Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E7625CECC38F11EFAF430FAB762E951A.roa
File: E7625CECC38F11EFAF430FAB762E951A.roa (raw, json)
Hash identifier: sC82lCs9trjjamzPkLfUr/waTFJTt/CT9+63QR3GWlU=
Subject key identifier: 46:17:18:A3:37:C4:C7:77:CF:D4:15:3D:C9:CD:84:C0:8A:D9:1D:40
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ECDD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E7625CECC38F11EFAF430FAB762E951A.roa
Signing time: Thu 26 Dec 2024 13:47:10 +0000
ROA not before: Thu 26 Dec 2024 13:47:07 +0000
ROA not after: Sun 12 Dec 2027 13:47:07 +0000
asID: 17561
IP address blocks: 45.196.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60637 (0xecdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 13:47:07 2024 GMT
Not After : Dec 12 13:47:07 2027 GMT
Subject: CN=676d5e5e-6e38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a5:64:3f:ac:46:be:a0:bd:c3:8f:35:9d:9b:
45:f0:20:65:58:a0:14:e9:a4:fe:71:84:53:a5:98:
c8:c0:b0:3f:3a:fa:9b:c8:52:e5:f6:fe:4d:a9:95:
87:4d:cc:b2:3d:63:1b:fe:ae:c3:b7:e6:a5:0f:90:
00:96:a7:1d:6b:c7:eb:0d:67:08:7f:5b:cb:41:b7:
eb:06:c2:be:6d:6f:2e:f7:d2:42:9c:5c:f6:d6:e9:
32:41:02:ad:d6:39:05:30:d6:69:06:05:6a:4f:5d:
3f:99:b6:2a:4f:82:e3:76:7f:9a:f4:9b:ef:93:cb:
87:b5:06:0e:78:d9:df:e7:a9:c5:9f:66:71:9a:b6:
a9:9b:c1:a9:ab:fe:fe:58:b4:62:e8:f2:ed:cf:d1:
a8:a5:7e:46:3b:76:f2:6c:38:13:1b:c1:24:e4:d1:
1f:26:39:7b:06:e2:ad:0f:cf:8b:88:7a:ba:0a:df:
d9:a9:5b:1f:a8:81:2e:a7:e6:5a:1a:4f:ec:a0:58:
4c:84:df:67:59:4b:02:70:08:42:32:dc:b8:06:76:
b2:f2:6d:a3:ef:26:fc:f3:0a:1d:9f:63:c8:d9:ee:
4d:65:2c:88:dc:17:fc:ff:28:df:c1:36:61:e1:8b:
34:00:bd:2e:38:26:95:ce:cd:c1:d4:a3:10:75:da:
11:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:17:18:A3:37:C4:C7:77:CF:D4:15:3D:C9:CD:84:C0:8A:D9:1D:40
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E7625CECC38F11EFAF430FAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.224.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:d6:6d:34:93:2d:44:03:51:29:02:89:b0:de:19:f2:9f:f5:
07:1d:be:65:28:07:0f:9a:15:c8:c0:f7:af:cf:ce:e2:fb:4b:
67:79:47:e6:2c:d6:c6:e2:ac:8a:5b:b3:67:87:20:28:50:40:
e2:c3:0f:b0:c2:1e:35:b8:14:08:71:9b:51:d8:3a:49:a3:f9:
2c:d7:14:cd:1f:c2:db:40:8c:1d:c5:e5:a8:b5:40:ae:a0:0c:
b0:6f:e0:ba:50:e0:e5:3c:96:f4:76:c0:70:a3:18:f3:fa:1e:
07:00:44:30:e9:e0:66:58:65:c8:d1:70:a8:98:30:68:08:52:
73:c7:1b:49:05:fe:27:c6:60:5d:87:44:84:bd:e2:6a:f7:4a:
f6:3d:af:33:e7:5f:ea:2e:cf:36:6e:fc:70:d3:d8:5f:0f:52:
bc:7c:df:69:c1:e0:7b:17:8d:57:96:98:c4:d2:3b:1b:f8:c2:
68:96:f1:dd:c4:b2:c7:ae:9a:63:12:27:6c:d4:f6:b8:69:98:
06:b7:82:7b:d1:6a:b6:fb:5e:01:2f:a1:b4:8d:df:e2:0a:d5:
39:ee:b7:7e:46:69:ce:d1:83:9a:92:d1:b9:bb:76:3b:ea:0a:
fe:0b:ee:0f:97:1f:be:22:ba:b3:56:67:d5:e0:fa:4a:86:91:
6c:7f:24:d2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOzdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTM0NzA3WhcNMjcxMjEyMTM0NzA3WjAYMRYw
FAYDVQQDEw02NzZkNWU1ZS02ZTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAraVkP6xGvqC9w481nZtF8CBlWKAU6aT+cYRTpZjIwLA/OvqbyFLl9v5N
qZWHTcyyPWMb/q7Dt+alD5AAlqcda8frDWcIf1vLQbfrBsK+bW8u99JCnFz21uky
QQKt1jkFMNZpBgVqT10/mbYqT4Ljdn+a9Jvvk8uHtQYOeNnf56nFn2Zxmrapm8Gp
q/7+WLRi6PLtz9GopX5GO3bybDgTG8Ek5NEfJjl7BuKtD8+LiHq6Ct/ZqVsfqIEu
p+ZaGk/soFhMhN9nWUsCcAhCMty4Bnay8m2j7yb88wodn2PI2e5NZSyI3Bf8/yjf
wTZh4Ys0AL0uOCaVzs3B1KMQddoRbwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEYX
GKM3xMd3z9QVPcnNhMCK2R1AMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNzYyNUNFQ0MzOEYxMUVGQUY0MzBGQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTgMA0GCSqGSIb3DQEBCwUA
A4IBAQAb1m00ky1EA1EpAomw3hnyn/UHHb5lKAcPmhXIwPevz87i+0tneUfmLNbG
4qyKW7NnhyAoUEDiww+wwh41uBQIcZtR2DpJo/ks1xTNH8LbQIwdxeWotUCuoAyw
b+C6UODlPJb0dsBwoxjz+h4HAEQw6eBmWGXI0XComDBoCFJzxxtJBf4nxmBdh0SE
veJq90r2Pa8z51/qLs82bvxw09hfD1K8fN9pweB7F41XlpjE0jsb+MJolvHdxLLH
rppjEids1Pa4aZgGt4J70Wq2+14BL6G0jd/iCtU57rd+RmnO0YOaktG5u3Y76gr+
C+4Plx++IrqzVmfV4PpKhpFsfyTS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:18 2025 by rpki-client