Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C30D164C3A511EF97A19CB0762E951A.roa
File: 1C30D164C3A511EF97A19CB0762E951A.roa (raw, json)
Hash identifier: 7dKNgg68D54+LNDivPll3VKhvf8cR98TkRtnHd61m+M=
Subject key identifier: 0C:9D:5E:94:30:3D:28:AD:78:55:9E:3E:81:E3:7A:3C:3A:5C:26:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDC3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C30D164C3A511EF97A19CB0762E951A.roa
Signing time: Thu 26 Dec 2024 16:18:58 +0000
ROA not before: Thu 26 Dec 2024 16:18:54 +0000
ROA not after: Sun 12 Dec 2027 16:18:54 +0000
asID: 17561
IP address blocks: 45.200.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60867 (0xedc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 16:18:54 2024 GMT
Not After : Dec 12 16:18:54 2027 GMT
Subject: CN=676d81f2-1851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a4:4b:ac:da:70:35:1a:25:f5:1c:d1:b0:ad:
5b:cf:36:2f:ac:b8:84:25:55:5a:3c:14:78:8f:8b:
cf:20:20:04:ca:02:8c:d9:d8:ed:e1:bd:e2:1c:02:
c6:ed:4b:6d:ed:c4:d0:26:22:f5:9c:cc:9f:1f:af:
53:c5:6f:fe:50:7e:fa:bf:67:27:6f:51:cd:5a:c2:
44:c7:14:ca:7e:71:23:8f:c1:fe:47:95:52:bb:ca:
33:f7:4d:4b:e3:b6:54:0f:b0:8e:fb:95:cb:a5:aa:
11:aa:c2:2d:f6:0d:22:78:74:42:91:a3:73:61:6e:
b7:d3:82:f8:47:a1:25:ce:df:e6:49:f0:0b:7a:ce:
bd:7a:84:b2:26:a8:21:d6:14:af:c4:2a:f3:d9:3d:
3e:c2:cd:80:d0:86:19:76:65:48:10:63:d2:c8:e3:
ac:df:0c:06:a0:54:ef:9c:fb:b2:88:38:1f:93:77:
6a:bb:91:8d:0e:f1:7b:8e:43:61:19:81:da:1c:4b:
31:c7:a8:62:4e:56:12:98:1e:fe:c7:6c:33:1b:c7:
e7:97:41:fc:51:29:08:fb:56:f9:fe:1e:33:37:b9:
da:27:f8:29:29:1e:6f:15:7c:2e:a2:bb:e4:d1:1b:
5d:71:0f:f4:07:ba:36:04:6f:aa:f3:aa:9d:b0:60:
57:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:9D:5E:94:30:3D:28:AD:78:55:9E:3E:81:E3:7A:3C:3A:5C:26:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C30D164C3A511EF97A19CB0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.204.0/24
Signature Algorithm: sha256WithRSAEncryption
75:b3:55:8e:7d:d6:5c:d8:c9:7c:4f:70:83:a1:2f:df:1c:9d:
f4:91:fc:60:ab:4d:6d:e7:f0:b5:ef:de:be:37:67:78:27:29:
37:b7:95:f7:05:15:8f:e6:b6:b3:9d:d9:ab:b3:e5:ce:8d:43:
00:f7:13:a2:0d:3a:ba:c3:58:9d:92:c6:08:3b:aa:bc:86:37:
06:b2:26:c9:7b:5f:14:78:3b:e0:bd:f1:6e:e1:24:00:80:4a:
8b:bf:d9:47:cf:c9:e4:ea:44:ff:d9:10:df:17:84:bb:0c:fd:
1f:b8:1d:f9:28:b1:88:79:a8:73:7b:f0:8a:ed:7e:e3:03:88:
9a:64:21:4a:54:c1:90:c4:fc:6c:91:73:1c:6a:6f:d8:51:48:
1e:e5:5a:d8:74:bf:4c:20:b8:6d:58:40:6c:63:4c:ef:14:b7:
78:66:91:83:a2:ba:b5:af:0b:b0:0d:0c:ee:cc:47:37:d0:2a:
b4:f8:b1:20:d8:86:0b:f8:ef:3a:4c:eb:82:7b:e8:0a:1b:97:
a0:da:da:74:c1:49:75:53:97:be:ab:4d:bd:3f:86:73:02:c4:
5c:a0:8e:a9:bc:51:4c:ce:57:d1:d2:77:55:18:fe:39:3d:a9:
cb:bb:b1:07:45:3c:e8:47:46:68:71:c8:9f:d6:9b:d2:f3:c4:
77:74:d8:0e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO3DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTYxODU0WhcNMjcxMjEyMTYxODU0WjAYMRYw
FAYDVQQDEw02NzZkODFmMi0xODUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyaRLrNpwNRol9RzRsK1bzzYvrLiEJVVaPBR4j4vPICAEygKM2djt4b3i
HALG7Utt7cTQJiL1nMyfH69TxW/+UH76v2cnb1HNWsJExxTKfnEjj8H+R5VSu8oz
901L47ZUD7CO+5XLpaoRqsIt9g0ieHRCkaNzYW6304L4R6Elzt/mSfALes69eoSy
Jqgh1hSvxCrz2T0+ws2A0IYZdmVIEGPSyOOs3wwGoFTvnPuyiDgfk3dqu5GNDvF7
jkNhGYHaHEsxx6hiTlYSmB7+x2wzG8fnl0H8USkI+1b5/h4zN7naJ/gpKR5vFXwu
orvk0RtdcQ/0B7o2BG+q86qdsGBXIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAyd
XpQwPSiteFWePoHjejw6XCY3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQzMwRDE2NEMzQTUxMUVGOTdBMTlDQjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcjMMA0GCSqGSIb3DQEBCwUA
A4IBAQB1s1WOfdZc2Ml8T3CDoS/fHJ30kfxgq01t5/C1796+N2d4Jyk3t5X3BRWP
5razndmrs+XOjUMA9xOiDTq6w1idksYIO6q8hjcGsibJe18UeDvgvfFu4SQAgEqL
v9lHz8nk6kT/2RDfF4S7DP0fuB35KLGIeahze/CK7X7jA4iaZCFKVMGQxPxskXMc
am/YUUge5VrYdL9MILhtWEBsY0zvFLd4ZpGDorq1rwuwDQzuzEc30Cq0+LEg2IYL
+O86TOuCe+gKG5eg2tp0wUl1U5e+q029P4ZzAsRcoI6pvFFMzlfR0ndVGP45PanL
u7EHRTzoR0Zoccif1pvS88R3dNgO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:04 2025 by rpki-client