Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/400C0350C9C311EF955828A2762E951A.roa
File: 400C0350C9C311EF955828A2762E951A.roa (raw, json)
Hash identifier: lehDlkrICPOJMpYFVgzTEy67y71gpJ8TavkmtKkDwT0=
Subject key identifier: 6A:31:4B:2E:87:79:CD:6D:44:BA:0B:0D:0B:A6:AA:FA:9B:27:D8:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6EB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/400C0350C9C311EF955828A2762E951A.roa
Signing time: Fri 03 Jan 2025 11:09:50 +0000
ROA not before: Fri 03 Jan 2025 11:09:47 +0000
ROA not after: Sat 08 Feb 2025 11:09:47 +0000
asID: 395793
IP address blocks: 45.201.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63211 (0xf6eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 11:09:47 2025 GMT
Not After : Feb 8 11:09:47 2025 GMT
Subject: CN=6777c57e-0260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e2:8d:07:4d:25:f6:ad:41:2c:22:8b:51:1d:
e4:73:4e:f0:36:19:10:d8:be:2c:4a:65:77:a4:e8:
a7:62:ad:1d:bd:e9:8c:7d:c7:e4:60:b9:c9:15:47:
05:83:4f:d1:26:7d:76:d7:17:84:58:c1:23:aa:2a:
79:bc:da:f6:62:3c:e8:4c:7d:23:de:2b:49:56:93:
84:03:30:f6:0c:84:86:4c:ce:b9:12:02:70:1a:6d:
97:5d:11:f9:5e:f1:43:c3:09:fd:75:7b:8c:42:85:
88:dd:2c:c8:2c:1d:26:a5:2a:88:ad:e8:2f:a9:51:
98:c2:ef:08:8f:42:9c:73:5f:87:00:e1:77:97:ce:
77:0e:ba:df:75:fc:76:cf:4e:40:a5:b0:36:1d:ef:
5e:ca:79:38:f1:33:fc:93:d8:d4:cb:b4:da:97:77:
e4:3a:ea:51:bf:f6:90:f1:7c:69:bd:b0:4b:15:46:
37:f8:f9:b1:51:9b:ea:8b:6b:03:ba:a2:39:90:f9:
6e:fd:0b:e7:c7:18:da:23:78:b7:a2:82:f0:dc:36:
5d:42:a6:4b:ba:99:b1:57:1a:0f:4c:2b:2c:72:b8:
06:fc:94:38:fc:f1:a4:fa:ce:6c:b1:a6:10:56:04:
c9:b8:56:dd:41:20:57:19:04:29:2b:b0:d1:9d:d4:
85:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:31:4B:2E:87:79:CD:6D:44:BA:0B:0D:0B:A6:AA:FA:9B:27:D8:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/400C0350C9C311EF955828A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.28.0/24
Signature Algorithm: sha256WithRSAEncryption
30:f7:57:74:fe:ab:29:0e:1e:4f:0a:b1:3a:7d:b8:b1:ee:ff:
67:4b:76:49:03:c1:4c:35:a6:b2:8e:0d:de:05:16:55:68:b4:
98:47:09:bd:d9:43:16:8e:0d:a7:45:38:a4:bf:fb:34:12:6b:
e8:f2:67:d8:99:02:de:8a:ca:18:c9:f7:f2:87:7c:39:46:8d:
0a:1e:24:a2:02:d2:39:14:ce:09:39:a5:af:90:b6:c5:32:fe:
7e:3f:a1:3b:a1:fb:64:fa:a9:11:61:e1:d9:a7:9a:c5:d3:f3:
22:5e:0f:14:aa:06:98:11:67:ab:25:ae:84:65:ec:4e:76:88:
d5:e4:47:a3:c4:b1:95:4f:b1:4f:ea:ab:06:ce:8a:0b:9d:3a:
68:db:62:d1:6e:1e:19:c2:7a:2b:76:4d:1a:ff:fc:86:69:09:
3f:b1:d2:ba:bd:c9:46:7d:4a:ec:d6:de:4d:e3:73:0a:61:b9:
f6:25:74:33:84:13:e3:13:6b:c9:db:e4:2c:70:88:12:83:40:
6c:cf:92:d2:b8:05:37:db:88:32:5e:f2:ee:a9:3e:f1:83:cc:
9b:d8:ac:89:c9:37:03:de:35:bb:ed:4c:f0:8e:ef:99:ec:19:
be:d2:67:3c:b1:86:68:28:77:fc:c2:05:dc:c6:e5:99:14:11:
b7:1c:48:c3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPbrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMTEwOTQ3WhcNMjUwMjA4MTEwOTQ3WjAYMRYw
FAYDVQQDEw02Nzc3YzU3ZS0wMjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr+KNB00l9q1BLCKLUR3kc07wNhkQ2L4sSmV3pOinYq0dvemMfcfkYLnJ
FUcFg0/RJn121xeEWMEjqip5vNr2YjzoTH0j3itJVpOEAzD2DISGTM65EgJwGm2X
XRH5XvFDwwn9dXuMQoWI3SzILB0mpSqIregvqVGYwu8Ij0Kcc1+HAOF3l853Drrf
dfx2z05ApbA2He9eynk48TP8k9jUy7Tal3fkOupRv/aQ8XxpvbBLFUY3+PmxUZvq
i2sDuqI5kPlu/QvnxxjaI3i3ooLw3DZdQqZLupmxVxoPTCsscrgG/JQ4/PGk+s5s
saYQVgTJuFbdQSBXGQQpK7DRndSFRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGox
Sy6Hec1tRLoLDQumqvqbJ9hdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MDBDMDM1MEM5QzMxMUVGOTU1ODI4QTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALckcMA0GCSqGSIb3DQEBCwUA
A4IBAQAw91d0/qspDh5PCrE6fbix7v9nS3ZJA8FMNaayjg3eBRZVaLSYRwm92UMW
jg2nRTikv/s0Emvo8mfYmQLeisoYyffyh3w5Ro0KHiSiAtI5FM4JOaWvkLbFMv5+
P6E7oftk+qkRYeHZp5rF0/MiXg8UqgaYEWerJa6EZexOdojV5EejxLGVT7FP6qsG
zooLnTpo22LRbh4Zwnordk0a//yGaQk/sdK6vclGfUrs1t5N43MKYbn2JXQzhBPj
E2vJ2+QscIgSg0Bsz5LSuAU324gyXvLuqT7xg8yb2KyJyTcD3jW77Uzwju+Z7Bm+
0mc8sYZoKHf8wgXcxuWZFBG3HEjD
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:24 2025 by rpki-client