Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CFEB318C3B711EF99F206A4762E951A.roa
File: 8CFEB318C3B711EF99F206A4762E951A.roa (raw, json)
Hash identifier: fYATUjzkU78PaYtmkJUm48NO6rg2GUubO3Luc4w5wm4=
Subject key identifier: 63:12:28:CC:9D:78:3B:1D:4A:30:87:C3:B1:90:50:E1:F9:76:9E:FC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE85
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CFEB318C3B711EF99F206A4762E951A.roa
Signing time: Thu 26 Dec 2024 18:30:58 +0000
ROA not before: Thu 26 Dec 2024 18:30:55 +0000
ROA not after: Sun 12 Dec 2027 18:30:55 +0000
asID: 17561
IP address blocks: 45.207.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61061 (0xee85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 18:30:55 2024 GMT
Not After : Dec 12 18:30:55 2027 GMT
Subject: CN=676da0e2-146a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cb:ab:b7:e4:3c:29:52:4b:cb:a7:b1:b8:75:
66:08:f3:18:dc:11:d9:98:e1:21:ee:19:ab:3e:33:
d8:54:a6:87:67:10:e4:27:7d:ed:be:57:23:bd:bd:
33:98:7e:a0:e2:38:cd:7f:9a:5f:89:a5:a8:fd:09:
2f:52:29:14:03:d0:ac:49:86:39:4e:7b:25:35:5e:
b3:57:75:2f:be:0c:60:6f:65:28:1d:dd:01:b1:48:
59:c6:90:56:9e:4a:4e:5b:8a:c7:af:e6:8a:54:f2:
9c:11:3d:50:95:6e:fe:d3:b3:4b:b0:29:41:89:30:
92:91:99:df:cb:27:35:31:a0:e0:d8:53:41:67:40:
dc:ef:e5:7e:19:58:5d:bd:1c:72:ae:4f:e0:05:42:
55:a7:a5:ca:90:e4:5c:75:0d:c0:68:29:96:36:50:
b6:e9:30:2e:62:18:9d:73:46:7a:fe:0a:a3:d8:1f:
e3:55:bc:54:be:2f:ae:39:b3:bc:60:e9:53:fa:1f:
96:77:29:de:3d:cb:4d:eb:ac:97:b1:07:bb:c0:53:
c0:a2:23:14:e7:00:b4:25:d5:a1:c9:bb:de:c9:c2:
71:c6:45:5f:24:0f:28:52:c9:ef:fd:31:e8:7b:8e:
b0:18:ec:81:68:ef:56:c7:6e:dd:6f:4e:e3:eb:8a:
6d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:12:28:CC:9D:78:3B:1D:4A:30:87:C3:B1:90:50:E1:F9:76:9E:FC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CFEB318C3B711EF99F206A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.131.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:d5:80:83:90:fd:da:6a:b7:12:b7:9f:3d:95:13:31:f9:ee:
5d:ac:7d:c1:38:92:90:6c:82:5a:fc:e8:95:dc:c9:3e:8c:60:
57:0b:24:e5:cb:6b:0a:d6:f3:78:9c:fc:dc:ed:61:8c:5f:f3:
75:b0:03:6f:1a:d8:42:3a:06:31:62:72:13:74:07:ce:b1:81:
a1:bd:77:c3:5f:6d:ed:3d:e2:86:6c:86:e7:91:06:21:50:ee:
39:20:d6:74:b2:64:7a:53:6d:54:94:b3:68:f6:46:c7:e2:29:
24:20:ef:e1:3c:2b:ee:ba:ee:b4:a3:aa:af:ed:2e:24:8d:92:
d5:a3:b1:da:2f:3d:57:b7:c2:5d:f4:c7:9b:ac:47:74:46:cc:
09:d6:f4:c0:f2:64:e6:41:33:c4:7b:88:12:d5:82:57:7c:00:
42:7b:0c:68:8a:ce:53:69:3a:56:68:ca:5f:b9:76:5c:2f:7f:
7f:f1:fd:cd:36:2f:77:46:3f:94:2a:c3:f7:a9:4b:80:aa:b8:
fd:7c:89:44:b3:ea:99:76:35:af:e2:8f:23:37:0e:78:b6:93:
b2:89:ef:33:d3:dd:0a:f3:96:ed:53:f7:cc:a8:38:e9:2a:83:
cf:5e:4a:45:55:c0:32:bb:48:41:b8:04:17:9b:ed:fd:35:18:
cb:3d:61:fd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO6FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTgzMDU1WhcNMjcxMjEyMTgzMDU1WjAYMRYw
FAYDVQQDEw02NzZkYTBlMi0xNDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAocurt+Q8KVJLy6exuHVmCPMY3BHZmOEh7hmrPjPYVKaHZxDkJ33tvlcj
vb0zmH6g4jjNf5pfiaWo/QkvUikUA9CsSYY5TnslNV6zV3Uvvgxgb2UoHd0BsUhZ
xpBWnkpOW4rHr+aKVPKcET1QlW7+07NLsClBiTCSkZnfyyc1MaDg2FNBZ0Dc7+V+
GVhdvRxyrk/gBUJVp6XKkORcdQ3AaCmWNlC26TAuYhidc0Z6/gqj2B/jVbxUvi+u
ObO8YOlT+h+WdynePctN66yXsQe7wFPAoiMU5wC0JdWhybveycJxxkVfJA8oUsnv
/THoe46wGOyBaO9Wx27db07j64ptMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGMS
KMydeDsdSjCHw7GQUOH5dp78MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84Q0ZFQjMxOEMzQjcxMUVGOTlGMjA2QTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+DMA0GCSqGSIb3DQEBCwUA
A4IBAQCL1YCDkP3aarcSt589lRMx+e5drH3BOJKQbIJa/OiV3Mk+jGBXCyTly2sK
1vN4nPzc7WGMX/N1sANvGthCOgYxYnITdAfOsYGhvXfDX23tPeKGbIbnkQYhUO45
INZ0smR6U21UlLNo9kbH4ikkIO/hPCvuuu60o6qv7S4kjZLVo7HaLz1Xt8Jd9Meb
rEd0RswJ1vTA8mTmQTPEe4gS1YJXfABCewxois5TaTpWaMpfuXZcL39/8f3NNi93
Rj+UKsP3qUuAqrj9fIlEs+qZdjWv4o8jNw54tpOyie8z090K85btU/fMqDjpKoPP
XkpFVcAyu0hBuAQXm+39NRjLPWH9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:01 2025 by rpki-client