Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CF2C262C3A911EFB9D5564A762E951A.roa
File: 0CF2C262C3A911EFB9D5564A762E951A.roa (raw, json)
Hash identifier: IdGI1Cge8CNkcozrO79gxM0WYDCV+IcDkFEXPpv5XBY=
Subject key identifier: BA:B2:4E:D1:A5:04:0F:CB:E5:37:88:EB:07:84:93:C5:C0:05:49:61
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDED
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CF2C262C3A911EFB9D5564A762E951A.roa
Signing time: Thu 26 Dec 2024 16:47:11 +0000
ROA not before: Thu 26 Dec 2024 16:47:07 +0000
ROA not after: Sun 12 Dec 2027 16:47:07 +0000
asID: 17561
IP address blocks: 45.200.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60909 (0xeded)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 16:47:07 2024 GMT
Not After : Dec 12 16:47:07 2027 GMT
Subject: CN=676d888e-197f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c7:20:1f:6f:9c:b3:96:7d:94:e3:d0:d9:a9:
69:89:a9:29:37:99:56:55:d7:45:45:96:46:b5:e4:
2c:6b:72:4e:c5:1f:08:8a:3b:05:85:01:72:2a:da:
57:1a:c6:68:0e:2d:c1:0a:50:69:4c:8c:bb:fd:26:
33:ca:71:cc:61:3a:e6:96:3f:af:f1:69:bd:00:5e:
21:25:46:1c:1c:96:6b:30:25:90:0a:c9:04:4e:4f:
df:35:71:de:14:32:47:1d:f3:e0:2b:91:62:49:e7:
67:5b:ab:b0:03:4f:56:a6:87:16:02:ff:49:4f:81:
15:f1:e4:9a:31:5f:e6:8d:8e:8f:53:a7:29:90:dd:
b0:1a:5e:a3:19:9d:52:32:22:8b:b1:fc:87:19:66:
cf:64:47:7b:16:68:3c:6f:d8:e0:c8:1d:2f:24:f2:
51:54:6b:4b:c1:66:13:c5:35:d3:69:75:9a:1f:bb:
39:53:13:4e:65:9c:d6:5e:1d:7d:80:39:8b:fa:f4:
b2:c9:6f:3b:60:aa:88:68:2f:53:8a:eb:3b:2d:57:
6a:03:a2:47:6a:61:6f:56:82:01:16:2e:96:22:12:
31:d8:a1:c3:3c:f3:fa:0b:b8:10:18:95:4e:5f:a3:
85:29:db:fc:34:fa:7b:0d:21:2d:85:06:10:f7:09:
02:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B2:4E:D1:A5:04:0F:CB:E5:37:88:EB:07:84:93:C5:C0:05:49:61
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CF2C262C3A911EFB9D5564A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.225.0/24
Signature Algorithm: sha256WithRSAEncryption
79:3e:42:f8:46:28:f5:d1:0b:ed:94:fc:3a:46:53:73:21:82:
8c:93:f4:20:19:b4:76:37:35:77:7e:63:8e:80:c2:55:58:ba:
23:c3:8f:a5:80:90:f6:7c:fa:e5:18:ea:e8:37:49:84:2f:01:
a7:82:df:55:3d:55:3f:fc:d9:56:8f:57:c1:07:c7:4f:07:52:
77:72:cc:df:04:24:9a:2d:22:1d:92:97:03:61:dd:ab:d6:9d:
0b:79:fa:33:4c:65:a0:b1:7a:6d:ff:35:0d:7b:d5:5f:f8:f3:
5a:2f:12:9e:73:6b:07:3a:fa:38:61:68:15:3a:11:74:26:54:
84:8c:4f:57:9b:30:cf:aa:d4:8b:63:b8:ff:13:ee:a4:63:9c:
7e:80:72:33:14:b5:70:81:67:b1:24:d7:7d:4e:e1:56:ac:99:
18:f0:81:15:d0:fe:7b:2f:5d:63:96:68:31:92:99:fb:d1:1d:
ca:83:9a:f2:fe:81:46:e8:e2:c6:29:0d:cc:d8:82:1f:04:5d:
ca:e1:e8:07:33:03:66:5f:73:5a:51:2a:5b:39:29:bd:5f:7a:
bd:2b:2a:ff:f2:34:d6:62:cb:d3:e9:60:09:8f:6b:d9:6e:01:
24:96:4a:c9:8c:4f:92:74:28:ec:25:fb:43:49:eb:44:10:09:
83:a2:73:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO3tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTY0NzA3WhcNMjcxMjEyMTY0NzA3WjAYMRYw
FAYDVQQDEw02NzZkODg4ZS0xOTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnccgH2+cs5Z9lOPQ2alpiakpN5lWVddFRZZGteQsa3JOxR8IijsFhQFy
KtpXGsZoDi3BClBpTIy7/SYzynHMYTrmlj+v8Wm9AF4hJUYcHJZrMCWQCskETk/f
NXHeFDJHHfPgK5FiSednW6uwA09WpocWAv9JT4EV8eSaMV/mjY6PU6cpkN2wGl6j
GZ1SMiKLsfyHGWbPZEd7Fmg8b9jgyB0vJPJRVGtLwWYTxTXTaXWaH7s5UxNOZZzW
Xh19gDmL+vSyyW87YKqIaC9Tius7LVdqA6JHamFvVoIBFi6WIhIx2KHDPPP6C7gQ
GJVOX6OFKdv8NPp7DSEthQYQ9wkClQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLqy
TtGlBA/L5TeI6weEk8XABUlhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQ0YyQzI2MkMzQTkxMUVGQjlENTU2NEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcjhMA0GCSqGSIb3DQEBCwUA
A4IBAQB5PkL4Rij10QvtlPw6RlNzIYKMk/QgGbR2NzV3fmOOgMJVWLojw4+lgJD2
fPrlGOroN0mELwGngt9VPVU//NlWj1fBB8dPB1J3cszfBCSaLSIdkpcDYd2r1p0L
efozTGWgsXpt/zUNe9Vf+PNaLxKec2sHOvo4YWgVOhF0JlSEjE9XmzDPqtSLY7j/
E+6kY5x+gHIzFLVwgWexJNd9TuFWrJkY8IEV0P57L11jlmgxkpn70R3Kg5ry/oFG
6OLGKQ3M2IIfBF3K4egHMwNmX3NaUSpbOSm9X3q9Kyr/8jTWYsvT6WAJj2vZbgEk
lkrJjE+SdCjsJftDSetEEAmDonN9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:56 2025 by rpki-client