Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D9F68EAC3EE11EFAE9B6D7D762E951A.roa
File: 2D9F68EAC3EE11EFAE9B6D7D762E951A.roa (raw, json)
Hash identifier: wi7QkKPjm374d0uyCFBzFIQbY1Y3/JKDnhJeffIKH5s=
Subject key identifier: 76:BC:F8:79:3C:3F:78:01:B3:5C:65:80:C6:FE:AB:C7:99:27:B5:C0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF32
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D9F68EAC3EE11EFAE9B6D7D762E951A.roa
Signing time: Fri 27 Dec 2024 01:02:01 +0000
ROA not before: Fri 27 Dec 2024 01:01:57 +0000
ROA not after: Sun 12 Dec 2027 01:01:57 +0000
asID: 17561
IP address blocks: 45.192.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61234 (0xef32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 01:01:57 2024 GMT
Not After : Dec 12 01:01:57 2027 GMT
Subject: CN=676dfc89-4e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b0:fb:a9:7d:5d:a7:92:21:44:44:0b:02:c1:
f5:2f:a1:47:51:e2:4c:da:62:66:c7:f7:41:5e:91:
5d:ae:e6:d8:0d:fc:ff:c9:22:ea:11:be:14:02:5e:
f2:13:82:aa:71:a4:ca:5b:4a:5f:3f:51:ad:33:5f:
11:2f:5b:9e:f0:8e:0f:73:fa:e9:c0:f1:a1:52:40:
32:32:ed:ca:81:33:ce:b2:8a:24:29:fa:25:c8:5e:
17:e3:33:89:e5:31:dc:4a:c2:7c:02:28:c8:cb:7f:
1f:7c:32:0a:a4:e7:30:c8:7d:b5:d1:47:c5:c5:b2:
41:63:25:4e:0f:09:ac:9c:dd:5a:1a:ad:e3:e3:f3:
cd:c8:87:30:22:fd:78:91:93:d3:6b:1d:85:53:a7:
95:08:bf:79:48:8e:55:1e:be:e5:a8:ca:63:54:29:
39:31:24:35:eb:7e:3a:cc:0b:f8:8d:6f:69:39:80:
c7:25:52:5d:2a:5b:39:09:e1:de:c7:48:34:bd:df:
d8:f2:9e:e2:85:cd:06:0f:40:c2:4b:aa:96:1d:e1:
ba:d2:32:59:7d:78:d7:ed:1f:6d:21:e9:8d:20:b2:
dd:4e:e3:79:61:a3:d8:b9:e4:19:ab:df:aa:4f:cb:
22:64:05:a2:0e:4f:71:10:98:98:48:ec:d8:ba:f8:
a3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:BC:F8:79:3C:3F:78:01:B3:5C:65:80:C6:FE:AB:C7:99:27:B5:C0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D9F68EAC3EE11EFAE9B6D7D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.233.0/24
Signature Algorithm: sha256WithRSAEncryption
05:a8:15:ad:54:af:29:5a:ae:a3:e9:83:1c:ba:08:9a:38:77:
42:ba:8f:b1:52:6b:85:a5:eb:4f:e8:01:9b:0b:3d:3b:25:fc:
84:8e:30:7c:c5:6c:65:8e:e1:2a:1b:84:1d:65:74:9c:f8:64:
51:dd:9c:d3:17:3b:99:f4:be:ae:42:93:72:08:2d:7a:46:b3:
cd:0d:e0:71:cd:9e:5f:7a:40:e0:3d:9e:94:dd:b3:28:ce:69:
1c:a3:8b:df:22:1a:34:24:bc:b9:c1:b4:b3:80:61:33:17:99:
94:2f:9e:b1:a6:ab:30:2d:03:8a:59:79:18:8f:54:d2:14:fe:
3a:42:06:10:11:c4:9e:3c:3a:33:52:05:03:fc:3f:e2:80:f8:
78:60:05:31:33:b9:48:65:b0:f6:dc:50:61:f6:19:25:3c:1a:
d8:65:3c:d8:9c:f6:97:bd:78:75:d2:1e:23:0f:e1:23:44:49:
d5:f4:43:c4:fc:6f:40:f6:fc:d0:1b:c8:21:79:7b:90:1c:5a:
36:fa:bd:73:ca:d0:47:ff:55:87:5f:ef:39:b2:13:d9:92:71:
17:49:bb:62:06:0d:87:69:d6:27:7b:d4:1d:c6:a4:7e:ac:ab:
f6:01:d6:87:97:9e:7f:ae:38:45:b3:b5:c7:72:12:16:77:a9:
1d:db:fe:54
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO8yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDEwMTU3WhcNMjcxMjEyMDEwMTU3WjAYMRYw
FAYDVQQDEw02NzZkZmM4OS00ZTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8LD7qX1dp5IhREQLAsH1L6FHUeJM2mJmx/dBXpFdrubYDfz/ySLqEb4U
Al7yE4KqcaTKW0pfP1GtM18RL1ue8I4Pc/rpwPGhUkAyMu3KgTPOsookKfolyF4X
4zOJ5THcSsJ8AijIy38ffDIKpOcwyH210UfFxbJBYyVODwmsnN1aGq3j4/PNyIcw
Iv14kZPTax2FU6eVCL95SI5VHr7lqMpjVCk5MSQ16346zAv4jW9pOYDHJVJdKls5
CeHex0g0vd/Y8p7ihc0GD0DCS6qWHeG60jJZfXjX7R9tIemNILLdTuN5YaPYueQZ
q9+qT8siZAWiDk9xEJiYSOzYuvijeQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHa8
+Hk8P3gBs1xlgMb+q8eZJ7XAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRDlGNjhFQUMzRUUxMUVGQUU5QjZEN0Q3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcDpMA0GCSqGSIb3DQEBCwUA
A4IBAQAFqBWtVK8pWq6j6YMcugiaOHdCuo+xUmuFpetP6AGbCz07JfyEjjB8xWxl
juEqG4QdZXSc+GRR3ZzTFzuZ9L6uQpNyCC16RrPNDeBxzZ5fekDgPZ6U3bMozmkc
o4vfIho0JLy5wbSzgGEzF5mUL56xpqswLQOKWXkYj1TSFP46QgYQEcSePDozUgUD
/D/igPh4YAUxM7lIZbD23FBh9hklPBrYZTzYnPaXvXh10h4jD+EjREnV9EPE/G9A
9vzQG8gheXuQHFo2+r1zytBH/1WHX+85shPZknEXSbtiBg2HadYne9QdxqR+rKv2
AdaHl55/rjhFs7XHchIWd6kd2/5U
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:30 2025 by rpki-client