Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C64641AC3AE11EF946A7C6C762E951A.roa
File: 8C64641AC3AE11EF946A7C6C762E951A.roa (raw, json)
Hash identifier: /fzaUaliGwSkKyQc7cqCyT9nF1tNRF27YrDJw90jx8o=
Subject key identifier: 99:13:69:22:0A:30:43:4D:9F:49:65:97:4B:79:47:F7:E4:CC:5C:C5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE27
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C64641AC3AE11EF946A7C6C762E951A.roa
Signing time: Thu 26 Dec 2024 17:26:32 +0000
ROA not before: Thu 26 Dec 2024 17:26:28 +0000
ROA not after: Sun 12 Dec 2027 17:26:28 +0000
asID: 17561
IP address blocks: 45.200.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60967 (0xee27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 17:26:28 2024 GMT
Not After : Dec 12 17:26:28 2027 GMT
Subject: CN=676d91c8-c43a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a1:ee:50:c2:46:16:ac:a5:78:af:1b:37:41:
0b:cf:82:66:40:ad:6d:0f:90:02:59:e5:f9:77:4f:
c6:36:43:b3:3f:1b:ba:e7:49:8d:dc:67:45:fa:35:
15:8b:0e:f8:bf:17:eb:c3:53:7b:2c:61:0f:66:12:
7e:9d:2a:02:d1:42:46:7d:b5:3e:10:9f:36:b5:89:
22:f2:71:93:6e:5a:d9:12:14:37:4f:40:f9:fd:1a:
34:cc:25:87:01:54:2c:82:fd:cf:c2:19:be:e7:aa:
e9:32:90:43:a7:b1:c6:93:5c:f5:a1:1f:4a:6b:a0:
d2:fa:c9:6e:8b:e2:ac:ac:d1:b6:a3:5f:71:6f:d1:
1c:56:a1:8c:5c:70:af:00:4f:ac:fe:88:c2:00:55:
a4:d8:93:4c:78:e9:c0:9a:cf:01:11:fb:37:24:62:
e6:ac:b1:37:d2:07:b2:99:c5:5f:73:05:24:8e:5d:
f6:0c:4e:f4:7b:e0:09:0f:3d:6f:9d:17:37:e9:b2:
7d:25:1c:54:6c:de:1b:94:d4:ce:bf:ad:59:07:3f:
c0:5c:6b:07:f0:3f:08:c6:0c:ad:42:54:28:d5:fc:
0c:65:23:79:20:80:ae:7a:aa:f2:d4:f7:ec:c9:14:
c7:3f:fc:79:94:6f:ba:b4:48:c6:cc:5f:fc:fe:5e:
60:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:13:69:22:0A:30:43:4D:9F:49:65:97:4B:79:47:F7:E4:CC:5C:C5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C64641AC3AE11EF946A7C6C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.254.0/24
Signature Algorithm: sha256WithRSAEncryption
33:76:7c:57:03:57:5d:74:e0:d1:4a:77:45:6a:1f:c5:f3:27:
1d:1b:60:e1:a9:13:a0:87:c8:bf:e5:d5:21:39:07:03:ca:8a:
ef:49:d1:66:7d:02:92:53:c8:2a:d9:1b:db:4d:6a:9e:8a:cd:
c7:17:ec:41:bc:c5:d1:74:8b:b0:29:7d:b5:95:7d:10:35:73:
0b:b3:c2:7a:99:c0:a8:9c:9f:31:d2:8d:bf:17:5f:4a:f6:7f:
8b:f6:98:7d:59:a9:96:84:4f:76:2b:4e:50:df:d5:d4:50:8f:
6e:c6:d0:ec:6f:74:77:81:07:15:29:f7:d3:b5:e3:98:67:79:
3f:18:2b:ef:b7:d9:72:3a:98:25:8e:9c:32:94:42:96:d4:78:
8a:79:9d:0a:df:52:3d:4a:ae:c9:85:58:39:2a:26:87:76:3d:
c4:b2:2a:67:e2:fc:05:36:24:b8:5f:a5:57:98:20:89:19:e9:
26:82:65:45:35:b9:55:b7:b6:5a:eb:73:87:0a:5a:c3:fc:53:
37:32:61:e5:65:aa:93:ac:dc:72:37:94:f7:ff:87:4f:26:6a:
d1:f9:4e:97:fa:0b:a3:3a:cd:0e:2b:3f:7a:33:48:c6:b7:5e:
30:68:ad:66:61:ae:f8:87:56:67:64:5e:5b:ad:81:47:c2:92:
64:53:4e:d4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO4nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTcyNjI4WhcNMjcxMjEyMTcyNjI4WjAYMRYw
FAYDVQQDEw02NzZkOTFjOC1jNDNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuqHuUMJGFqyleK8bN0ELz4JmQK1tD5ACWeX5d0/GNkOzPxu650mN3GdF
+jUViw74vxfrw1N7LGEPZhJ+nSoC0UJGfbU+EJ82tYki8nGTblrZEhQ3T0D5/Ro0
zCWHAVQsgv3Pwhm+56rpMpBDp7HGk1z1oR9Ka6DS+slui+KsrNG2o19xb9EcVqGM
XHCvAE+s/ojCAFWk2JNMeOnAms8BEfs3JGLmrLE30geymcVfcwUkjl32DE70e+AJ
Dz1vnRc36bJ9JRxUbN4blNTOv61ZBz/AXGsH8D8IxgytQlQo1fwMZSN5IICueqry
1PfsyRTHP/x5lG+6tEjGzF/8/l5g3QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJkT
aSIKMENNn0lll0t5R/fkzFzFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QzY0NjQxQUMzQUUxMUVGOTQ2QTdDNkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcj+MA0GCSqGSIb3DQEBCwUA
A4IBAQAzdnxXA1dddODRSndFah/F8ycdG2DhqROgh8i/5dUhOQcDyorvSdFmfQKS
U8gq2RvbTWqeis3HF+xBvMXRdIuwKX21lX0QNXMLs8J6mcConJ8x0o2/F19K9n+L
9ph9WamWhE92K05Q39XUUI9uxtDsb3R3gQcVKffTteOYZ3k/GCvvt9lyOpgljpwy
lEKW1HiKeZ0K31I9Sq7JhVg5KiaHdj3Esipn4vwFNiS4X6VXmCCJGekmgmVFNblV
t7Za63OHClrD/FM3MmHlZaqTrNxyN5T3/4dPJmrR+U6X+gujOs0OKz96M0jGt14w
aK1mYa74h1ZnZF5brYFHwpJkU07U
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:48 2025 by rpki-client