Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FFB7464B5FF11EFB1DF7FA9762E951A.roa
File: 2FFB7464B5FF11EFB1DF7FA9762E951A.roa (raw, json)
Hash identifier: pahEqFjAq7C2J2RDik5IM8qyylqF+GHv1JYGz6nZvFw=
Subject key identifier: 81:7A:10:AF:74:BD:45:A9:EC:7C:94:E3:FC:42:E8:2C:7F:5F:EC:BF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E174
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FFB7464B5FF11EFB1DF7FA9762E951A.roa
Signing time: Mon 09 Dec 2024 07:28:30 +0000
ROA not before: Mon 09 Dec 2024 07:28:26 +0000
ROA not after: Thu 06 Feb 2025 07:28:26 +0000
asID: 63787
IP address blocks: 45.192.178.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 07:28:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57716 (0xe174)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 9 07:28:26 2024 GMT
Not After : Feb 6 07:28:26 2025 GMT
Subject: CN=67569c1e-3e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:57:a3:e6:39:d7:8d:2a:2e:ac:11:3b:86:e3:
6e:65:41:76:88:19:86:29:14:07:e8:78:0b:f5:d0:
b8:3a:61:b4:1f:0c:fd:73:56:2f:b8:38:70:23:e0:
e2:b9:d1:29:cf:02:20:79:50:ac:94:d5:47:74:f1:
a0:3e:3c:50:39:ae:ad:6f:da:55:a2:98:2c:fb:94:
c4:e2:e6:52:eb:54:4f:8b:b4:83:ab:3a:03:2d:b1:
dd:bf:c6:f2:86:14:a1:af:14:23:48:07:21:c9:dd:
44:33:a8:66:2c:52:01:81:72:1b:d0:f4:b7:a8:42:
f8:51:3a:ee:10:f8:d2:22:bf:81:0e:d8:c2:d4:d1:
b4:62:c4:26:66:75:9a:c6:2a:f5:1c:83:23:7a:25:
47:a2:c8:0e:91:06:35:d7:c2:0f:58:6a:8c:89:57:
18:1a:b7:21:b3:c4:ff:95:9d:b1:7d:54:76:1c:16:
b8:c2:8c:db:fb:a1:46:97:5a:9a:ea:97:c5:c4:97:
17:58:a4:47:bd:59:b5:9b:5f:6b:27:3d:aa:9b:06:
ed:98:9a:82:28:5f:16:c2:3a:6c:da:60:9b:0d:bd:
d3:be:01:dc:f5:8f:f7:73:fc:62:a6:ff:ff:2b:79:
c7:2f:4c:45:25:49:ef:92:ec:12:5b:77:e5:69:49:
80:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:7A:10:AF:74:BD:45:A9:EC:7C:94:E3:FC:42:E8:2C:7F:5F:EC:BF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FFB7464B5FF11EFB1DF7FA9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.178.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:b6:51:59:4c:e4:e7:e0:9d:cc:f6:9b:2a:6a:90:e6:85:e0:
75:52:42:28:e0:f1:cd:06:e1:e2:19:83:3f:19:26:33:28:31:
60:4c:60:77:b9:ce:4e:79:2b:98:82:06:ed:5a:2c:5d:81:e1:
3b:d5:2e:51:c9:7a:2f:0d:d5:18:ae:d7:69:a5:6e:81:4b:1b:
e5:23:84:b1:24:c5:f3:21:d3:73:de:98:69:7a:03:29:c1:c5:
2f:bd:ae:54:3f:07:da:ef:62:35:87:f8:f0:9e:31:d3:d6:bb:
c8:e9:74:c4:29:63:3d:01:a3:1b:e8:cc:8f:98:73:ef:7f:9a:
4b:10:50:41:7e:8a:21:b1:88:dd:d6:4d:3f:ea:e3:1e:40:5b:
f4:d1:b0:1e:36:17:4d:32:14:7a:49:1c:96:43:d8:c0:0d:2a:
4d:ab:44:5d:a4:39:ca:13:29:96:ff:09:30:f1:4b:17:93:e7:
fd:4a:17:9f:42:86:49:b2:76:a1:37:5d:c1:bc:c8:9e:0f:9e:
fb:67:9f:fb:2e:0e:05:1d:47:38:c4:c0:a3:93:70:1c:54:a9:
eb:5a:48:f4:2f:87:1f:44:23:a4:17:ef:32:33:1f:99:41:d4:
10:9d:fc:61:e7:33:82:7e:e0:0a:78:ef:86:c4:ca:16:c0:4f:
36:ea:8f:69
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOF0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDcyODI2WhcNMjUwMjA2MDcyODI2WjAYMRYw
FAYDVQQDEw02NzU2OWMxZS0zZTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzFej5jnXjSourBE7huNuZUF2iBmGKRQH6HgL9dC4OmG0Hwz9c1YvuDhw
I+DiudEpzwIgeVCslNVHdPGgPjxQOa6tb9pVopgs+5TE4uZS61RPi7SDqzoDLbHd
v8byhhShrxQjSAchyd1EM6hmLFIBgXIb0PS3qEL4UTruEPjSIr+BDtjC1NG0YsQm
ZnWaxir1HIMjeiVHosgOkQY118IPWGqMiVcYGrchs8T/lZ2xfVR2HBa4wozb+6FG
l1qa6pfFxJcXWKRHvVm1m19rJz2qmwbtmJqCKF8Wwjps2mCbDb3TvgHc9Y/3c/xi
pv//K3nHL0xFJUnvkuwSW3flaUmARQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIF6
EK90vUWp7HyU4/xC6Cx/X+y/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRkZCNzQ2NEI1RkYxMUVGQjFERjdGQTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcCyMA0GCSqGSIb3DQEBCwUA
A4IBAQBttlFZTOTn4J3M9psqapDmheB1UkIo4PHNBuHiGYM/GSYzKDFgTGB3uc5O
eSuYggbtWixdgeE71S5RyXovDdUYrtdppW6BSxvlI4SxJMXzIdNz3phpegMpwcUv
va5UPwfa72I1h/jwnjHT1rvI6XTEKWM9AaMb6MyPmHPvf5pLEFBBfoohsYjd1k0/
6uMeQFv00bAeNhdNMhR6SRyWQ9jADSpNq0RdpDnKEymW/wkw8UsXk+f9ShefQoZJ
snahN13BvMieD577Z5/7Lg4FHUc4xMCjk3AcVKnrWkj0L4cfRCOkF+8yMx+ZQdQQ
nfxh5zOCfuAKeO+GxMoWwE826o9p
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:10 2025 by rpki-client