Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/231D9FC0BDBA11EF95D4324B762E951A.roa
File: 231D9FC0BDBA11EF95D4324B762E951A.roa (raw, json)
Hash identifier: BY4dcQQwdNM5ETIesUYERefndc57k7RgJBAZ3BEjLLM=
Subject key identifier: A2:21:70:4C:89:47:4F:87:B4:8F:58:FC:84:D5:F3:F2:C0:B7:2F:A2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E525
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/231D9FC0BDBA11EF95D4324B762E951A.roa
Signing time: Thu 19 Dec 2024 03:34:22 +0000
ROA not before: Thu 19 Dec 2024 03:34:19 +0000
ROA not after: Wed 10 Dec 2025 03:34:19 +0000
asID: 984
IP address blocks: 45.204.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58661 (0xe525)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 03:34:19 2024 GMT
Not After : Dec 10 03:34:19 2025 GMT
Subject: CN=6763943e-22f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:92:80:74:f4:5f:f8:11:93:63:62:d3:4f:d8:
2a:bf:f2:0d:a0:af:f7:98:0a:d0:fd:0d:56:7b:2c:
49:07:8d:79:73:60:5e:0d:65:cb:03:ce:7a:81:e2:
07:bc:d2:7e:e9:85:f9:63:39:62:76:1b:03:ab:41:
74:da:1c:3c:3b:8a:d5:0e:d8:66:28:43:1c:fb:d3:
56:14:18:18:45:cb:4f:b6:a0:aa:4a:c8:7c:e9:9f:
1f:6d:f3:7b:43:85:3b:38:84:51:ec:bb:3f:ef:a3:
58:4a:c3:8a:98:de:eb:0a:17:cd:21:af:da:ac:fa:
48:96:58:3a:a4:c1:ee:a6:f7:21:63:52:ec:f2:f3:
e8:70:b2:da:6b:c9:02:e8:d9:db:19:f2:52:6a:4e:
61:fa:75:42:be:89:7b:67:76:36:26:cd:90:c6:6e:
bd:a6:c2:e6:04:d6:2a:8d:36:6f:19:89:33:6d:b4:
1c:0e:b0:90:99:2b:b4:3c:3b:0d:3f:be:e3:c7:06:
3a:35:83:97:e2:d4:a2:c3:a1:ec:32:ed:2f:ec:64:
99:ac:85:b1:ee:d7:4c:7e:8c:df:43:cc:8f:1a:0d:
52:3c:a5:74:2b:d4:02:96:e7:a0:20:20:cb:5f:f0:
27:6e:f8:bd:b9:be:4f:2f:a6:d1:05:d5:fe:3d:2a:
29:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:21:70:4C:89:47:4F:87:B4:8F:58:FC:84:D5:F3:F2:C0:B7:2F:A2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/231D9FC0BDBA11EF95D4324B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.233.0/24
Signature Algorithm: sha256WithRSAEncryption
37:86:97:cb:25:08:2c:a3:3f:78:d5:34:80:2e:7b:fe:ca:49:
a2:46:d7:c8:e0:fb:7c:56:8a:27:28:6c:c2:6d:89:17:2a:a2:
79:07:32:f1:ab:ac:dc:29:61:09:26:e0:e5:fc:c5:01:dc:3f:
48:1f:9e:39:83:ee:34:02:1d:4e:b6:21:0f:3d:2a:32:37:db:
eb:66:64:b2:a1:57:84:3b:de:ec:27:e9:5e:cc:50:f2:1e:ab:
25:92:1f:57:8f:30:98:fe:d1:dc:22:ad:0d:40:d0:63:b9:0c:
37:d3:50:18:29:9f:65:d9:1d:9a:e8:e2:01:1b:3e:41:d6:5f:
36:81:37:8b:c5:90:90:ad:75:0c:91:82:f3:76:c9:2c:3e:e7:
a6:c3:da:1e:5b:61:95:7f:6b:46:24:3f:a2:8a:7b:ea:41:03:
a2:a8:81:6c:a6:be:5d:11:07:98:b5:63:5d:7a:1d:6d:27:1e:
a4:59:07:c0:3f:a0:84:91:33:cc:36:27:86:59:b6:58:7d:73:
0a:1d:79:16:e1:a0:f4:0d:be:bb:d1:6e:b8:b1:b6:55:bb:26:
15:63:fd:02:80:c8:e3:ee:77:ad:53:f6:bc:c4:62:b2:7f:22:
e9:c2:2e:9a:a3:46:a5:e0:90:dd:a0:70:5d:b2:aa:2b:31:dc:
45:59:1b:86
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOUlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDMzNDE5WhcNMjUxMjEwMDMzNDE5WjAYMRYw
FAYDVQQDEw02NzYzOTQzZS0yMmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1JKAdPRf+BGTY2LTT9gqv/INoK/3mArQ/Q1WeyxJB415c2BeDWXLA856
geIHvNJ+6YX5YzlidhsDq0F02hw8O4rVDthmKEMc+9NWFBgYRctPtqCqSsh86Z8f
bfN7Q4U7OIRR7Ls/76NYSsOKmN7rChfNIa/arPpIllg6pMHupvchY1Ls8vPocLLa
a8kC6NnbGfJSak5h+nVCvol7Z3Y2Js2Qxm69psLmBNYqjTZvGYkzbbQcDrCQmSu0
PDsNP77jxwY6NYOX4tSiw6HsMu0v7GSZrIWx7tdMfozfQ8yPGg1SPKV0K9QClueg
ICDLX/Anbvi9ub5PL6bRBdX+PSopCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKIh
cEyJR0+HtI9Y/ITV8/LAty+iMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMzFEOUZDMEJEQkExMUVGOTVENDMyNEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALczpMA0GCSqGSIb3DQEBCwUA
A4IBAQA3hpfLJQgsoz941TSALnv+ykmiRtfI4Pt8VoonKGzCbYkXKqJ5BzLxq6zc
KWEJJuDl/MUB3D9IH545g+40Ah1OtiEPPSoyN9vrZmSyoVeEO97sJ+lezFDyHqsl
kh9XjzCY/tHcIq0NQNBjuQw301AYKZ9l2R2a6OIBGz5B1l82gTeLxZCQrXUMkYLz
dsksPuemw9oeW2GVf2tGJD+iinvqQQOiqIFspr5dEQeYtWNdeh1tJx6kWQfAP6CE
kTPMNieGWbZYfXMKHXkW4aD0Db670W64sbZVuyYVY/0CgMjj7netU/a8xGKyfyLp
wi6ao0al4JDdoHBdsqorMdxFWRuG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:44 2025 by rpki-client