Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B33A6E8C3A811EFB3B4BC47762E951A.roa
File: 7B33A6E8C3A811EFB3B4BC47762E951A.roa (raw, json)
Hash identifier: NvBbUDv/mxZuJIt87p12pnwzU1MqmGwG7TBrQXA1hHY=
Subject key identifier: 79:A3:CF:6F:BE:33:BF:3F:31:51:0F:24:70:65:70:AE:BC:C6:09:00
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDE7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B33A6E8C3A811EFB3B4BC47762E951A.roa
Signing time: Thu 26 Dec 2024 16:43:06 +0000
ROA not before: Thu 26 Dec 2024 16:43:02 +0000
ROA not after: Sun 12 Dec 2027 16:43:02 +0000
asID: 17561
IP address blocks: 45.200.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60903 (0xede7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 16:43:02 2024 GMT
Not After : Dec 12 16:43:02 2027 GMT
Subject: CN=676d879a-930b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ac:c3:99:2b:49:51:0e:63:8e:a4:5e:e1:38:
c3:78:9c:a8:8e:ee:f0:c5:64:f7:ec:01:05:ef:bc:
bc:d4:6d:f8:c3:9b:14:85:56:a9:53:19:85:05:32:
81:9e:27:2f:83:e7:51:8d:ba:14:a0:e2:be:00:7f:
02:84:1d:52:eb:17:4c:2e:c6:4b:c5:34:8f:15:49:
57:41:f0:59:ad:49:8e:9f:d4:3f:00:fa:bc:e9:e0:
79:dc:e3:fe:b8:9c:1d:52:0e:48:d9:c0:4d:68:c1:
6c:dd:e2:d9:b4:12:26:c8:cb:c5:2d:d0:0b:cd:83:
b0:db:dd:76:04:47:7e:d4:38:6b:14:90:e5:df:8d:
e6:d5:ca:7f:a3:5c:ef:ef:9a:ee:1b:ca:69:9e:bb:
23:83:82:00:fc:41:8d:cf:7f:f3:ff:06:a4:06:7a:
30:d1:46:28:5b:d8:87:e5:29:7a:9f:ad:c7:62:a3:
37:e2:5c:86:ab:c2:83:41:de:b7:b2:69:5c:0e:77:
12:ef:1e:09:9f:f9:9b:49:39:3e:7c:a1:3d:41:dc:
69:50:4b:6f:be:b7:85:19:db:3a:68:0a:5c:c9:65:
0f:03:e3:1f:0e:00:60:6f:f4:08:81:42:a7:1b:24:
1d:c4:a9:87:e7:9c:1f:c7:8f:09:b8:72:71:53:a9:
54:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A3:CF:6F:BE:33:BF:3F:31:51:0F:24:70:65:70:AE:BC:C6:09:00
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B33A6E8C3A811EFB3B4BC47762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.222.0/24
Signature Algorithm: sha256WithRSAEncryption
50:46:82:8d:5a:9e:9f:e2:ba:3b:b2:47:13:49:c3:75:5c:22:
6b:a0:fe:58:b6:de:ae:98:5c:b0:b9:8b:80:70:93:a1:85:86:
0b:60:c9:cc:9a:be:16:26:88:75:84:71:d3:b1:4c:de:5f:09:
87:43:bb:0a:51:2d:af:41:b1:91:4d:be:e8:96:e5:4d:6a:d4:
9a:d2:41:91:52:8c:2e:36:18:e6:c0:34:1d:58:18:21:ea:22:
e3:8e:0e:c8:2d:45:c3:91:c6:b2:b8:19:29:19:ce:6d:3a:cc:
b1:8d:6e:28:18:70:d1:4d:26:b7:e6:6d:ef:20:1c:6e:0c:06:
cc:c7:08:e9:e2:86:f7:5a:93:04:c4:8b:43:f8:d9:a8:43:42:
9a:44:11:ba:4e:2f:ca:4d:ef:e8:35:94:64:26:19:60:64:55:
bc:64:ba:2b:7e:63:74:95:52:5d:de:69:4f:2f:88:9f:c2:1e:
34:e7:6b:c6:22:5c:42:e0:d4:8a:e5:21:72:f9:0a:1a:0e:c5:
83:1f:e2:97:bc:ed:a1:eb:49:b2:75:b9:49:58:61:87:2c:2f:
5a:b9:28:c2:e4:ab:4e:46:5d:02:cc:40:b1:49:9e:07:a2:59:
6c:12:dc:93:d0:08:8b:c7:80:b6:26:e3:1f:77:db:7e:55:8b:
3c:81:7d:53
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO3nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTY0MzAyWhcNMjcxMjEyMTY0MzAyWjAYMRYw
FAYDVQQDEw02NzZkODc5YS05MzBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuKzDmStJUQ5jjqRe4TjDeJyoju7wxWT37AEF77y81G34w5sUhVapUxmF
BTKBnicvg+dRjboUoOK+AH8ChB1S6xdMLsZLxTSPFUlXQfBZrUmOn9Q/APq86eB5
3OP+uJwdUg5I2cBNaMFs3eLZtBImyMvFLdALzYOw2912BEd+1DhrFJDl343m1cp/
o1zv75ruG8ppnrsjg4IA/EGNz3/z/wakBnow0UYoW9iH5Sl6n63HYqM34lyGq8KD
Qd63smlcDncS7x4Jn/mbSTk+fKE9QdxpUEtvvreFGds6aApcyWUPA+MfDgBgb/QI
gUKnGyQdxKmH55wfx48JuHJxU6lU0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHmj
z2++M78/MVEPJHBlcK68xgkAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QjMzQTZFOEMzQTgxMUVGQjNCNEJDNDc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcjeMA0GCSqGSIb3DQEBCwUA
A4IBAQBQRoKNWp6f4ro7skcTScN1XCJroP5Ytt6umFywuYuAcJOhhYYLYMnMmr4W
Joh1hHHTsUzeXwmHQ7sKUS2vQbGRTb7oluVNatSa0kGRUowuNhjmwDQdWBgh6iLj
jg7ILUXDkcayuBkpGc5tOsyxjW4oGHDRTSa35m3vIBxuDAbMxwjp4ob3WpMExItD
+NmoQ0KaRBG6Ti/KTe/oNZRkJhlgZFW8ZLorfmN0lVJd3mlPL4ifwh4052vGIlxC
4NSK5SFy+QoaDsWDH+KXvO2h60mydblJWGGHLC9auSjC5KtORl0CzECxSZ4Holls
EtyT0AiLx4C2JuMfd9t+VYs8gX1T
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:25 2025 by rpki-client