Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D2525B0C3A711EF91EA80BF762E951A.roa
File: 5D2525B0C3A711EF91EA80BF762E951A.roa (raw, json)
Hash identifier: 6fT+fSPePKpfxU2bhFFO+iPcXrSYMpxYDY99A+igeHQ=
Subject key identifier: E5:25:7C:66:51:D3:84:D0:A3:A7:C8:F0:F3:5E:D8:3E:E9:28:37:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDDB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D2525B0C3A711EF91EA80BF762E951A.roa
Signing time: Thu 26 Dec 2024 16:35:06 +0000
ROA not before: Thu 26 Dec 2024 16:35:02 +0000
ROA not after: Sun 12 Dec 2027 16:35:02 +0000
asID: 17561
IP address blocks: 45.200.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60891 (0xeddb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 16:35:02 2024 GMT
Not After : Dec 12 16:35:02 2027 GMT
Subject: CN=676d85ba-9086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:80:4e:bc:36:fa:3a:fe:12:7c:ab:a3:73:1c:
65:96:1e:93:28:f7:c0:cd:ad:bd:00:f9:ff:29:9e:
cd:41:8c:62:25:05:d2:8f:62:c5:ef:7f:48:77:a2:
75:48:32:17:17:d8:9f:6e:56:4d:61:8d:da:12:5f:
56:a5:d5:4b:b5:80:83:45:58:2d:64:7c:20:99:39:
30:62:12:b2:23:b0:06:0f:72:e1:b6:47:9d:29:dc:
88:74:5e:b3:dc:a3:e9:1d:d2:27:c0:55:77:94:d0:
e1:81:81:4c:31:1a:33:1e:37:ba:c6:ab:f6:0b:bb:
60:33:bc:f3:f2:b6:40:c4:34:66:e1:a7:29:59:c5:
04:3d:e8:d5:33:59:d0:c9:09:95:4a:0a:11:bd:7f:
c1:93:bf:95:b6:ef:20:68:1c:34:90:60:64:db:81:
98:e1:df:15:fa:40:f3:ad:9f:90:a2:eb:84:fc:65:
e3:f9:d7:dd:1c:d6:85:0e:aa:51:bd:a6:32:38:3e:
a2:77:1e:8d:f8:4e:96:b3:7a:4d:dc:ab:25:78:12:
a7:a4:a5:a1:32:bf:fc:6b:2f:c0:14:cd:15:8c:8f:
6b:71:fb:14:ee:d5:63:b0:61:b5:b8:b2:90:e4:cd:
28:dc:b7:ce:d1:9a:9a:d4:7f:db:7c:de:bc:c9:dc:
80:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:25:7C:66:51:D3:84:D0:A3:A7:C8:F0:F3:5E:D8:3E:E9:28:37:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D2525B0C3A711EF91EA80BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.216.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:47:cf:69:6c:b3:d8:d7:35:15:29:50:e9:33:b2:66:6c:c5:
21:e0:40:d2:c7:80:93:0e:93:5f:4e:e5:c0:4f:bc:69:1d:02:
aa:8e:1c:25:fc:9f:52:80:e9:f1:ba:b0:2d:dd:21:24:4f:e2:
6d:bd:a4:11:5b:05:fc:7d:db:8d:22:0f:fa:82:b4:d4:5e:96:
9f:96:a0:a2:fa:c7:b1:92:f6:7e:b0:d6:1c:67:8f:ce:ad:b0:
5b:c9:aa:48:ba:64:a2:02:6a:2e:97:a7:b3:86:b6:ff:4f:f8:
eb:cb:9b:f4:d2:c8:ff:09:a3:a0:58:4b:53:3a:f1:10:4b:8f:
77:ce:97:b5:2e:85:c8:62:58:6f:09:49:a4:f3:8c:4b:72:9b:
9a:ad:42:0f:68:d8:bd:58:04:cd:f8:04:21:f9:27:c0:75:f3:
78:2b:dc:61:ad:fe:92:4d:d3:a5:ed:7d:70:32:8b:8d:71:f2:
e7:4b:65:45:6b:5d:13:c6:b9:1f:c5:c7:53:39:b5:1d:c2:5f:
b8:5b:82:72:46:2b:8d:4a:0a:55:03:32:31:aa:c2:40:77:8d:
92:5c:50:1b:52:3b:82:0c:a5:56:6a:95:49:bb:1b:41:90:2f:
c0:5f:79:1d:a0:2d:bb:0e:ca:b1:d0:1a:1f:ed:9e:11:75:1a:
4e:e4:8d:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO3bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTYzNTAyWhcNMjcxMjEyMTYzNTAyWjAYMRYw
FAYDVQQDEw02NzZkODViYS05MDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqIBOvDb6Ov4SfKujcxxllh6TKPfAza29APn/KZ7NQYxiJQXSj2LF739I
d6J1SDIXF9ifblZNYY3aEl9WpdVLtYCDRVgtZHwgmTkwYhKyI7AGD3LhtkedKdyI
dF6z3KPpHdInwFV3lNDhgYFMMRozHje6xqv2C7tgM7zz8rZAxDRm4acpWcUEPejV
M1nQyQmVSgoRvX/Bk7+Vtu8gaBw0kGBk24GY4d8V+kDzrZ+QouuE/GXj+dfdHNaF
DqpRvaYyOD6idx6N+E6Ws3pN3KsleBKnpKWhMr/8ay/AFM0VjI9rcfsU7tVjsGG1
uLKQ5M0o3LfO0Zqa1H/bfN68ydyAJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOUl
fGZR04TQo6fI8PNe2D7pKDehMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RDI1MjVCMEMzQTcxMUVGOTFFQTgwQkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcjYMA0GCSqGSIb3DQEBCwUA
A4IBAQBrR89pbLPY1zUVKVDpM7JmbMUh4EDSx4CTDpNfTuXAT7xpHQKqjhwl/J9S
gOnxurAt3SEkT+JtvaQRWwX8fduNIg/6grTUXpaflqCi+sexkvZ+sNYcZ4/OrbBb
yapIumSiAmoul6ezhrb/T/jry5v00sj/CaOgWEtTOvEQS493zpe1LoXIYlhvCUmk
84xLcpuarUIPaNi9WATN+AQh+SfAdfN4K9xhrf6STdOl7X1wMouNcfLnS2VFa10T
xrkfxcdTObUdwl+4W4JyRiuNSgpVAzIxqsJAd42SXFAbUjuCDKVWapVJuxtBkC/A
X3kdoC27Dsqx0Bof7Z4RdRpO5I1/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:08 2025 by rpki-client