Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7A23B60C38A11EFB414BC8B762E951A.roa
File: D7A23B60C38A11EFB414BC8B762E951A.roa (raw, json)
Hash identifier: 6hGUxyErov2Cn6L4qagFr31znxuzjNtaPu8mEwCDPQ8=
Subject key identifier: 70:2D:13:AB:4F:DD:7A:8B:5B:47:50:A8:14:8D:81:04:60:AE:CA:35
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECA7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7A23B60C38A11EFB414BC8B762E951A.roa
Signing time: Thu 26 Dec 2024 13:10:56 +0000
ROA not before: Thu 26 Dec 2024 13:10:53 +0000
ROA not after: Sun 12 Dec 2027 13:10:53 +0000
asID: 17561
IP address blocks: 45.196.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60583 (0xeca7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 13:10:53 2024 GMT
Not After : Dec 12 13:10:53 2027 GMT
Subject: CN=676d55e0-319a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:de:b3:9b:d9:30:bd:ce:aa:02:a6:a0:d6:9d:
ef:d1:79:68:5a:81:e7:db:c0:52:ec:7a:8b:d5:91:
93:e6:a1:35:a6:24:11:79:a5:0f:fe:f5:3a:49:91:
73:4e:d9:66:d1:22:cb:e5:67:a1:60:3b:b8:2a:31:
09:75:69:ba:ab:06:cf:ef:7d:d1:de:36:91:db:09:
76:ea:33:3d:df:b9:bf:d5:3c:30:e2:e0:bb:b1:ab:
af:d8:71:01:ac:e6:ba:93:1e:01:76:02:62:26:37:
51:17:aa:f0:8b:59:eb:64:1b:50:a6:0d:b0:26:52:
a8:dc:40:e2:87:19:fb:83:46:b7:71:a8:ff:e4:98:
63:16:1b:ff:14:b9:ea:a2:28:98:20:74:b3:b6:37:
a2:ac:9b:bb:cf:24:29:cd:d5:5a:d8:49:83:75:eb:
75:7e:b2:79:dc:28:85:58:56:f1:a3:fc:b7:1c:44:
7e:de:fe:82:ee:58:b6:68:44:e6:3b:74:af:00:70:
48:c2:10:97:4e:d0:d0:e8:ea:48:33:27:86:15:e2:
86:18:a6:07:4a:02:ad:d5:c3:ed:80:26:ea:2d:27:
a8:1f:b7:af:98:4d:05:e3:ca:2d:03:90:b7:8b:9f:
10:53:9a:7f:3c:31:a3:29:30:c9:2b:3b:dd:fa:8a:
14:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:2D:13:AB:4F:DD:7A:8B:5B:47:50:A8:14:8D:81:04:60:AE:CA:35
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7A23B60C38A11EFB414BC8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.197.0/24
Signature Algorithm: sha256WithRSAEncryption
71:29:ee:16:c2:50:d2:d0:8c:46:b3:96:ad:21:2d:98:51:76:
8e:08:51:b2:6d:9a:74:32:1d:9f:6c:cb:6b:3a:2a:bd:b7:18:
29:81:4b:34:15:b4:b3:6a:85:3e:65:0d:ea:f7:3f:a0:d6:b3:
eb:66:31:a6:b4:e5:8d:34:88:a7:23:ef:56:34:63:87:49:db:
07:15:f0:3d:9b:e9:9d:ce:95:69:75:85:01:26:a8:5f:90:d9:
d1:2a:dd:f3:a2:a4:de:57:8d:d1:2b:21:e1:a5:b8:08:64:84:
ef:e8:ef:ed:6c:59:c0:74:9e:d2:be:ff:d0:0e:30:db:80:75:
9d:95:ac:06:9b:4f:68:2a:17:21:88:76:21:9f:9a:bd:be:e2:
1e:be:0a:c6:0f:17:18:a0:1e:bc:2c:6b:db:e8:13:16:53:29:
c6:0e:75:b3:e5:48:50:8a:e7:2f:53:08:fe:6d:49:79:02:36:
b7:41:a1:90:c1:26:33:e7:45:11:ea:3e:46:b6:b4:a0:16:f4:
4b:e3:5b:ed:37:06:aa:26:76:26:94:a9:27:65:09:87:7b:f3:
a9:ba:f8:ea:07:27:03:24:4b:cb:26:64:3a:06:a7:6d:be:66:
a9:f0:f0:55:00:61:fa:09:55:8f:ee:43:9b:c4:88:d2:01:bd:
b9:85:5e:77
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOynMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTMxMDUzWhcNMjcxMjEyMTMxMDUzWjAYMRYw
FAYDVQQDEw02NzZkNTVlMC0zMTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzN6zm9kwvc6qAqag1p3v0XloWoHn28BS7HqL1ZGT5qE1piQReaUP/vU6
SZFzTtlm0SLL5WehYDu4KjEJdWm6qwbP733R3jaR2wl26jM937m/1Tww4uC7sauv
2HEBrOa6kx4BdgJiJjdRF6rwi1nrZBtQpg2wJlKo3EDihxn7g0a3caj/5JhjFhv/
FLnqoiiYIHSztjeirJu7zyQpzdVa2EmDdet1frJ53CiFWFbxo/y3HER+3v6C7li2
aETmO3SvAHBIwhCXTtDQ6OpIMyeGFeKGGKYHSgKt1cPtgCbqLSeoH7evmE0F48ot
A5C3i58QU5p/PDGjKTDJKzvd+ooUNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHAt
E6tP3XqLW0dQqBSNgQRgrso1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EN0EyM0I2MEMzOEExMUVGQjQxNEJDOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTFMA0GCSqGSIb3DQEBCwUA
A4IBAQBxKe4WwlDS0IxGs5atIS2YUXaOCFGybZp0Mh2fbMtrOiq9txgpgUs0FbSz
aoU+ZQ3q9z+g1rPrZjGmtOWNNIinI+9WNGOHSdsHFfA9m+mdzpVpdYUBJqhfkNnR
Kt3zoqTeV43RKyHhpbgIZITv6O/tbFnAdJ7Svv/QDjDbgHWdlawGm09oKhchiHYh
n5q9vuIevgrGDxcYoB68LGvb6BMWUynGDnWz5UhQiucvUwj+bUl5Aja3QaGQwSYz
50UR6j5GtrSgFvRL41vtNwaqJnYmlKknZQmHe/OpuvjqBycDJEvLJmQ6Bqdtvmap
8PBVAGH6CVWP7kObxIjSAb25hV53
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:36 2025 by rpki-client