e:9b:33:7f:55:30:
13:a9:e1:42:ef:9e:03:2d:d1:82:7b:50:cd:93:54:b9:d2:13:
81:53:e1:0d:3a:01:2b:f9:8e:77:dd:71:ec:20:66:e8:a3:55:
f1:be:22:ee:ee:97:f5:60:00:b5:e8:d1:4c:7a:3d:67:dd:1b:
aa:15:9c:b6:94:e0:28:c1:d0:5d:bc:8e:60:20:9b:98:df:d3:
a3:df:e8:01:ed:ac:47:05:be:b5:2c:42:a7:7d:9f:a0:75:4e:
25:eb:16:bb:ae:e2:4a:2b:64:ef:44:d6:20:af:3c:29:cd:58:
ac:d9:fc:c2:3f:a6:83:0c:4c:07:9c:01:84:fe:56:17:67:f3:
21:51:26:58
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO90MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDIwMjU3WhcNMjUxMjEyMDIwMjU3WjAYMRYw
FAYDVQQDEw02NzZlMGFkNS00ZGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvNYdUmvTJYbqmnHNLc3v8bITMoyp7kdvObx/EFLwui++lGQ6U5fsak2J
srSaX4bF2HX62sqpOnNl+yjH0c98T06pr82ovEuAA7MKQ7im0x7Ex5cG4iBtqnfV
FBLdcaxlmbd2q0MN7aJ0rYCXCUBApx0IQH9yADAeFYcrrt1XPCyLkI+K5ubyno6q
43u2k9BfQCVKQJamBIJK++HVm/GpWC2tN6Rctz7bi7PzFC9JCIHErrGkZCMT2h8g
HH0KuzKSDrIYK8g4+i5aTbpRTMlnTROM/5PPtUTYJZxBxsUadRfTGd+mJ5QNThoW
7IoRYG9a+NFIEulh9Jldb2brAEmHHwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNsn
m6OurEMsODfGo4aNwsLwaPDrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CM0E4NjEwMEMzRjYxMUVGQTI2RDhCQkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcINMA0GCSqGSIb3DQEBCwUA
A4IBAQCs7DpQG1RSz2JTXfYf9WaZ72SyEizbtfJUNnrmGduYTa+g1NeLCU4EqUdf
b+bGYQSlmT9anXn8xUhSbO0VLkk72hmLd9SxQdwPOIcaWhFWcLJtH2AWVxKoinmt
tLovi9DnynObISgLNCnhb2uRWtlxi9eFCIQm4JRumzN/VTATqeFC754DLdGCe1DN
k1S50hOBU+ENOgEr+Y533XHsIGboo1XxviLu7pf1YAC16NFMej1n3RuqFZy2lOAo
wdBdvI5gIJuY39Oj3+gB7axHBb61LEKnfZ+gdU4l6xa7ruJKK2TvRNYgrzwpzVis
2fzCP6aDDEwHnAGE/lYXZ/MhUSZY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:04 2025 by rpki-client