Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64D877F8C3B611EFB821D09B762E951A.roa
File: 64D877F8C3B611EFB821D09B762E951A.roa (raw, json)
Hash identifier: c98D6Hv2iPXpdv5hKk12yFIcXFYa61ng/XeNd+q+Sdw=
Subject key identifier: E1:A0:48:A1:E4:BC:8A:78:E5:3C:EC:B2:0F:1F:7B:DF:07:7C:37:4C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE79
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64D877F8C3B611EFB821D09B762E951A.roa
Signing time: Thu 26 Dec 2024 18:22:42 +0000
ROA not before: Thu 26 Dec 2024 18:22:38 +0000
ROA not after: Sun 12 Dec 2027 18:22:38 +0000
asID: 17561
IP address blocks: 45.207.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61049 (0xee79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 18:22:38 2024 GMT
Not After : Dec 12 18:22:38 2027 GMT
Subject: CN=676d9ef1-3ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:34:20:91:ee:87:07:55:cd:6d:57:f0:b3:74:
a8:f1:7b:8b:a5:35:5d:18:c4:e4:7b:b4:c2:29:bb:
5d:ad:cd:e3:90:0a:23:55:10:4f:6f:86:61:3d:bd:
fc:10:42:81:6c:5a:b3:ca:f9:d0:04:a8:80:8a:1d:
fc:25:46:88:97:90:6f:1e:65:29:94:4e:aa:1f:a1:
6a:10:2d:1d:98:75:45:9c:9a:45:3d:72:7a:89:43:
d6:be:14:3e:59:2b:61:cc:0c:70:81:ec:46:11:79:
df:89:4c:a3:91:95:7a:fe:1f:13:21:fc:22:59:fe:
a9:5b:1a:af:5f:1b:cb:c8:d6:58:e1:c2:d1:ef:25:
fd:f0:75:37:79:63:88:b1:db:8f:35:65:2f:f0:f0:
4c:0a:cc:43:dd:7c:16:8d:16:7c:4e:5f:66:aa:e7:
1b:e0:09:41:34:ea:12:0f:9e:75:97:6b:d1:a7:da:
fa:48:c8:be:88:52:1d:c8:20:bd:23:77:ae:4c:da:
36:23:8e:dc:0e:ec:34:cb:80:9e:37:1f:2f:c7:3b:
4e:ca:78:28:30:ad:7f:93:e7:2a:84:42:23:e0:88:
84:4c:b2:49:a7:65:6d:83:d9:44:b2:da:45:c8:ed:
35:58:d5:c7:e2:db:f7:d1:24:4c:f6:7c:30:ce:92:
d8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A0:48:A1:E4:BC:8A:78:E5:3C:EC:B2:0F:1F:7B:DF:07:7C:37:4C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64D877F8C3B611EFB821D09B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.46.0/24
Signature Algorithm: sha256WithRSAEncryption
45:15:b7:a4:51:ab:8d:2a:62:48:d6:4e:f8:b8:0c:14:22:88:
51:07:5b:ed:3b:fa:c4:d2:7f:87:86:dd:de:a2:5a:c8:a6:fb:
10:ae:61:12:d3:32:8a:4a:25:4a:01:c4:c8:92:6e:6a:c2:13:
07:d5:c4:f2:6c:23:16:c6:bc:11:f3:72:7b:91:03:70:68:07:
20:36:6c:6f:d4:a8:b1:f4:94:e5:d6:07:48:f5:78:9f:5d:a4:
dc:be:a5:8c:7f:be:ed:64:47:25:43:48:cf:0f:66:66:aa:56:
07:8c:49:e7:a5:51:1e:c9:06:8a:f6:95:91:16:49:a4:c2:1b:
75:c0:84:09:e9:b0:88:56:a2:c5:7e:30:57:24:17:6d:cc:c9:
40:9f:20:00:51:c2:34:cc:91:e1:80:13:17:d1:1c:c3:80:af:
85:c2:75:26:7f:04:e8:c4:ec:da:4e:11:3b:29:65:ce:b2:cd:
d1:47:0d:28:f5:b0:cb:26:8f:86:51:69:bd:1a:e0:2b:d8:f6:
6c:45:1c:9c:ef:14:d1:af:0c:6b:c7:3d:9d:1e:21:ad:33:ad:
22:60:50:76:4c:0c:a2:59:49:f9:7a:ce:6b:13:f0:b1:d2:d2:
65:e5:82:3a:3b:2b:47:0a:4f:27:6a:a5:ba:e1:43:97:9c:5c:
a2:84:60:f9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO55MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTgyMjM4WhcNMjcxMjEyMTgyMjM4WjAYMRYw
FAYDVQQDEw02NzZkOWVmMS0zZWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyjQgke6HB1XNbVfws3So8XuLpTVdGMTke7TCKbtdrc3jkAojVRBPb4Zh
Pb38EEKBbFqzyvnQBKiAih38JUaIl5BvHmUplE6qH6FqEC0dmHVFnJpFPXJ6iUPW
vhQ+WSthzAxwgexGEXnfiUyjkZV6/h8TIfwiWf6pWxqvXxvLyNZY4cLR7yX98HU3
eWOIsduPNWUv8PBMCsxD3XwWjRZ8Tl9mqucb4AlBNOoSD551l2vRp9r6SMi+iFId
yCC9I3euTNo2I47cDuw0y4CeNx8vxztOyngoMK1/k+cqhEIj4IiETLJJp2Vtg9lE
stpFyO01WNXH4tv30SRM9nwwzpLYYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOGg
SKHkvIp45Tzssg8fe98HfDdMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NEQ4NzdGOEMzQjYxMUVGQjgyMUQwOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8uMA0GCSqGSIb3DQEBCwUA
A4IBAQBFFbekUauNKmJI1k74uAwUIohRB1vtO/rE0n+Hht3eolrIpvsQrmES0zKK
SiVKAcTIkm5qwhMH1cTybCMWxrwR83J7kQNwaAcgNmxv1Kix9JTl1gdI9XifXaTc
vqWMf77tZEclQ0jPD2ZmqlYHjEnnpVEeyQaK9pWRFkmkwht1wIQJ6bCIVqLFfjBX
JBdtzMlAnyAAUcI0zJHhgBMX0RzDgK+FwnUmfwToxOzaThE7KWXOss3RRw0o9bDL
Jo+GUWm9GuAr2PZsRRyc7xTRrwxrxz2dHiGtM60iYFB2TAyiWUn5es5rE/Cx0tJl
5YI6OytHCk8naqW64UOXnFyihGD5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:28 2025 by rpki-client