Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B2ACEDEC3A511EF8FBFAAB2762E951A.roa
File: 4B2ACEDEC3A511EF8FBFAAB2762E951A.roa (raw, json)
Hash identifier: 4enI4OUgovxJlfpFEmM1D6AvNm/74LdQF3X3CUJung0=
Subject key identifier: 18:26:25:D7:55:A4:6A:B0:28:25:EA:D2:52:FB:69:40:65:40:C1:7C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDC5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B2ACEDEC3A511EF8FBFAAB2762E951A.roa
Signing time: Thu 26 Dec 2024 16:20:17 +0000
ROA not before: Thu 26 Dec 2024 16:20:13 +0000
ROA not after: Fri 12 Dec 2025 16:20:13 +0000
asID: 984
IP address blocks: 45.200.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60869 (0xedc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 16:20:13 2024 GMT
Not After : Dec 12 16:20:13 2025 GMT
Subject: CN=676d8241-655e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4e:3c:90:63:ba:12:94:d9:02:1c:ea:79:5f:
68:ed:ea:31:46:7a:27:33:45:3b:d3:54:04:74:58:
f2:14:1c:42:79:3f:d0:3c:9f:b9:aa:84:50:19:0c:
74:0c:63:1c:5f:3d:29:97:89:60:76:45:e2:91:8e:
5e:49:23:6e:43:b2:85:3f:c7:69:88:5a:5e:2d:20:
0e:79:91:b7:9f:ee:f8:0d:72:57:c9:46:d9:18:84:
b9:0e:e0:80:a2:b1:7a:5e:8e:ea:b6:43:ec:ef:71:
84:e6:39:9b:14:3a:9d:00:d4:a2:94:67:9b:07:89:
68:c0:95:38:19:71:b9:49:97:85:6c:5e:92:6b:7a:
52:84:f0:8c:7c:a7:85:b0:d7:e6:69:56:ff:0d:16:
05:93:3d:50:49:2a:49:eb:6d:97:85:d6:94:4a:b2:
3e:bd:b9:93:25:ee:30:7c:21:ad:e7:6f:45:f4:95:
f9:d1:23:87:60:08:48:d3:3c:e5:f6:10:80:85:59:
9a:d5:93:90:07:c4:43:4e:f0:41:c8:55:4b:a6:1f:
0f:07:28:15:81:c9:fc:4b:4f:99:46:82:1d:c6:f2:
33:0c:65:0f:27:bd:da:f9:89:b1:af:4e:11:d1:ed:
2d:a2:cc:22:0c:0a:0a:3a:20:0c:df:ad:da:f2:06:
ec:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:26:25:D7:55:A4:6A:B0:28:25:EA:D2:52:FB:69:40:65:40:C1:7C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B2ACEDEC3A511EF8FBFAAB2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.205.0/24
Signature Algorithm: sha256WithRSAEncryption
09:fc:cc:70:45:a7:ed:79:75:a8:fb:58:71:6b:b9:de:68:cb:
7c:ce:35:be:99:be:00:c1:cd:a5:65:4c:4b:0c:c3:66:52:9e:
b2:e1:e7:35:37:52:69:7b:31:16:1e:b9:55:de:fb:d0:24:4c:
fe:22:86:ad:2e:6f:9d:e5:86:3c:8e:76:a1:00:21:89:71:d9:
5c:05:00:4e:c7:b9:1e:72:83:05:94:1c:a3:fa:62:91:2d:72:
0e:78:00:21:e8:6b:d5:a4:32:c0:dc:52:0a:8f:da:76:5a:34:
cc:b4:0d:bd:24:74:a5:88:4c:a5:20:e6:e0:14:99:ed:00:0c:
40:8a:93:71:ce:ce:21:25:de:7b:67:71:c0:4f:d2:5f:c3:19:
f0:17:77:41:e7:33:b3:77:ce:bd:b5:2b:a9:78:c0:63:00:43:
29:74:9a:f2:b4:94:4e:d3:dd:85:eb:a1:00:a1:d0:ee:b1:ac:
f1:a0:76:8d:bc:b3:aa:10:a6:d0:8c:36:b5:e7:00:b8:87:8f:
5a:8f:e2:05:86:5d:20:b1:74:a8:da:92:2d:91:21:e3:be:d9:
c3:7e:01:39:67:ef:dd:13:bf:82:0f:29:f0:d5:83:6e:a9:d7:
aa:ab:cd:36:d4:f8:05:dc:94:3a:3c:c4:ed:51:df:29:03:76:
aa:e2:20:25
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO3FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTYyMDEzWhcNMjUxMjEyMTYyMDEzWjAYMRYw
FAYDVQQDEw02NzZkODI0MS02NTVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwU48kGO6EpTZAhzqeV9o7eoxRnonM0U701QEdFjyFBxCeT/QPJ+5qoRQ
GQx0DGMcXz0pl4lgdkXikY5eSSNuQ7KFP8dpiFpeLSAOeZG3n+74DXJXyUbZGIS5
DuCAorF6Xo7qtkPs73GE5jmbFDqdANSilGebB4lowJU4GXG5SZeFbF6Sa3pShPCM
fKeFsNfmaVb/DRYFkz1QSSpJ622XhdaUSrI+vbmTJe4wfCGt529F9JX50SOHYAhI
0zzl9hCAhVma1ZOQB8RDTvBByFVLph8PBygVgcn8S0+ZRoIdxvIzDGUPJ73a+Ymx
r04R0e0toswiDAoKOiAM363a8gbsIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBgm
JddVpGqwKCXq0lL7aUBlQMF8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QjJBQ0VERUMzQTUxMUVGOEZCRkFBQjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcjNMA0GCSqGSIb3DQEBCwUA
A4IBAQAJ/MxwRafteXWo+1hxa7neaMt8zjW+mb4Awc2lZUxLDMNmUp6y4ec1N1Jp
ezEWHrlV3vvQJEz+IoatLm+d5YY8jnahACGJcdlcBQBOx7kecoMFlByj+mKRLXIO
eAAh6GvVpDLA3FIKj9p2WjTMtA29JHSliEylIObgFJntAAxAipNxzs4hJd57Z3HA
T9JfwxnwF3dB5zOzd869tSupeMBjAEMpdJrytJRO092F66EAodDusazxoHaNvLOq
EKbQjDa15wC4h49aj+IFhl0gsXSo2pItkSHjvtnDfgE5Z+/dE7+CDynw1YNuqdeq
q8021PgF3JQ6PMTtUd8pA3aq4iAl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:48 2025 by rpki-client