Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D100644C3A511EFBE48E4B2762E951A.roa
File: 7D100644C3A511EFBE48E4B2762E951A.roa (raw, json)
Hash identifier: U6JI2kM8CvGaV5bk4fgFj862ycE8noOrfR+DiWLE330=
Subject key identifier: C9:5F:B5:A4:81:2F:85:D0:9C:08:68:13:53:A4:ED:C3:57:29:CB:4A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDC7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D100644C3A511EFBE48E4B2762E951A.roa
Signing time: Thu 26 Dec 2024 16:21:41 +0000
ROA not before: Thu 26 Dec 2024 16:21:37 +0000
ROA not after: Sun 12 Dec 2027 16:21:37 +0000
asID: 17561
IP address blocks: 45.200.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60871 (0xedc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 16:21:37 2024 GMT
Not After : Dec 12 16:21:37 2027 GMT
Subject: CN=676d8295-d338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:09:61:80:0d:de:97:87:a1:65:f0:f0:f8:09:
01:be:e7:a1:28:53:28:7f:18:df:de:f7:ed:b8:3a:
1e:ce:1f:32:b0:f9:d8:db:35:49:a0:8e:ea:70:87:
ec:27:15:bf:f1:8c:e6:55:c9:bf:76:3b:61:6d:cf:
73:f6:b8:3c:30:c9:66:44:6d:bd:1a:65:5f:72:56:
c5:bb:01:11:6f:42:61:da:87:d0:a2:e2:86:1d:d8:
61:61:ed:7f:68:15:da:16:af:fc:8a:7d:52:0d:67:
8f:a3:c9:be:d5:df:8c:14:41:0e:46:82:23:27:ed:
07:ae:8f:7f:c8:21:21:51:9b:3e:f7:d9:ac:ae:15:
f3:97:23:9b:e8:29:f5:2e:69:4c:58:93:ff:72:a7:
6c:e4:b8:6f:ee:6a:ff:26:8d:f0:f5:78:ec:5c:3e:
ad:ce:8d:32:f5:53:3b:c4:a3:64:57:d4:e9:1f:e5:
69:f0:70:93:c1:7b:6e:36:86:c0:e4:6b:6b:78:b8:
d0:db:b3:73:c5:38:e3:62:fb:c5:aa:0a:cf:2f:bf:
26:9c:97:ce:ed:03:82:29:59:21:9e:0c:2a:3a:46:
70:60:ad:ea:50:47:79:51:69:f3:ae:ce:66:35:bc:
69:37:f6:40:74:d0:19:13:f0:5e:e3:05:8a:26:80:
e9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5F:B5:A4:81:2F:85:D0:9C:08:68:13:53:A4:ED:C3:57:29:CB:4A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D100644C3A511EFBE48E4B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.206.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:93:98:ca:3b:17:7f:10:dc:6c:f4:1c:a5:42:00:09:53:93:
a8:49:f9:2f:db:2d:71:e7:dd:11:3d:dc:a8:ad:f2:9c:0e:a0:
85:d1:2f:0b:b4:bf:29:e9:2d:1d:f4:de:7c:71:c9:0b:a5:5a:
bb:ff:2c:df:81:9e:07:9d:a0:9c:26:a9:46:94:52:58:c9:b9:
64:1c:93:aa:6c:00:27:85:be:98:95:9d:13:e5:00:0a:46:86:
c4:c0:97:5f:6f:96:15:59:8c:16:43:ea:0f:ac:e0:72:97:7e:
55:8f:74:ba:24:a2:1c:1f:63:54:a8:b1:63:4f:a0:9f:1a:3c:
20:f0:bb:1a:7f:5c:1a:0b:d8:05:e0:27:6c:89:ee:c7:dc:86:
00:ac:f3:2c:c0:6b:7c:fb:e7:ea:e7:71:ee:da:4f:70:d8:79:
ee:c5:c6:db:5e:68:46:b7:22:45:6f:46:35:fb:b4:11:04:79:
20:7b:e8:a1:1a:a6:71:b0:68:b6:fd:6c:d7:4d:0d:eb:a0:16:
13:bd:1c:cc:b4:d4:7c:20:ec:aa:d9:e3:dc:67:e4:36:c2:6c:
c8:cf:98:7f:6d:7d:ae:46:58:9a:93:b8:35:51:3f:8b:7f:68:
05:ef:99:ec:b0:9c:4b:4e:8d:e6:89:0d:ae:01:7c:4a:51:c3:
53:96:4f:03
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO3HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTYyMTM3WhcNMjcxMjEyMTYyMTM3WjAYMRYw
FAYDVQQDEw02NzZkODI5NS1kMzM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtglhgA3el4ehZfDw+AkBvuehKFMofxjf3vftuDoezh8ysPnY2zVJoI7q
cIfsJxW/8YzmVcm/djthbc9z9rg8MMlmRG29GmVfclbFuwERb0Jh2ofQouKGHdhh
Ye1/aBXaFq/8in1SDWePo8m+1d+MFEEORoIjJ+0Hro9/yCEhUZs+99msrhXzlyOb
6Cn1LmlMWJP/cqds5Lhv7mr/Jo3w9XjsXD6tzo0y9VM7xKNkV9TpH+Vp8HCTwXtu
NobA5GtreLjQ27NzxTjjYvvFqgrPL78mnJfO7QOCKVkhngwqOkZwYK3qUEd5UWnz
rs5mNbxpN/ZAdNAZE/Be4wWKJoDpIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMlf
taSBL4XQnAhoE1Ok7cNXKctKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RDEwMDY0NEMzQTUxMUVGQkU0OEU0QjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcjOMA0GCSqGSIb3DQEBCwUA
A4IBAQCgk5jKOxd/ENxs9BylQgAJU5OoSfkv2y1x590RPdyorfKcDqCF0S8LtL8p
6S0d9N58cckLpVq7/yzfgZ4HnaCcJqlGlFJYyblkHJOqbAAnhb6YlZ0T5QAKRobE
wJdfb5YVWYwWQ+oPrOByl35Vj3S6JKIcH2NUqLFjT6CfGjwg8Lsaf1waC9gF4Cds
ie7H3IYArPMswGt8++fq53Hu2k9w2HnuxcbbXmhGtyJFb0Y1+7QRBHkge+ihGqZx
sGi2/WzXTQ3roBYTvRzMtNR8IOyq2ePcZ+Q2wmzIz5h/bX2uRliak7g1UT+Lf2gF
75nssJxLTo3miQ2uAXxKUcNTlk8D
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:21 2025 by rpki-client