Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B889930A8BD11EFA792489A762E951A.roa
File: 0B889930A8BD11EFA792489A762E951A.roa (raw, json)
Hash identifier: 3gO+X885T2rc1P4yD05h3QeC4wxB4bwMH56X45nOaUg=
Subject key identifier: 61:69:06:41:F8:C3:52:77:BD:36:97:5E:59:2F:C6:3A:2C:EC:F1:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D7B9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B889930A8BD11EFA792489A762E951A.roa
Signing time: Fri 22 Nov 2024 10:32:17 +0000
ROA not before: Fri 22 Nov 2024 10:32:13 +0000
ROA not after: Sat 08 Nov 2025 10:32:13 +0000
asID: 133847
IP address blocks: 45.200.82.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55225 (0xd7b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 22 10:32:13 2024 GMT
Not After : Nov 8 10:32:13 2025 GMT
Subject: CN=67405db1-3b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0e:62:f9:28:49:d6:9a:b1:e3:26:59:4a:6d:
11:8e:85:24:1a:a6:54:97:47:39:5d:ec:42:76:1f:
84:15:ad:26:a9:21:01:94:33:ef:45:de:72:e6:d0:
01:27:91:3b:8f:f5:60:4d:e1:59:63:a3:02:c9:de:
7b:d7:34:41:68:88:24:9e:2b:ff:4a:e9:c0:c1:cb:
13:c0:bf:43:7b:45:f4:a3:f3:c0:63:3c:f5:38:96:
4b:21:97:f5:80:28:a8:3a:33:df:3a:be:c7:96:39:
1a:5e:cd:04:e4:b4:65:48:f8:d3:ff:79:02:26:8e:
6d:f6:fa:f3:26:e2:a8:5c:2d:fd:b1:1b:bc:91:25:
cf:32:5e:e0:8e:8a:49:6e:5c:ad:c5:5e:67:e2:45:
37:5b:34:66:2c:d5:81:ab:3e:c8:c7:b1:2c:fe:76:
a5:27:e8:3e:7f:5a:7f:02:45:fb:8b:30:15:9f:0c:
4b:f1:dc:9b:44:42:33:bf:68:2a:9c:64:c4:2c:8b:
cd:d7:39:d0:9b:8f:ce:e7:8d:36:67:8c:7e:45:ff:
d9:d0:65:a6:0a:88:a5:30:28:66:f2:4e:cf:10:91:
54:fe:e7:65:14:54:c3:67:b3:a3:6c:a9:17:f8:17:
3f:68:a1:bd:20:e3:a5:ac:a4:ac:01:a2:f1:9f:03:
f0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:69:06:41:F8:C3:52:77:BD:36:97:5E:59:2F:C6:3A:2C:EC:F1:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B889930A8BD11EFA792489A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.82.0/23
Signature Algorithm: sha256WithRSAEncryption
62:4f:94:0d:51:0d:d8:52:6d:be:db:12:cf:14:05:71:2d:63:
38:66:2f:92:dc:bc:fd:45:d1:e6:a3:b5:e8:00:89:8a:ab:ed:
fa:89:b7:38:42:00:aa:f1:a2:7e:1b:cb:87:29:a1:dd:0e:4e:
2f:6e:de:04:b9:fa:ac:b8:ef:ae:86:9a:25:f9:cd:cb:39:97:
32:08:89:32:c0:4c:32:39:48:77:48:ba:a5:61:68:dd:e7:0a:
a7:eb:f0:07:56:0e:89:9d:69:72:da:cc:7b:2b:b1:d5:dc:da:
11:c3:93:f5:ce:2c:8f:26:6a:df:95:73:bb:2d:20:00:79:5e:
ae:54:9e:fd:e3:57:f8:95:1b:6e:b5:59:f8:6c:a2:b0:77:e3:
2b:06:bf:49:a8:a0:0e:46:c6:39:19:e7:01:99:8f:8f:7d:1c:
58:e2:3c:66:39:63:95:46:ba:48:36:98:66:fe:de:0f:91:b0:
0e:4a:9d:e6:d9:53:1e:4a:a9:97:95:ba:d8:34:12:e4:7a:d9:
12:ad:30:8f:75:4a:1f:23:75:23:3a:80:e8:f3:db:85:52:99:
d9:60:c1:98:b2:20:a8:55:4a:bd:87:d1:57:48:61:d9:a9:cc:
31:9d:2e:e8:b2:25:bf:39:bb:4c:38:4f:b9:9f:a2:74:5a:a3:
69:43:d5:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANe5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTIyMTAzMjEzWhcNMjUxMTA4MTAzMjEzWjAYMRYw
FAYDVQQDEw02NzQwNWRiMS0zYjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsg5i+ShJ1pqx4yZZSm0RjoUkGqZUl0c5XexCdh+EFa0mqSEBlDPvRd5y
5tABJ5E7j/VgTeFZY6MCyd571zRBaIgkniv/SunAwcsTwL9De0X0o/PAYzz1OJZL
IZf1gCioOjPfOr7HljkaXs0E5LRlSPjT/3kCJo5t9vrzJuKoXC39sRu8kSXPMl7g
jopJblytxV5n4kU3WzRmLNWBqz7Ix7Es/nalJ+g+f1p/AkX7izAVnwxL8dybREIz
v2gqnGTELIvN1znQm4/O5402Z4x+Rf/Z0GWmCoilMChm8k7PEJFU/udlFFTDZ7Oj
bKkX+Bc/aKG9IOOlrKSsAaLxnwPwhQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGFp
BkH4w1J3vTaXXlkvxjos7PHKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQjg4OTkzMEE4QkQxMUVGQTc5MjQ4OUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLchSMA0GCSqGSIb3DQEBCwUA
A4IBAQBiT5QNUQ3YUm2+2xLPFAVxLWM4Zi+S3Lz9RdHmo7XoAImKq+36ibc4QgCq
8aJ+G8uHKaHdDk4vbt4EufqsuO+uhpol+c3LOZcyCIkywEwyOUh3SLqlYWjd5wqn
6/AHVg6JnWly2sx7K7HV3NoRw5P1ziyPJmrflXO7LSAAeV6uVJ7941f4lRtutVn4
bKKwd+MrBr9JqKAORsY5GecBmY+PfRxY4jxmOWOVRrpINphm/t4PkbAOSp3m2VMe
SqmXlbrYNBLketkSrTCPdUofI3UjOoDo89uFUpnZYMGYsiCoVUq9h9FXSGHZqcwx
nS7osiW/ObtMOE+5n6J0WqNpQ9Wr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:13 2025 by rpki-client