Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/08B61910C3BD11EFA3F72A49762E951A.roa
File: 08B61910C3BD11EFA3F72A49762E951A.roa (raw, json)
Hash identifier: Iz95NzK3d/9kGMJhOCoCEOE3z1//f20d7lJ/vNUsAiY=
Subject key identifier: 43:CD:CE:B5:85:6F:54:1A:15:D9:D3:55:3C:3E:60:45:64:C6:10:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EEBD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/08B61910C3BD11EFA3F72A49762E951A.roa
Signing time: Thu 26 Dec 2024 19:10:13 +0000
ROA not before: Thu 26 Dec 2024 19:10:10 +0000
ROA not after: Sun 12 Dec 2027 19:10:10 +0000
asID: 17561
IP address blocks: 45.207.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61117 (0xeebd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 19:10:10 2024 GMT
Not After : Dec 12 19:10:10 2027 GMT
Subject: CN=676daa15-81af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5a:84:69:78:01:f0:7e:0f:72:65:f4:d9:d1:
cc:b9:f5:68:1b:cf:d8:af:9a:d7:f8:eb:45:d6:70:
20:05:5a:b4:d6:ea:37:68:5c:d1:bd:73:8a:3c:ea:
62:08:83:a4:a1:cf:70:f9:cc:0f:50:29:d1:c6:9b:
1b:13:05:30:58:dc:48:be:93:0e:fe:1b:ec:21:2d:
f4:fa:24:7a:1e:bc:7e:82:dc:4d:2e:31:1c:ca:60:
14:e9:ac:37:64:c7:a0:4f:f5:48:3f:8d:e4:1a:08:
1b:b5:00:0b:a0:99:ad:ec:7b:7d:ca:55:22:11:74:
86:1c:06:f8:27:bc:d9:fe:e1:e3:c0:1f:74:9a:54:
0f:21:71:e6:0c:f4:5f:1a:81:5b:ff:77:66:3a:d9:
40:49:ce:34:81:7d:a3:d1:1b:a2:4b:5e:e5:ea:21:
3c:c8:dc:51:18:51:e2:af:8d:6c:79:e7:6e:3f:d4:
79:6f:53:15:4a:c3:c8:8b:7c:b2:6b:40:44:3d:45:
6f:13:09:b6:92:1d:1a:6b:38:59:a8:e7:70:db:b4:
92:9d:c0:78:19:f4:1f:51:af:0d:51:f2:97:11:d2:
35:f6:6d:38:e7:d0:fa:75:65:2e:77:b6:99:3d:f9:
1c:17:88:66:17:16:9d:52:c5:a7:69:a8:be:d7:8b:
8d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CD:CE:B5:85:6F:54:1A:15:D9:D3:55:3C:3E:60:45:64:C6:10:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/08B61910C3BD11EFA3F72A49762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.159.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:ff:71:37:95:e5:89:38:89:c4:31:5c:74:bd:44:74:1d:18:
73:40:7c:3b:30:df:33:6b:fb:8b:56:a6:31:5a:5c:2b:9b:93:
6e:b0:2b:19:49:fc:c9:00:db:3b:f3:50:09:b6:56:17:31:aa:
ab:17:c5:68:a2:d6:77:62:cf:e9:25:d8:4f:e0:c0:75:d7:43:
a9:d4:7e:f9:c7:a3:d2:e4:8d:a8:0a:3a:68:75:a2:0b:24:dc:
a8:01:12:52:31:9b:32:3a:94:e8:08:58:22:a2:15:c9:b7:0c:
43:e7:ab:d5:db:a4:a0:45:13:e4:73:f1:2f:95:1b:3c:96:04:
f9:8d:39:6f:a4:c4:d8:17:ff:82:f9:95:20:6c:07:f5:bb:15:
0a:bd:53:04:a9:01:7d:08:05:55:83:e7:c7:77:63:8b:57:56:
6f:47:c4:82:37:e4:49:b7:9c:98:e9:df:e0:10:ff:ee:f6:c1:
95:1e:5e:7f:1f:2f:5c:e2:9b:ee:34:4e:f4:0b:81:55:b6:15:
12:a4:8f:82:89:28:3f:b2:d4:f1:41:32:cc:a7:3e:96:80:42:
cb:5f:75:9b:f5:5e:04:54:16:17:d0:6d:47:94:44:d2:21:13:
cd:ae:51:26:9b:01:fc:cb:00:13:c4:30:b7:dd:d0:b8:a0:54:
33:37:34:fa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO69MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTkxMDEwWhcNMjcxMjEyMTkxMDEwWjAYMRYw
FAYDVQQDEw02NzZkYWExNS04MWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtFqEaXgB8H4PcmX02dHMufVoG8/Yr5rX+OtF1nAgBVq01uo3aFzRvXOK
POpiCIOkoc9w+cwPUCnRxpsbEwUwWNxIvpMO/hvsIS30+iR6Hrx+gtxNLjEcymAU
6aw3ZMegT/VIP43kGggbtQALoJmt7Ht9ylUiEXSGHAb4J7zZ/uHjwB90mlQPIXHm
DPRfGoFb/3dmOtlASc40gX2j0RuiS17l6iE8yNxRGFHir41seeduP9R5b1MVSsPI
i3yya0BEPUVvEwm2kh0aazhZqOdw27SSncB4GfQfUa8NUfKXEdI19m0459D6dWUu
d7aZPfkcF4hmFxadUsWnaai+14uNFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEPN
zrWFb1QaFdnTVTw+YEVkxhAGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wOEI2MTkxMEMzQkQxMUVGQTNGNzJBNDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+fMA0GCSqGSIb3DQEBCwUA
A4IBAQC7/3E3leWJOInEMVx0vUR0HRhzQHw7MN8za/uLVqYxWlwrm5NusCsZSfzJ
ANs781AJtlYXMaqrF8VootZ3Ys/pJdhP4MB110Op1H75x6PS5I2oCjpodaILJNyo
ARJSMZsyOpToCFgiohXJtwxD56vV26SgRRPkc/EvlRs8lgT5jTlvpMTYF/+C+ZUg
bAf1uxUKvVMEqQF9CAVVg+fHd2OLV1ZvR8SCN+RJt5yY6d/gEP/u9sGVHl5/Hy9c
4pvuNE70C4FVthUSpI+CiSg/stTxQTLMpz6WgELLX3Wb9V4EVBYX0G1HlETSIRPN
rlEmmwH8ywATxDC33dC4oFQzNzT6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:12 2025 by rpki-client