Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C80326BCAD5811EFA16241A8762E951A.roa
File: C80326BCAD5811EFA16241A8762E951A.roa (raw, json)
Hash identifier: oOf2geKmVOJnWhfdOXg5x1DzWJByzrx8NrunFfcOP/s=
Subject key identifier: 3B:39:0C:1C:AA:62:3E:A8:5D:DE:54:56:23:36:8A:6A:4B:86:BC:56
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DC39
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C80326BCAD5811EFA16241A8762E951A.roa
Signing time: Thu 28 Nov 2024 07:17:10 +0000
ROA not before: Thu 28 Nov 2024 07:17:06 +0000
ROA not after: Tue 11 Feb 2025 07:17:06 +0000
asID: 399989
IP address blocks: 45.196.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56377 (0xdc39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 28 07:17:06 2024 GMT
Not After : Feb 11 07:17:06 2025 GMT
Subject: CN=674818f6-6a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ed:dd:ea:df:42:28:1e:80:a2:72:6a:3b:ff:
6c:79:95:e0:6a:06:c9:95:5e:01:ca:bd:ce:85:24:
33:6d:c9:9a:1c:6b:72:da:ce:72:6c:c2:3a:37:3c:
46:b9:ea:78:66:09:5e:96:f2:29:84:27:c8:47:90:
83:b5:61:85:14:88:4a:96:67:3f:cd:be:4b:8c:c7:
1e:33:48:91:50:54:4a:54:75:23:9f:81:d9:8f:91:
a0:3e:9f:47:a9:fe:b5:b6:5a:3a:08:05:5a:b8:51:
eb:25:bc:b9:93:ab:ce:11:6a:f6:9d:64:49:93:58:
0a:5c:81:f6:93:11:70:25:62:58:4f:6e:b2:69:ae:
27:ab:e0:70:cd:a7:62:e6:75:46:ac:00:93:b3:a2:
10:ec:14:95:32:60:49:b1:2f:9c:e5:6d:81:05:a0:
48:5d:51:4c:b2:ca:3f:24:38:fe:0f:72:f7:3a:79:
a1:e3:16:61:c6:99:6f:95:7b:cb:2d:ab:a8:c5:e6:
4d:2d:85:cf:75:1d:a1:3c:d5:65:91:77:d2:18:e0:
cd:2e:9c:8d:b1:f7:e1:df:80:ae:73:d8:20:6f:b6:
48:cc:cc:d2:70:da:52:49:36:17:2d:f2:b6:0d:a4:
28:9c:b0:b6:af:5b:1c:d1:85:64:08:6f:08:1f:ca:
d7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:39:0C:1C:AA:62:3E:A8:5D:DE:54:56:23:36:8A:6A:4B:86:BC:56
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C80326BCAD5811EFA16241A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.40.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:34:29:0d:36:09:79:58:69:e6:8e:c2:05:00:66:6d:90:fe:
5b:d5:e1:f9:90:58:8b:69:85:32:b0:db:16:57:3f:4d:a2:eb:
97:e5:24:ea:46:eb:28:30:fb:44:12:0e:56:f2:12:2d:e7:56:
33:34:6a:1d:aa:ab:e5:86:e7:16:dc:4f:fe:c2:fa:0c:00:99:
b0:4a:ea:b1:12:a5:05:41:1b:6b:20:85:10:b5:68:35:4c:ba:
1e:31:d7:5e:b1:41:f6:54:13:12:0b:46:79:11:87:2e:94:38:
d6:c1:38:0f:74:d6:7d:60:22:65:a1:49:28:f3:90:5b:72:ed:
ac:8e:ac:ae:0a:18:38:e4:7e:fb:6e:a5:ae:41:1e:ea:13:58:
bf:f9:b0:cc:ef:10:dd:a7:02:58:a1:e0:e3:b5:62:d4:29:87:
fa:9d:2d:7b:47:99:d1:99:e4:5f:f2:00:94:05:ec:29:e2:ed:
9a:63:1c:fb:87:63:82:64:4c:79:50:f4:86:39:6a:f4:ee:d2:
21:cb:14:5b:ae:c4:f9:35:95:b7:cc:b3:48:fb:27:8d:bb:93:
8b:86:77:c0:18:d5:f9:62:d4:7c:6f:0e:81:70:de:3b:c7:a5:
2e:33:a4:4f:35:44:c5:6b:46:c7:bc:92:db:92:7f:cb:a0:12:
43:42:81:79
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANw5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI4MDcxNzA2WhcNMjUwMjExMDcxNzA2WjAYMRYw
FAYDVQQDEw02NzQ4MThmNi02YThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1O3d6t9CKB6AonJqO/9seZXgagbJlV4Byr3OhSQzbcmaHGty2s5ybMI6
NzxGuep4ZglelvIphCfIR5CDtWGFFIhKlmc/zb5LjMceM0iRUFRKVHUjn4HZj5Gg
Pp9Hqf61tlo6CAVauFHrJby5k6vOEWr2nWRJk1gKXIH2kxFwJWJYT26yaa4nq+Bw
zadi5nVGrACTs6IQ7BSVMmBJsS+c5W2BBaBIXVFMsso/JDj+D3L3Onmh4xZhxplv
lXvLLauoxeZNLYXPdR2hPNVlkXfSGODNLpyNsffh34Cuc9ggb7ZIzMzScNpSSTYX
LfK2DaQonLC2r1sc0YVkCG8IH8rXEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDs5
DByqYj6oXd5UViM2impLhrxWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DODAzMjZCQ0FENTgxMUVGQTE2MjQxQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcQoMA0GCSqGSIb3DQEBCwUA
A4IBAQAONCkNNgl5WGnmjsIFAGZtkP5b1eH5kFiLaYUysNsWVz9NouuX5STqRuso
MPtEEg5W8hIt51YzNGodqqvlhucW3E/+wvoMAJmwSuqxEqUFQRtrIIUQtWg1TLoe
MddesUH2VBMSC0Z5EYculDjWwTgPdNZ9YCJloUko85Bbcu2sjqyuChg45H77bqWu
QR7qE1i/+bDM7xDdpwJYoeDjtWLUKYf6nS17R5nRmeRf8gCUBewp4u2aYxz7h2OC
ZEx5UPSGOWr07tIhyxRbrsT5NZW3zLNI+yeNu5OLhnfAGNX5YtR8bw6BcN47x6Uu
M6RPNUTFa0bHvJLbkn/LoBJDQoF5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:01 2025 by rpki-client