Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C38D1994D15711EF940C11BC762E951A.roa
File: C38D1994D15711EF940C11BC762E951A.roa (raw, json)
Hash identifier: 2PvJ34H7Z+GNG89YiDk6oGeTFBELiX03kpW8mVBs2XU=
Subject key identifier: A9:DA:7E:03:7C:EE:88:9C:6B:DF:87:7C:CA:10:DE:4A:F6:F3:F4:DF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010652
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C38D1994D15711EF940C11BC762E951A.roa
Signing time: Mon 13 Jan 2025 02:40:34 +0000
ROA not before: Mon 13 Jan 2025 02:40:31 +0000
ROA not after: Thu 13 Mar 2025 02:40:31 +0000
asID: 17561
IP address blocks: 45.202.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67154 (0x10652)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 02:40:31 2025 GMT
Not After : Mar 13 02:40:31 2025 GMT
Subject: CN=67847d22-117c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4b:64:35:60:33:b0:66:41:be:ad:65:89:db:
77:07:cb:bd:13:0c:1b:a9:2a:ed:a7:11:bc:e2:e7:
a3:78:9f:7d:45:3c:47:ab:19:f0:c1:ea:61:f2:36:
9e:2a:1e:27:c4:7d:85:37:1b:05:19:1f:3e:77:d8:
ad:5a:92:8a:ac:81:b5:32:d8:db:e9:36:58:a0:3d:
52:d5:8d:bb:e5:f8:f1:be:49:5b:f7:67:73:de:b8:
55:91:a8:ef:d2:58:a8:45:54:8f:00:f3:5b:13:31:
ef:06:ef:f5:9c:e8:3d:86:18:80:c6:12:ea:bc:96:
f0:4a:25:ae:c1:e9:1d:22:08:75:cd:47:5f:9b:e1:
ad:e2:2e:33:5d:27:0c:45:0d:88:cd:9d:7e:ea:bb:
e8:ea:b8:67:1b:6f:d9:ea:59:91:fd:52:98:f2:55:
c7:5b:cb:18:30:fd:9a:e5:bc:b0:74:dd:ba:99:a6:
fc:04:22:68:39:65:88:9f:90:e0:b5:88:0b:10:08:
88:13:a9:b5:2e:79:af:4c:1d:5c:c4:1f:06:e8:59:
1c:90:56:f7:0b:1c:d9:38:e8:4d:97:98:e3:1a:5b:
d1:e6:53:a1:f4:49:7b:71:b5:01:c2:e6:d2:49:5f:
b0:5a:58:51:10:42:c2:2d:fd:ff:06:e1:00:10:3f:
4c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DA:7E:03:7C:EE:88:9C:6B:DF:87:7C:CA:10:DE:4A:F6:F3:F4:DF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C38D1994D15711EF940C11BC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.32.0/22
Signature Algorithm: sha256WithRSAEncryption
97:30:86:6f:9e:85:2a:69:2e:f5:42:4c:4d:0f:90:0e:28:da:
b2:b7:9a:d0:19:13:26:a8:46:7d:aa:9a:9a:25:95:5f:27:a4:
18:4c:10:16:3f:4c:39:d8:ce:1d:e3:74:6a:05:16:ae:3a:c5:
09:39:e7:ba:7b:ea:66:1f:65:24:77:87:b6:31:4a:56:49:56:
e8:c9:45:e1:a4:f6:97:9a:8f:d9:96:b0:28:9d:b3:c3:e3:de:
58:a6:4f:56:77:01:16:bf:3e:b3:00:8f:87:f0:02:6e:e0:90:
b5:c1:a8:07:40:26:e7:ba:a3:a7:3b:78:b0:74:0f:e1:0c:18:
ef:fc:c6:10:ac:af:bf:90:ee:39:12:9c:b1:4f:a5:1a:4b:9a:
b2:2b:91:a2:c0:f2:00:f0:98:01:f3:91:50:a4:c9:92:89:55:
8c:ae:d6:02:5c:ea:76:45:c1:a7:53:10:5c:e1:53:50:cf:0c:
c0:07:9a:08:4c:74:46:16:34:39:cb:22:55:5a:58:88:85:f6:
8b:42:44:08:90:1e:35:a1:55:60:a6:41:bb:26:19:c1:60:70:
e1:66:38:7c:1b:6b:34:74:56:97:20:4d:8a:b4:89:59:a0:d2:
a3:fd:73:cf:1b:95:25:4e:74:9e:42:d4:1d:2b:e4:46:27:e7:
10:cc:b2:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQZSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDI0MDMxWhcNMjUwMzEzMDI0MDMxWjAYMRYw
FAYDVQQDEw02Nzg0N2QyMi0xMTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqEtkNWAzsGZBvq1lidt3B8u9EwwbqSrtpxG84uejeJ99RTxHqxnwweph
8jaeKh4nxH2FNxsFGR8+d9itWpKKrIG1Mtjb6TZYoD1S1Y275fjxvklb92dz3rhV
kajv0lioRVSPAPNbEzHvBu/1nOg9hhiAxhLqvJbwSiWuwekdIgh1zUdfm+Gt4i4z
XScMRQ2IzZ1+6rvo6rhnG2/Z6lmR/VKY8lXHW8sYMP2a5bywdN26mab8BCJoOWWI
n5DgtYgLEAiIE6m1LnmvTB1cxB8G6FkckFb3CxzZOOhNl5jjGlvR5lOh9El7cbUB
wubSSV+wWlhREELCLf3/BuEAED9MAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKna
fgN87oica9+HfMoQ3kr28/TfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMzhEMTk5NEQxNTcxMUVGOTQwQzExQkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcogMA0GCSqGSIb3DQEBCwUA
A4IBAQCXMIZvnoUqaS71QkxND5AOKNqyt5rQGRMmqEZ9qpqaJZVfJ6QYTBAWP0w5
2M4d43RqBRauOsUJOee6e+pmH2Ukd4e2MUpWSVboyUXhpPaXmo/ZlrAonbPD495Y
pk9WdwEWvz6zAI+H8AJu4JC1wagHQCbnuqOnO3iwdA/hDBjv/MYQrK+/kO45Epyx
T6UaS5qyK5GiwPIA8JgB85FQpMmSiVWMrtYCXOp2RcGnUxBc4VNQzwzAB5oITHRG
FjQ5yyJVWliIhfaLQkQIkB41oVVgpkG7JhnBYHDhZjh8G2s0dFaXIE2KtIlZoNKj
/XPPG5UlTnSeQtQdK+RGJ+cQzLLn
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:54 2025 by rpki-client