Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A7E5EFEC3AE11EFB0512F6A762E951A.roa
File: 2A7E5EFEC3AE11EFB0512F6A762E951A.roa (raw, json)
Hash identifier: 85XyXgYmiQb/gsDkIn+qCHsFB+xr7vDXyJbOshsb75c=
Subject key identifier: 16:72:86:F8:9C:25:12:86:CB:9E:9F:57:D6:04:7D:FF:71:BE:CC:F9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE23
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A7E5EFEC3AE11EFB0512F6A762E951A.roa
Signing time: Thu 26 Dec 2024 17:23:48 +0000
ROA not before: Thu 26 Dec 2024 17:23:44 +0000
ROA not after: Sun 12 Dec 2027 17:23:44 +0000
asID: 17561
IP address blocks: 45.200.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60963 (0xee23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 17:23:44 2024 GMT
Not After : Dec 12 17:23:44 2027 GMT
Subject: CN=676d9124-8854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:83:f4:ce:8c:61:cb:7c:07:cd:cf:aa:f7:5b:
83:aa:c6:fd:d4:77:6a:0a:c5:97:99:df:38:a8:06:
73:11:ed:2c:41:0d:71:0f:ee:f9:86:c0:f5:c6:e0:
38:a5:23:f6:14:bc:43:ab:40:bf:4c:82:6c:8a:1e:
1d:9e:bd:3f:f6:87:72:c6:1a:93:da:c1:d2:0c:f7:
b3:c3:a1:d1:5c:c9:e6:86:f9:23:de:53:60:bb:bc:
93:d6:df:91:f6:8d:b1:a8:08:10:76:10:c5:ef:e6:
8b:87:95:6c:f9:3a:5c:2c:82:76:7c:80:19:76:87:
09:c4:74:f3:67:ad:62:5d:2a:50:a6:d5:09:72:2c:
b0:87:98:c8:f6:d4:78:c1:fc:51:cf:6f:55:81:d3:
bb:6f:de:01:ab:59:72:0b:45:50:45:c5:e8:23:cd:
a5:1b:9d:24:fa:b0:85:2a:4a:cd:de:74:14:ed:37:
43:ff:c2:8c:82:4a:4d:a7:07:23:cb:30:57:85:0e:
8b:07:7c:8b:aa:36:8c:e5:0d:eb:87:f4:6a:19:9c:
6c:aa:5a:80:ef:8b:61:99:94:9e:5e:01:da:94:86:
f2:7b:31:6c:67:35:01:fd:77:03:d0:bf:1e:9e:1b:
0c:6c:05:0d:84:5e:cc:58:7a:72:66:75:28:80:57:
b5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:72:86:F8:9C:25:12:86:CB:9E:9F:57:D6:04:7D:FF:71:BE:CC:F9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A7E5EFEC3AE11EFB0512F6A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.252.0/24
Signature Algorithm: sha256WithRSAEncryption
73:7f:0a:c7:be:e6:14:16:21:36:e0:d8:7e:6b:6a:4f:ea:e8:
52:4a:82:3d:6a:c2:bf:a1:74:89:e3:03:a9:4f:2f:9e:d4:3d:
26:52:03:0b:48:ca:d8:a3:35:5b:76:61:57:64:26:43:a4:66:
2f:a2:d5:c5:ba:12:d2:47:1c:da:fa:96:b3:ae:7b:d2:de:52:
5c:7c:6f:fe:0d:cc:b3:0f:19:bf:1f:24:5e:d8:ac:a6:5c:2d:
37:d0:c1:08:17:58:50:25:cd:9d:ec:08:88:97:7f:2a:b9:93:
8a:99:22:50:a5:29:aa:68:7e:9b:9f:07:5f:bc:5a:79:d8:0c:
08:d9:73:8b:18:2c:09:e7:da:7b:c8:3c:a1:96:f0:d9:14:bd:
d4:7a:6d:da:cf:93:09:8f:29:ba:16:5e:22:04:76:37:39:1a:
bb:9b:97:1c:ca:a8:f4:15:a8:dd:0a:38:04:73:51:f8:15:2c:
b3:59:fb:81:19:0e:2f:b1:89:d7:a1:63:5c:aa:83:5f:9c:cc:
60:87:58:7d:b3:97:26:df:0c:67:11:46:e8:ff:07:01:2b:48:
d3:15:ec:26:d2:13:62:a2:60:88:bc:dc:1b:99:c0:61:8b:18:
62:59:21:d7:f2:cd:c6:8b:4c:27:5a:e6:57:9b:dc:2d:76:e2:
7b:39:6f:5b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO4jMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTcyMzQ0WhcNMjcxMjEyMTcyMzQ0WjAYMRYw
FAYDVQQDEw02NzZkOTEyNC04ODU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoIP0zoxhy3wHzc+q91uDqsb91HdqCsWXmd84qAZzEe0sQQ1xD+75hsD1
xuA4pSP2FLxDq0C/TIJsih4dnr0/9odyxhqT2sHSDPezw6HRXMnmhvkj3lNgu7yT
1t+R9o2xqAgQdhDF7+aLh5Vs+TpcLIJ2fIAZdocJxHTzZ61iXSpQptUJciywh5jI
9tR4wfxRz29VgdO7b94Bq1lyC0VQRcXoI82lG50k+rCFKkrN3nQU7TdD/8KMgkpN
pwcjyzBXhQ6LB3yLqjaM5Q3rh/RqGZxsqlqA74thmZSeXgHalIbyezFsZzUB/XcD
0L8enhsMbAUNhF7MWHpyZnUogFe15wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBZy
hvicJRKGy56fV9YEff9xvsz5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQTdFNUVGRUMzQUUxMUVGQjA1MTJGNkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcj8MA0GCSqGSIb3DQEBCwUA
A4IBAQBzfwrHvuYUFiE24Nh+a2pP6uhSSoI9asK/oXSJ4wOpTy+e1D0mUgMLSMrY
ozVbdmFXZCZDpGYvotXFuhLSRxza+pazrnvS3lJcfG/+DcyzDxm/HyRe2KymXC03
0MEIF1hQJc2d7AiIl38quZOKmSJQpSmqaH6bnwdfvFp52AwI2XOLGCwJ59p7yDyh
lvDZFL3Uem3az5MJjym6Fl4iBHY3ORq7m5ccyqj0FajdCjgEc1H4FSyzWfuBGQ4v
sYnXoWNcqoNfnMxgh1h9s5cm3wxnEUbo/wcBK0jTFewm0hNiomCIvNwbmcBhixhi
WSHX8s3Gi0wnWuZXm9wtduJ7OW9b
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:42 2025 by rpki-client