Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/240AD144CF2811EF90D0E675762E951A.roa
File: 240AD144CF2811EF90D0E675762E951A.roa (raw, json)
Hash identifier: cNcoGYfYW2HXm5xV1vgeb6A378BeRghkLQQQklJGA0U=
Subject key identifier: D3:C2:DA:5A:03:A6:59:28:BE:11:F9:79:86:74:29:15:BC:AA:4D:73
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104FD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/240AD144CF2811EF90D0E675762E951A.roa
Signing time: Fri 10 Jan 2025 07:54:38 +0000
ROA not before: Fri 10 Jan 2025 07:54:35 +0000
ROA not after: Sun 16 Feb 2025 07:54:35 +0000
asID: 6079
IP address blocks: 45.205.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66813 (0x104fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 07:54:35 2025 GMT
Not After : Feb 16 07:54:35 2025 GMT
Subject: CN=6780d23e-fbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e9:f3:17:f1:94:7e:22:e6:d3:38:dd:3f:cd:
05:7f:42:cd:b5:0a:f1:68:75:7f:5a:82:e3:49:00:
bf:6e:42:e6:f5:b5:c6:67:ea:2d:5a:1e:83:84:9f:
4c:45:a7:c1:ae:9e:73:6f:28:32:a6:fd:ef:56:7f:
93:76:e7:62:e4:b6:c3:ba:28:10:b3:66:40:3c:b8:
24:ff:59:df:81:d1:95:ca:21:95:8e:43:5d:13:2c:
46:19:29:da:1c:08:53:f3:6d:1b:6a:bc:a6:de:47:
81:19:4a:c5:e1:7d:7a:df:d3:8c:4d:ac:36:86:7f:
59:58:46:25:4e:44:45:ec:b2:7a:89:6b:7a:f9:21:
d5:5d:e9:83:a9:fd:5b:53:18:67:0b:d9:ad:66:ac:
3d:ec:47:1c:1f:bb:79:8b:12:ad:06:bf:a0:27:7a:
d8:1a:67:76:00:96:23:71:6e:72:66:c4:56:1a:00:
82:3c:d3:45:73:0d:a8:8b:93:9c:f6:ec:07:09:cd:
c2:8c:54:0f:77:0f:57:6c:80:55:9a:b4:56:83:bb:
2c:e0:03:c1:5f:fe:04:bd:50:19:6b:d8:68:21:56:
0a:4c:c3:1a:73:e3:38:20:af:ed:3b:9c:9f:c5:25:
6c:20:ab:eb:11:7e:89:d3:2e:7c:8d:0f:96:c0:3f:
e4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C2:DA:5A:03:A6:59:28:BE:11:F9:79:86:74:29:15:BC:AA:4D:73
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/240AD144CF2811EF90D0E675762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.170.0/23
Signature Algorithm: sha256WithRSAEncryption
87:65:84:91:11:44:9f:97:b4:ea:f4:16:85:9f:2b:e5:ac:08:
99:82:c3:51:25:73:70:57:14:e6:d4:b4:79:09:8b:83:53:ab:
6c:a2:87:d3:45:6e:c4:5e:f4:68:b9:58:77:18:2d:ee:6c:d6:
fe:22:d7:50:ca:bf:1f:b0:21:1a:d1:f0:b6:42:97:37:4a:19:
80:12:36:fd:35:36:bc:53:78:48:3e:22:a6:c9:f7:9b:f9:92:
a6:4f:6e:7c:2f:43:1c:f0:ab:5d:a6:f4:d9:3a:25:6b:e2:d8:
a4:ab:fb:b9:f9:c3:7f:90:ba:c4:6c:ac:0e:91:3e:52:dc:f0:
18:52:6a:f8:57:c5:a4:68:2f:0e:86:e1:b2:c5:ce:c0:de:ee:
b6:ec:a8:03:94:b4:3b:8c:46:38:be:95:e0:65:b0:9c:1e:29:
a8:6d:3c:1e:97:73:b0:3d:ec:30:6a:37:86:b9:1a:41:9a:36:
ec:1b:26:f7:5b:26:41:19:09:ac:0a:b4:43:f2:f5:6e:28:db:
f0:87:55:3f:27:7b:27:ca:be:2e:af:14:b7:2c:79:4e:13:a0:
81:b8:69:59:bf:44:19:27:99:89:cb:be:bc:43:6c:ac:37:fe:
38:88:76:87:54:83:cd:2c:93:62:c7:65:52:fc:68:c3:9e:f0:
ef:38:25:45
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQT9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDc1NDM1WhcNMjUwMjE2MDc1NDM1WjAYMRYw
FAYDVQQDEw02NzgwZDIzZS1mYmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwunzF/GUfiLm0zjdP80Ff0LNtQrxaHV/WoLjSQC/bkLm9bXGZ+otWh6D
hJ9MRafBrp5zbygypv3vVn+Tdudi5LbDuigQs2ZAPLgk/1nfgdGVyiGVjkNdEyxG
GSnaHAhT820barym3keBGUrF4X1639OMTaw2hn9ZWEYlTkRF7LJ6iWt6+SHVXemD
qf1bUxhnC9mtZqw97EccH7t5ixKtBr+gJ3rYGmd2AJYjcW5yZsRWGgCCPNNFcw2o
i5Oc9uwHCc3CjFQPdw9XbIBVmrRWg7ss4APBX/4EvVAZa9hoIVYKTMMac+M4IK/t
O5yfxSVsIKvrEX6J0y58jQ+WwD/kOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNPC
2loDplkovhH5eYZ0KRW8qk1zMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNDBBRDE0NENGMjgxMUVGOTBEMEU2NzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLc2qMA0GCSqGSIb3DQEBCwUA
A4IBAQCHZYSREUSfl7Tq9BaFnyvlrAiZgsNRJXNwVxTm1LR5CYuDU6tsoofTRW7E
XvRouVh3GC3ubNb+ItdQyr8fsCEa0fC2Qpc3ShmAEjb9NTa8U3hIPiKmyfeb+ZKm
T258L0Mc8KtdpvTZOiVr4tikq/u5+cN/kLrEbKwOkT5S3PAYUmr4V8WkaC8OhuGy
xc7A3u627KgDlLQ7jEY4vpXgZbCcHimobTwel3OwPewwajeGuRpBmjbsGyb3WyZB
GQmsCrRD8vVuKNvwh1U/J3snyr4urxS3LHlOE6CBuGlZv0QZJ5mJy768Q2ysN/44
iHaHVIPNLJNix2VS/GjDnvDvOCVF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:47 2025 by rpki-client