Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D15B0902C39011EF8E5328B1762E951A.roa
File: D15B0902C39011EF8E5328B1762E951A.roa (raw, json)
Hash identifier: agddHPvgzhUiwbQl0Qy8iSxZhEgARHdGuf1KiVfSUR8=
Subject key identifier: BF:FF:30:CC:3D:92:13:9B:C6:3E:9B:C7:00:CD:5B:ED:17:60:89:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECE7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D15B0902C39011EF8E5328B1762E951A.roa
Signing time: Thu 26 Dec 2024 13:53:43 +0000
ROA not before: Thu 26 Dec 2024 13:53:39 +0000
ROA not after: Sun 12 Dec 2027 13:53:39 +0000
asID: 17561
IP address blocks: 45.196.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60647 (0xece7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 13:53:39 2024 GMT
Not After : Dec 12 13:53:39 2027 GMT
Subject: CN=676d5fe7-6081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6d:35:1d:ed:82:96:a1:0f:3f:5d:36:76:01:
ff:b9:f6:c7:ef:a0:e5:a9:fb:a4:5c:e1:21:2d:3b:
5a:c0:7c:e2:7d:70:17:0d:93:01:36:c5:db:44:0a:
59:ca:5e:29:71:e7:71:4b:13:f2:a7:1a:29:d2:cb:
1f:67:87:04:87:7b:dc:2f:df:1b:14:b9:25:6f:de:
f8:f1:92:78:69:57:70:1a:e2:53:e9:cd:25:e6:29:
9b:a0:fe:07:d0:d2:4a:5c:c0:21:5f:43:cf:72:a5:
93:1f:dc:9b:af:c0:aa:40:6f:6b:9f:35:9d:1f:0a:
39:47:84:e7:34:7b:4b:00:5b:b5:da:72:43:cf:cf:
e0:4d:58:aa:c3:00:2e:93:16:85:30:24:4c:56:53:
be:e9:65:35:8f:9b:21:65:86:01:30:b8:5a:2a:3f:
49:35:33:b2:52:4a:4f:fa:6a:cd:9d:7c:1a:37:b8:
a4:e9:df:73:40:9e:16:3a:3e:21:25:f9:59:26:a6:
c4:14:44:19:04:77:14:bd:e1:ad:30:b2:57:25:da:
e0:87:f6:d0:fd:89:f0:19:c2:9b:ca:17:be:a0:61:
a1:5a:b5:4d:05:72:0b:02:ea:3b:09:b0:c3:b9:82:
cd:bd:02:b8:18:bd:b3:55:0f:63:02:b1:ce:32:80:
1c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:FF:30:CC:3D:92:13:9B:C6:3E:9B:C7:00:CD:5B:ED:17:60:89:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D15B0902C39011EF8E5328B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.229.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:04:b4:67:d2:e6:7a:8c:a5:7b:6a:16:ab:cd:6b:c2:cf:f9:
2b:0b:78:30:f1:f6:8e:15:65:9e:f6:64:42:d9:79:ad:6b:c4:
f0:69:07:9b:b4:36:df:8c:c1:83:9b:a5:35:6d:a4:84:b8:68:
f9:92:0c:3b:88:d3:8d:6d:e0:05:2f:3d:d2:56:e0:6e:0c:87:
4d:7c:de:5a:ca:66:4b:81:eb:14:63:a7:b9:36:3d:5f:a5:c5:
3c:dc:3f:04:f4:4d:8d:42:56:f5:8d:1c:fa:11:d0:7d:dd:9a:
00:1a:34:91:46:cf:c9:22:87:94:c9:39:4b:3a:67:b9:4b:86:
62:fb:70:ec:a1:b2:c4:2a:f5:35:62:03:34:30:a6:8b:1b:d5:
a6:e7:32:bc:2d:c1:b0:d5:50:b4:5a:a7:7b:76:40:ef:08:2b:
b7:90:63:3b:d1:bb:16:92:c3:04:67:84:ec:e3:b0:88:63:72:
3e:ac:8a:35:7c:d2:b0:b9:df:e3:d4:23:75:64:4c:31:d5:ba:
21:ef:af:b0:35:a2:33:3e:a3:a1:05:42:31:e0:e1:ec:72:f0:
79:38:27:fc:33:04:a3:f6:4f:72:1b:7b:8d:ce:03:27:e8:53:
b8:aa:e2:97:5a:7e:b0:cd:28:f4:a7:d5:db:1d:fa:75:13:38:
a6:20:3d:4a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOznMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTM1MzM5WhcNMjcxMjEyMTM1MzM5WjAYMRYw
FAYDVQQDEw02NzZkNWZlNy02MDgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtm01He2ClqEPP102dgH/ufbH76DlqfukXOEhLTtawHzifXAXDZMBNsXb
RApZyl4pcedxSxPypxop0ssfZ4cEh3vcL98bFLklb9748ZJ4aVdwGuJT6c0l5imb
oP4H0NJKXMAhX0PPcqWTH9ybr8CqQG9rnzWdHwo5R4TnNHtLAFu12nJDz8/gTViq
wwAukxaFMCRMVlO+6WU1j5shZYYBMLhaKj9JNTOyUkpP+mrNnXwaN7ik6d9zQJ4W
Oj4hJflZJqbEFEQZBHcUveGtMLJXJdrgh/bQ/YnwGcKbyhe+oGGhWrVNBXILAuo7
CbDDuYLNvQK4GL2zVQ9jArHOMoAc6wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL//
MMw9khObxj6bxwDNW+0XYIlJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMTVCMDkwMkMzOTAxMUVGOEU1MzI4QjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTlMA0GCSqGSIb3DQEBCwUA
A4IBAQCaBLRn0uZ6jKV7aharzWvCz/krC3gw8faOFWWe9mRC2Xmta8TwaQebtDbf
jMGDm6U1baSEuGj5kgw7iNONbeAFLz3SVuBuDIdNfN5aymZLgesUY6e5Nj1fpcU8
3D8E9E2NQlb1jRz6EdB93ZoAGjSRRs/JIoeUyTlLOme5S4Zi+3DsobLEKvU1YgM0
MKaLG9Wm5zK8LcGw1VC0Wqd7dkDvCCu3kGM70bsWksMEZ4Ts47CIY3I+rIo1fNKw
ud/j1CN1ZEwx1boh76+wNaIzPqOhBUIx4OHscvB5OCf8MwSj9k9yG3uNzgMn6FO4
quKXWn6wzSj0p9XbHfp1EzimID1K
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:55 2025 by rpki-client