Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B4CEE2CB5F811EFAE94A77E762E951A.roa
File: 2B4CEE2CB5F811EFAE94A77E762E951A.roa (raw, json)
Hash identifier: dCYylwUOiW4X4sAJaOSPIgEtySrYnoTFnjED224IwLM=
Subject key identifier: 3E:7F:A6:73:6A:4D:EB:E6:55:8E:3D:28:3C:EA:AC:57:9B:21:B3:BD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E132
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B4CEE2CB5F811EFAE94A77E762E951A.roa
Signing time: Mon 09 Dec 2024 06:38:15 +0000
ROA not before: Mon 09 Dec 2024 06:38:12 +0000
ROA not after: Mon 19 Oct 2026 06:38:12 +0000
asID: 149014
IP address blocks: 45.204.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57650 (0xe132)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 9 06:38:12 2024 GMT
Not After : Oct 19 06:38:12 2026 GMT
Subject: CN=67569057-ba14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:5f:ae:8a:d9:90:de:6f:43:93:76:d2:c0:
6b:78:11:96:65:05:fc:9c:17:74:eb:3f:75:8f:0b:
31:02:90:4c:61:d6:e1:a5:8f:e9:df:da:2d:52:46:
6c:81:fb:46:37:3b:dc:64:ff:a7:f5:b6:08:3f:4b:
32:13:27:2a:e8:ca:ea:c5:44:49:cd:8c:83:ba:c8:
52:89:fe:2b:77:d5:de:95:60:66:a0:88:b7:9a:92:
91:49:cc:87:58:e7:ad:50:b4:7b:ae:31:8f:d0:36:
74:9d:0f:95:99:9b:cf:fd:e9:04:ba:30:83:9e:5a:
ab:fc:5d:0d:5b:ae:94:a6:75:f9:ef:c0:48:5d:fd:
b8:12:27:0f:66:aa:e8:18:e9:5d:4a:bd:a4:cd:90:
cb:c9:25:9a:3c:d5:62:b3:90:85:df:68:5e:97:a2:
a6:b2:8e:d4:f8:af:79:01:df:79:70:03:ac:49:e4:
f3:ef:e9:1d:de:bf:ac:bb:c0:e2:b5:da:99:de:db:
4e:d0:19:38:ed:87:26:de:a8:7b:0c:d7:a8:ba:83:
a6:ce:90:17:9f:67:ed:4e:f8:2a:e3:aa:2b:d0:c4:
6e:f5:e6:a2:ac:ba:08:03:c1:00:6c:df:02:0a:54:
d4:4b:bd:2a:b0:b9:ad:b0:2f:5f:5a:36:b6:54:cf:
30:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7F:A6:73:6A:4D:EB:E6:55:8E:3D:28:3C:EA:AC:57:9B:21:B3:BD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B4CEE2CB5F811EFAE94A77E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.8.0/21
Signature Algorithm: sha256WithRSAEncryption
32:ba:54:12:53:52:3a:93:b7:57:53:c9:c3:21:ba:1d:fa:84:
05:93:68:f9:11:f1:a8:40:e0:57:3f:73:8e:83:46:2a:c1:33:
56:5b:b1:95:29:d8:e8:3d:44:85:b3:58:b8:a3:95:d9:84:73:
9c:a2:04:47:fa:4e:82:09:42:dd:2e:f5:ef:8e:ca:14:ea:f1:
31:d1:c7:63:ff:70:35:66:60:35:c7:89:d1:ca:c1:fa:5d:cb:
95:3e:00:bb:c2:22:1e:a8:d7:d3:4e:ed:1e:5a:56:ea:dd:41:
78:c0:12:a4:2f:4e:09:c4:5e:40:04:cb:81:3c:97:c7:b2:c3:
30:cb:74:25:8c:df:a1:7b:95:b1:fd:69:39:aa:9b:91:eb:09:
d7:1c:f9:94:cb:84:fe:26:4a:89:b7:0e:99:24:f2:65:c2:f9:
69:82:66:bb:ac:6a:9b:9c:15:8c:04:e7:b4:20:55:c3:01:ba:
1c:66:f6:ec:d8:f6:58:38:21:93:2a:4a:89:bc:d6:c3:4d:3c:
58:0c:e3:9b:e9:d0:e0:ca:d9:1a:e7:81:17:c0:9e:fa:e4:2a:
43:00:e6:3b:bb:7b:4d:c3:93:43:f4:71:be:12:c1:74:5d:c2:
e9:72:dd:ed:fd:28:71:c5:41:5d:25:2d:0a:a7:4f:a4:a3:84:
7d:f9:03:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOEyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDYzODEyWhcNMjYxMDE5MDYzODEyWjAYMRYw
FAYDVQQDEw02NzU2OTA1Ny1iYTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAurNfrorZkN5vQ5N20sBreBGWZQX8nBd06z91jwsxApBMYdbhpY/p39ot
UkZsgftGNzvcZP+n9bYIP0syEycq6MrqxURJzYyDushSif4rd9XelWBmoIi3mpKR
ScyHWOetULR7rjGP0DZ0nQ+VmZvP/ekEujCDnlqr/F0NW66UpnX578BIXf24EicP
ZqroGOldSr2kzZDLySWaPNVis5CF32hel6Kmso7U+K95Ad95cAOsSeTz7+kd3r+s
u8DitdqZ3ttO0Bk47Ycm3qh7DNeouoOmzpAXn2ftTvgq46or0MRu9eairLoIA8EA
bN8CClTUS70qsLmtsC9fWja2VM8wRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD5/
pnNqTevmVY49KDzqrFebIbO9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQjRDRUUyQ0I1RjgxMUVGQUU5NEE3N0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcwIMA0GCSqGSIb3DQEBCwUA
A4IBAQAyulQSU1I6k7dXU8nDIbod+oQFk2j5EfGoQOBXP3OOg0YqwTNWW7GVKdjo
PUSFs1i4o5XZhHOcogRH+k6CCULdLvXvjsoU6vEx0cdj/3A1ZmA1x4nRysH6XcuV
PgC7wiIeqNfTTu0eWlbq3UF4wBKkL04JxF5ABMuBPJfHssMwy3QljN+he5Wx/Wk5
qpuR6wnXHPmUy4T+JkqJtw6ZJPJlwvlpgma7rGqbnBWMBOe0IFXDAbocZvbs2PZY
OCGTKkqJvNbDTTxYDOOb6dDgytka54EXwJ765CpDAOY7u3tNw5ND9HG+EsF0XcLp
ct3t/ShxxUFdJS0Kp0+ko4R9+QOS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:46 2025 by rpki-client