Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FBCB0B8C3BE11EF8B2F9F4F762E951A.roa
File: 2FBCB0B8C3BE11EF8B2F9F4F762E951A.roa (raw, json)
Hash identifier: utzuN0wmfAiyx/799o6xxCqD0HzB9SqyQg04q6hyXjk=
Subject key identifier: 1A:1E:AF:B0:81:EC:A7:34:B9:E1:03:06:CE:DD:6A:A0:01:5E:3A:31
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EEC9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FBCB0B8C3BE11EF8B2F9F4F762E951A.roa
Signing time: Thu 26 Dec 2024 19:18:28 +0000
ROA not before: Thu 26 Dec 2024 19:18:25 +0000
ROA not after: Sun 12 Dec 2027 19:18:25 +0000
asID: 17561
IP address blocks: 45.207.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61129 (0xeec9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 19:18:25 2024 GMT
Not After : Dec 12 19:18:25 2027 GMT
Subject: CN=676dac04-1856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f0:a2:ed:54:79:42:48:53:28:7b:f3:81:13:
92:76:d4:b6:a2:23:43:9f:15:a8:cf:78:4f:ac:cb:
60:83:ae:75:ec:41:b4:7f:40:f4:3f:05:3e:3d:9a:
50:f8:cf:2c:9d:be:e0:8c:00:f9:ab:3a:f8:de:94:
61:c7:62:2e:f2:bc:be:35:9a:11:3c:d7:de:59:47:
0c:19:37:75:ce:1f:34:ef:d5:62:3f:da:a8:d6:d2:
88:1b:28:6d:bf:79:36:b6:10:08:5a:4a:b3:72:46:
d7:e0:79:14:03:f4:b9:75:11:2a:63:c8:ff:6e:3c:
f8:e7:4f:0b:d5:36:32:76:85:c7:bd:23:66:d7:3e:
0c:cb:cf:24:86:8d:20:79:7e:23:c1:48:80:88:db:
3a:3c:95:e3:9a:12:7c:22:9d:94:dc:05:f0:da:65:
69:4f:81:b3:2e:4c:e2:25:5b:dc:aa:86:07:57:63:
37:dd:46:3d:73:99:27:57:b6:29:05:b7:91:ef:f6:
3e:6b:51:68:2d:cd:6d:6b:49:5c:c8:92:b2:ea:12:
fb:c8:eb:c8:0e:58:24:bc:8a:d4:3d:57:b5:0f:95:
3a:ec:51:3d:68:35:60:17:06:1d:b4:1f:5b:cc:0d:
ef:ef:f1:a7:64:3c:1b:06:c5:31:69:2a:91:e6:9d:
c0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1E:AF:B0:81:EC:A7:34:B9:E1:03:06:CE:DD:6A:A0:01:5E:3A:31
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FBCB0B8C3BE11EF8B2F9F4F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.165.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:b4:56:ca:02:c1:11:23:69:df:89:7e:65:e3:48:d0:25:af:
8a:fa:cc:38:ab:fe:42:fa:03:5b:e7:c1:69:1b:6f:18:0d:71:
7c:4a:2b:9a:e1:fc:61:e4:e9:b4:92:a9:21:64:d7:ad:e9:14:
34:cb:a9:cf:34:54:01:29:38:3b:7f:d3:5c:b9:5d:ab:47:75:
a8:b0:9f:ef:18:78:f3:5c:8e:9c:72:cb:ac:98:50:e0:0c:39:
c2:a9:9a:39:56:41:65:de:29:78:ed:f5:e1:f9:1e:f3:ed:ed:
b6:0e:96:37:7b:53:7b:94:6e:4a:83:7b:d5:df:8a:95:53:05:
09:86:0b:fd:f6:5f:f1:de:9a:11:cf:b6:b3:92:8b:cf:85:c3:
b7:69:f5:39:a1:37:ea:3b:0d:c9:0f:f7:92:ec:f1:78:fa:e9:
4a:93:c6:a8:68:24:cf:94:34:6d:9f:ac:b5:10:af:7c:ff:42:
67:6e:d6:a8:3e:d2:88:b7:28:b7:cc:f1:79:38:59:93:38:4f:
76:3d:83:e7:98:87:87:2a:02:64:1b:01:78:51:8e:a2:c1:86:
eb:da:67:4e:79:c9:d8:33:f1:a9:cf:a3:fa:ea:8e:92:05:03:
ba:26:46:27:32:68:d4:b6:64:21:79:6a:14:c3:30:90:b3:c7:
66:ef:47:1f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO7JMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTkxODI1WhcNMjcxMjEyMTkxODI1WjAYMRYw
FAYDVQQDEw02NzZkYWMwNC0xODU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAkfCi7VR5QkhTKHvzgROSdtS2oiNDnxWoz3hPrMtgg6517EG0f0D0PwU+
PZpQ+M8snb7gjAD5qzr43pRhx2Iu8ry+NZoRPNfeWUcMGTd1zh8079ViP9qo1tKI
Gyhtv3k2thAIWkqzckbX4HkUA/S5dREqY8j/bjz4508L1TYydoXHvSNm1z4My88k
ho0geX4jwUiAiNs6PJXjmhJ8Ip2U3AXw2mVpT4GzLkziJVvcqoYHV2M33UY9c5kn
V7YpBbeR7/Y+a1FoLc1ta0lcyJKy6hL7yOvIDlgkvIrUPVe1D5U67FE9aDVgFwYd
tB9bzA3v7/GnZDwbBsUxaSqR5p3AfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBoe
r7CB7Kc0ueEDBs7daqABXjoxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRkJDQjBCOEMzQkUxMUVGOEIyRjlGNEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+lMA0GCSqGSIb3DQEBCwUA
A4IBAQCOtFbKAsERI2nfiX5l40jQJa+K+sw4q/5C+gNb58FpG28YDXF8Siua4fxh
5Om0kqkhZNet6RQ0y6nPNFQBKTg7f9NcuV2rR3WosJ/vGHjzXI6ccsusmFDgDDnC
qZo5VkFl3il47fXh+R7z7e22DpY3e1N7lG5Kg3vV34qVUwUJhgv99l/x3poRz7az
kovPhcO3afU5oTfqOw3JD/eS7PF4+ulKk8aoaCTPlDRtn6y1EK98/0JnbtaoPtKI
tyi3zPF5OFmTOE92PYPnmIeHKgJkGwF4UY6iwYbr2mdOecnYM/Gpz6P66o6SBQO6
JkYnMmjUtmQheWoUwzCQs8dm70cf
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:01 2025 by rpki-client